5 Replies Latest reply on Mar 9, 2010 10:27 AM by argint

    Public question to McAfee

      Dear McAfee

       

      I have been reluctant to approach your support structure for my own reasons.

      However, I am now publicly asking you, your company and your conscience to answer one question:

       

       

      As one of the major providers of "security" products on the face of the planet earth:

       

      "Do you think this product/service ToPs is a creditable product, given the time it has been on the market?"

       

      If you say yes, i will phone any product manager you care to suggest, and I will repeat everything I have ever said, starting with the firewall.

       

      I am willing for one of your specialists to visit our company, watch how it works in real life, AND, if that specialist you send, can talk me out of my concerns, on a strict technical basis, I will pay that persons hotel bill.

       

      Are you prepared to take my offer up?

       

      Regards

       

      Argint (perfect target audience)

        • 1. Re: Public question to McAfee

          Great offer Argint. Lets wait n see whats gonna happen with this one now !!!

          • 2. Re: Public question to McAfee

            From a personal perspective, I never use the firewall products from the antivirus firms and even Zone alarm in my opinion is a POS...Norton Internet Security, the Mcafee Firewall, and Trend Firewall are designed to provide a basic level of protection (like the windows 2008 firewall, POS as that is too now), while attempting to not cause undue grief to the end user .  These products are typically not used by a corporate IT team, but an End user who isn't willing to accept that their app does not work because it doesn't use a well known port and on 75% of SMB and home markets, you can't design your product around allowing ports 80,443, 20/21, and 25 (since many still use smtp email apps) and expect not to get hammered tech support wise.

             

            Sure they can try and build some IPS intelligence into them, but out of the 100+ clients I support, there are always the "Tech Saavy" owners (so they think) who install everything under the damn sun and expects it to work.  Only the most advanced IPS systems will work due to the sheer number of poorly written, non standard applications out there.

             

            Hell on my own network where I run ISA Server I typically run into tons of issues with apps not working until I find all the primary and secondary connections alot of the apps I use (or test).  If I had to either deal with the popups or allow every application under the sun I'd kill myself...and my clients would probably kill me too.

             

            Long story short, I don't plan on rolling out the firewall to my 100+ clients as I don't need the hassle.  In the SMB Market, I allow everything except IRC outbound and deal with the problems on the client side if necessary.

            If you are an internal IT supprot at an SMB, and that much control is needed, then use a combination of the AV and Web Filtering (call it cheaper websense) and lock down outgoing traffic at the firewall.  You won't miss the software based firewall's.

            • 3. Re: Public question to McAfee

              Hi

               

              I have passed your offer/request on to the relevant department.

               

              Many thanks

              • 4. Re: Public question to McAfee

                Hi Rumple - I can see where you are coming from. In our circumstances, I consider all employees as road warriors. They are rarely in a fixed place at any time. With ToPS, the personal firewall represents something I feel we need even at a bare minimum. The central administration of that facility is crucial. We do have a strong policy in not allowing the installation of any software without senior approval.

                 

                So, I pretty much know what each machine will have installed and what I can expect to see accessing the internet. I know the firewall isnt foolproof, but I feel happier having it in place due to the way we work.

                 

                I know we cannot expect things to change overnight, but we have used the product for 2 years and the managebility of that section in particular has been pretty painful to say the least from the security center. I really imagined at the beginning that this would receive constant review and updating, but not a lot has happened in those two years in that area. Its as much a case of usability. I would suggest they have the information, its just not userfriendly or manageable when the number of nodes increases, in our case 34.

                 

                I also agree with your earlier points, if the criticism is done in a detailed way then perhaps people will see the light. I have certainly felt more than frustrated, last year I through my heart and soul generating bug reports, screen grabs, detailed explanations.Obviously they have to consider impact of changes, but the firewall section needs serious thought and consideration, I have tried to outline very clearly in another thread my main concerns

                 

                I feel somewhat heartened that you have had a positive conversation with the appropriate people. I had a similar call last year and felt sure something might happen.

                 

                So - lets all be polite, detailed in our suggestions from real world use, and hope for the best???

                 

                Regards

                 

                Argint

                 

                .

                • 5. Re: Public question to McAfee

                  lol. The representative, of course, would have to by me a beer.