Firewall/VPN Question to ask a sales guy

[Vegito]

I got a sales guy coming tomorrow...

i'm just doing a basic firewall / site to site vpn.. what are some basic question I should ask the dude ? give me some hard one..

 

[Hermann]

Encryption type / level.
Download specsheet on the competing products, see what they do.

 

[n0cmonkey]

Price

You arent going to get good/straight answers from a sales guy. One of the best things to do would be to do a couple of searches, especially on securiy sites, on the product he is going to try to sell you. Print off a page or two and ask him specific questions about those flaws. If you dont mind posting the following information, let us know what product this guy is selling.

 

[JustinLerner]

Firewall, ask what you want. (What hardware, software is implemented, how is it monitored and service levels maintained.)

VPN (site to site). What type of hardware (VPN server), clients are recommended? What QoS and reliability, data rate guarantees (if with ISP), how changes and additions can be made, billed.

Like already mentioned, what types of protocols will you use (encapsulate) over the PPTP/L2TP VPN, what levels of encryption are recommended and what is the full effect of different levels of encryption on actual data throughput? (You will be surprised at how much bandwidth is used by encryption as it becomers more secure, with greater bit depth. I also assume IP is used as the VPN transport, otherwise there will be no way to ecrypt and transport your protocol across the internet.) Of course, if your business has point-to-point circuits (usually leased lines), then you can use ANY protocol your business prefers.

Hope this helps

 

[lowtech1]

Does it have IDS, IPsec, PPTP, DHCLIENT, DHCP, PPPoE, Compression ratio, fault tolerance?

 

[Tallgeese]

!!!REMEMBER THE OSI MODEL!!!

P = Please
D = Do
N = Not
T = Take
S = Sales
P = People's
A = Advice

 

[Rhi]

Roflmao!


-Rhi

 

[Garion]

Things I'd ask:

Price
Type Encryption (3DES or "Triple DES" is pretty much mandatory)
Throughput for non-encrypted traffic
Throughput for encrypted traffic
Will it support both end-user VPN and site-to-site VPN at the same time?
Management type - command line or GUI
Their history with attacks
When there's a bug/hole found in their product, what's their average time to fix?
What's their support plan - How long to fix/replace?
Fault tolerance - Redundant power supplies, etc?
How do you upgrade the software when they release a new version? Some are easy, some are very hard..
Do they support "split tunnels" or just dedicated tunnels for end-user VPN's, if you're going to use them? (Split tunnels are nice for some things, but have some very serious security issues. )

- G

 

[Vegito]

Actually the model they want to sell are the netscreen 204 which is what I wanted..

so I pretty much know the answer for half of them, + my other friends are using it in his work place.. but you know how sales are, try to screw you out of every bit..

but thanks for the input.. i'll tack them on to the exisiting list of questions...

 

[spidey07]

trying to ask a salesguy technical questions will just cause you to go insane.

the only real thing you should be asking him is "I want 40% off retail, and 20% off maintenance"

 

[Santa]

something the sales person should know.. How many clients or concurrent tunnels can the device support or is limited to support. If it is a lower number and you may outgrow are there any upgrade paths.

How much for the model that will fit your needs now and has the expandability in the future.

Get more info on how you install rules and policy and client software. (may need a visit from technical expert) This should show you how easy or hard it is to support after the sale.

 

[Tallgeese]

<< something the sales person should know.. How many clients or concurrent tunnels can the device support or is limited to support. >>

no salesperson I've EVER met would be able to answer that without a pre-sales engineer.

If you have technical questions, make sure such an individual is available (via phone or whatever) when the salesdroid comes calling...

Just my $.02

 

[Santa]

Biggest sellers on Firewall/VPN are the concurrent connections, client software license, managment utilites, and perhaps fault tolerance abilites.

If the sales person can't at least answer the difference between his differnt models of product then perhaps its time to move on to the next sales person / technical expert / or firewall vendor altogether.

There aren't many choices to chose from in buying the firewall box and the prices should speak for themselves. Just understand what you need in terms of connectivity and you should be able to pick and compare your product.

 

[m2kewl]

<< !!!REMEMBER THE OSI MODEL!!! P = Please D = Do N = Not T = Take S = Sales P = People's A = Advice >>



LMAO!!