Besides not knowing who these guys are and therefore being unable to check their track record, I am frustrated by the fact that they have provided no documentation other than two pages on how to turn the devices on. This doesn't happen with a big vendor. Cisco, for example, provides copious amounts of technical documentation. I've asked the mystery vendor for more documentation, and the people there keep trying to placate me by saying, "Let us know when you want to install, and we will walk you through it." I don't want them to walk me through it. I want them to provide me with what I need and then get out of my way.

Making things right

So, what do you do when you've made a big mistake? Step 1, admit you were wrong. Don't lay blame or pass the buck. Come on, say it out loud with me: "I was wrong. I made a mistake. Now I must make things right." "Making things right" means figuring out how to repurpose the devices.

I have eight of them. I could pack them up and ship them back to the vendor. But the devices are basically just appliances running open-source software for the various components, like Openswan for IPsec VPN functionality. Why can't I reconfigure them with Snort and use them as network sensors?

I wanted real firewalls, not a do-it-all (and maybe do-it-all-poorly) appliance. But selecting the right firewall and implementing it was not my biggest concern. I was going to have to go to my boss and explain to him why these appliances are too risky to implement and how I would like to repurpose them. Then I would have to get him to approve the purchase of several commercial firewalls. Ouch.