From owner-freebsd-security  Sun Oct  8  5:14:42 2000
Delivered-To: freebsd-security@freebsd.org
Received: from peak.mountin.net (peak.mountin.net [207.227.119.2])
	by hub.freebsd.org (Postfix) with ESMTP id 23D9737B502
	for <freebsd-security@FreeBSD.ORG>; Sun,  8 Oct 2000 05:14:38 -0700 (PDT)
Received: (from daemon@localhost)
	by peak.mountin.net (8.9.1/8.9.1) id HAA22114;
	Sun, 8 Oct 2000 07:14:37 -0500 (CDT)
	(envelope-from jeff-ml@mountin.net)
Received: from dial-67.max1.wa.cyberlynk.net(207.227.118.67) by peak.mountin.net via smap (V1.3)
	id sma022112; Sun Oct  8 07:14:12 2000
Message-Id: <4.3.2.20001008070308.00b9ae90@207.227.119.2>
X-Sender: jeff-ml@207.227.119.2
X-Mailer: QUALCOMM Windows Eudora Version 4.3
Date: Sun, 08 Oct 2000 07:13:17 -0500
To: David Talkington <dtalk@prairienet.org>,
	"freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG>
From: "Jeffrey J. Mountin" <jeff-ml@mountin.net>
Subject: Re: Check Point FW-1
In-Reply-To: <Pine.LNX.4.21.0010080405010.6829-100000@sherman.spotnet>
References: <200010080427.PAA19412@cairo.anu.edu.au>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

At 04:34 AM 10/8/00 -0500, David Talkington wrote:

>Yeah, I wonder if my (item b) instinct was unfair.  David Pick
>mentioned herein the possibility that the company might not even WANT
>the expertise to be in-house, and while his scenario was pretty ugly,
>it suggests a more benign one ... if the company goes with an
>open-source solution, and you're the only one on staff who knows how
>to use it, they are then dependent on your talent. Great for you, but
>bad for them, if turnover is high. At least a purchased solution
>ensures some kind of support no matter who leaves the company.
>
>Your thoughts on this?  Seems like a valid concern, and not one that I
>had considered.  (Perhaps I'm naive ... )

That is why they should require documentation.  Your peers, if any, should 
be able to follow it and fill in at need.

Another reason why they may not wish to go with "in-house" talent is the 
idea to out source.  Companies do this so they don't have to pay for a 
full-time employee or reallocate internal resources for projects.  In some 
cases it is worthwhile.  Other times it's an endless black hole.  Can only 
blame the suits for taking this idea too far at times.


Jeff Mountin - jeff@mountin.net
Systems/Network Administrator
FreeBSD - the power to serve



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message