RE: VMS cluster behind a *NIX firewall - VMS

This is a discussion on RE: VMS cluster behind a *NIX firewall - VMS ; > -----Original Message----- > From: Anton Shterenlikht [mailto:mexas@bristol.ac.uk] > Sent: August 1, 2007 7:25 AM > To: Info-VAX@Mvb.Saic.Com > Subject: Re: VMS cluster behind a *NIX firewall > > On Tue, Jul 31, 2007 at 08:45:34PM -0500, Paul Raulerson wrote: ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: RE: VMS cluster behind a *NIX firewall

  1. RE: VMS cluster behind a *NIX firewall

    > -----Original Message-----
    > From: Anton Shterenlikht [mailto:mexas@bristol.ac.uk]
    > Sent: August 1, 2007 7:25 AM
    > To: Info-VAX@Mvb.Saic.Com
    > Subject: Re: VMS cluster behind a *NIX firewall
    >
    > On Tue, Jul 31, 2007 at 08:45:34PM -0500, Paul Raulerson wrote:
    > >
    > > It sounds to me like our friend here is involved in a "prove it!"

    > issue with
    > > the VMS systems, and so getting them up and running is more

    > profitable than
    > > worrying about SPOF issues right now; let the SPOF issues become

    > a problem
    > > for the "unix people" would be my way of handling it.

    >
    > that's about right
    >
    > --
    > Anton Shterenlikht
    > Room 2.6, Queen's Building
    > Mech Eng Dept
    > Bristol University
    > University Walk, Bristol BS8 1TR, UK
    > Tel: +44 (0)117 928 8233
    > Fax: +44 (0)117 929 4423


    Anton,

    Is the concern the network folks have related to non-TCPIP protocols on thenet or OpenVMS itself?

    If it is network protocols, they are worried about, then setting up a private VLAN for the cluster SCS traffic and restricting the primary NICs to TCPIP only would solve that.

    If they are worried about OpenVMS security, I guess that is a an education problem.

    [Can't help smiling on this - what they are doing is like protecting a police station by placing a rent-a-cop in front of it.]

    :-)

    Here are a few security whitepapers that may be of interest to your networkfolks:

    http://h71028.www7.hp.com/ERC/downlo...A0-2896ENW.pdf
    This whitepaper presents an overview of OpenVMS security and its role in enterprise business continuity. The whitepaper supports the conclusion that IT environments requiring elevated security capabilities need OpenVMS now more than ever, whether on HP Integrity servers, AlphaServer systems, or a combination of both. (November 2005)

    http://h71000.www7.hp.com/openvms/wh...s/TCS_2004.pdf
    Techwise Research - This whitepaper provides a detailed comparison of potential vulnerabilities and security-related cluster crashes for HP OpenVMS, IBM AIX, and Sun Solaris Server Clusters. (June 2004)



    Regards


    Kerry Main
    Senior Consultant
    HP Services Canada
    Voice: 613-592-4660
    Fax: 613-591-4477
    kerryDOTmainAThpDOTcom
    (remove the DOT's and AT)

    OpenVMS - the secure, multi-site OS that just works.




  2. Re: VMS cluster behind a *NIX firewall

    In article ,
    "Main, Kerry" writes:
    >> -----Original Message-----
    >> From: Anton Shterenlikht [mailto:mexas@bristol.ac.uk]
    >> Sent: August 1, 2007 7:25 AM
    >> To: Info-VAX@Mvb.Saic.Com
    >> Subject: Re: VMS cluster behind a *NIX firewall
    >>
    >> On Tue, Jul 31, 2007 at 08:45:34PM -0500, Paul Raulerson wrote:
    >> >
    >> > It sounds to me like our friend here is involved in a "prove it!"

    >> issue with
    >> > the VMS systems, and so getting them up and running is more

    >> profitable than
    >> > worrying about SPOF issues right now; let the SPOF issues become

    >> a problem
    >> > for the "unix people" would be my way of handling it.

    >>
    >> that's about right
    >>

    > Anton,
    >
    > Is the concern the network folks have related to non-TCPIP protocols on the=
    > net or OpenVMS itself?
    >
    > If it is network protocols, they are worried about, then setting up a priva=
    > te VLAN for the cluster SCS traffic and restricting the primary NICs to TCP=
    > IP only would solve that.


    Sadly, that will not protect the bandwidth if they percieve the protocol
    as too "chatty". You would need an entire, separate physical network.
    Which is, of course, also doable.

    >
    > If they are worried about OpenVMS security, I guess that is a an education =
    > problem.
    >
    > [Can't help smiling on this - what they are doing is like protecting a poli=
    > ce station by placing a rent-a-cop in front of it.]
    >
    >:-)


    Your opinion. The rest of the industry just doesn't see your "legacy"
    product as offering any increase in security that it needs over Unix.
    Of course, you have this notion that every Unix box ont he planet is
    hacked at least 5 times a day and evidence to the contrary is just
    swept aside.

    >
    > Here are a few security whitepapers that may be of interest to your network=
    > folks:
    >
    > http://h71028.www7.hp.com/ERC/downlo...A0-2896ENW.pdf
    > This whitepaper presents an overview of OpenVMS security and its role in en=
    > terprise business continuity. The whitepaper supports the conclusion that I=
    > T environments requiring elevated security capabilities need OpenVMS now mo=
    > re than ever, whether on HP Integrity servers, AlphaServer systems, or a co=
    > mbination of both. (November 2005)
    >
    > http://h71000.www7.hp.com/openvms/wh...s/TCS_2004.pdf
    > Techwise Research - This whitepaper provides a detailed comparison of poten=
    > tial vulnerabilities and security-related cluster crashes for HP OpenVMS, I=
    > BM AIX, and Sun Solaris Server Clusters. (June 2004)


    A lot of old drivel from a biased source. It is doubtful it was accurate
    when written, but it is rather long int he tooth today. Surely you can
    do better.

    bill

    --
    Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
    bill@cs.scranton.edu | and a sheep voting on what's for dinner.
    University of Scranton |
    Scranton, Pennsylvania | #include

  3. RE: VMS cluster behind a *NIX firewall


    > -----Original Message-----
    > From: bill@triangle.cs.uofs.edu [mailto:bill@triangle.cs.uofs.edu] On
    > Behalf Of Bill Gunshannon
    > Sent: August 2, 2007 8:49 AM
    > To: Info-VAX@Mvb.Saic.Com
    > Subject: Re: VMS cluster behind a *NIX firewall
    >
    > In article
    > > t>,
    > "Main, Kerry" writes:
    > >> -----Original Message-----
    > >> From: Anton Shterenlikht [mailto:mexas@bristol.ac.uk]
    > >> Sent: August 1, 2007 7:25 AM
    > >> To: Info-VAX@Mvb.Saic.Com
    > >> Subject: Re: VMS cluster behind a *NIX firewall
    > >>
    > >> On Tue, Jul 31, 2007 at 08:45:34PM -0500, Paul Raulerson wrote:
    > >> >
    > >> > It sounds to me like our friend here is involved in a "prove it!"
    > >> issue with
    > >> > the VMS systems, and so getting them up and running is more
    > >> profitable than
    > >> > worrying about SPOF issues right now; let the SPOF issues become
    > >> a problem
    > >> > for the "unix people" would be my way of handling it.
    > >>
    > >> that's about right
    > >>

    > > Anton,
    > >
    > > Is the concern the network folks have related to non-TCPIP protocols

    > on the=
    > > net or OpenVMS itself?
    > >
    > > If it is network protocols, they are worried about, then setting up a

    > priva=
    > > te VLAN for the cluster SCS traffic and restricting the primary NICs

    > to TCP=
    > > IP only would solve that.

    >
    > Sadly, that will not protect the bandwidth if they percieve the
    > protocol
    > as too "chatty". You would need an entire, separate physical network.
    > Which is, of course, also doable.
    >


    Huh?

    VLANS are separate from the main network and easy to set-up. You use a separate NIC on the host side as well. What goes on a VLAN is not seen on the main network.

    Can you explain why you think you need a "separate network?"

    > >
    > > If they are worried about OpenVMS security, I guess that is a an

    > education =
    > > problem.
    > >
    > > [Can't help smiling on this - what they are doing is like protecting

    > a poli=
    > > ce station by placing a rent-a-cop in front of it.]
    > >
    > >:-)

    >
    > Your opinion. The rest of the industry just doesn't see your "legacy"
    > product as offering any increase in security that it needs over Unix.
    > Of course, you have this notion that every Unix box ont he planet is
    > hacked at least 5 times a day and evidence to the contrary is just
    > swept aside.
    >


    Nope - never stated that.

    Linux I stated had 5-20 security patches per month and that is a fact as evidenced on the RH security web site. Anyone can go there and count them up themselves.

    UNIX no.

    You are simply being to sensitive and feel you need to protect your preferred platform.

    > >
    > > Here are a few security whitepapers that may be of interest to your

    > network=
    > > folks:
    > >
    > > http://h71028.www7.hp.com/ERC/downlo...A0-2896ENW.pdf
    > > This whitepaper presents an overview of OpenVMS security and its role

    > in en=
    > > terprise business continuity. The whitepaper supports the conclusion

    > that I=
    > > T environments requiring elevated security capabilities need OpenVMS

    > now mo=
    > > re than ever, whether on HP Integrity servers, AlphaServer systems,

    > or a co=
    > > mbination of both. (November 2005)
    > >
    > > http://h71000.www7.hp.com/openvms/wh...s/TCS_2004.pdf
    > > Techwise Research - This whitepaper provides a detailed comparison of

    > poten=
    > > tial vulnerabilities and security-related cluster crashes for HP

    > OpenVMS, I=
    > > BM AIX, and Sun Solaris Server Clusters. (June 2004)

    >
    > A lot of old drivel from a biased source. It is doubtful it was
    > accurate
    > when written, but it is rather long int he tooth today. Surely you can
    > do better.
    >
    > bill
    >


    Ok, so tell us where the report is in error.

    Regards


    Kerry Main
    Senior Consultant
    HP Services Canada
    Voice: 613-592-4660
    Fax: 613-591-4477
    kerryDOTmainAThpDOTcom
    (remove the DOT's and AT)

    OpenVMS - the secure, multi-site OS that just works.



  4. Re: VMS cluster behind a *NIX firewall

    In article ,
    "Main, Kerry" writes:
    >
    >> -----Original Message-----
    >> From: bill@cs.uofs.edu On
    >> Behalf Of Bill Gunshannon
    >> Sent: August 2, 2007 8:49 AM
    >> To: Info-VAX@Mvb.Saic.Com
    >> Subject: Re: VMS cluster behind a *NIX firewall
    >>
    >> In article
    >> >> t>,
    >> "Main, Kerry" writes:
    >> >> -----Original Message-----
    >> >> From: Anton Shterenlikht
    >> >> Sent: August 1, 2007 7:25 AM
    >> >> To: Info-VAX@Mvb.Saic.Com
    >> >> Subject: Re: VMS cluster behind a *NIX firewall
    >> >>
    >> >> On Tue, Jul 31, 2007 at 08:45:34PM -0500, Paul Raulerson wrote:
    >> >> >
    >> >> > It sounds to me like our friend here is involved in a "prove it!"
    >> >> issue with
    >> >> > the VMS systems, and so getting them up and running is more
    >> >> profitable than
    >> >> > worrying about SPOF issues right now; let the SPOF issues become
    >> >> a problem
    >> >> > for the "unix people" would be my way of handling it.
    >> >>
    >> >> that's about right
    >> >>
    >> > Anton,
    >> >
    >> > Is the concern the network folks have related to non-TCPIP protocols

    >> on the=3D
    >> > net or OpenVMS itself?
    >> >
    >> > If it is network protocols, they are worried about, then setting up a

    >> priva=3D
    >> > te VLAN for the cluster SCS traffic and restricting the primary NICs

    >> to TCP=3D
    >> > IP only would solve that.

    >>
    >> Sadly, that will not protect the bandwidth if they percieve the
    >> protocol
    >> as too "chatty". You would need an entire, separate physical network.
    >> Which is, of course, also doable.
    >>

    >
    > Huh?
    >
    > VLANS are separate from the main network and easy to set-up. You use a sep=
    > arate NIC on the host side as well. What goes on a VLAN is not seen on the =
    > main network.
    >
    > Can you explain why you think you need a "separate network?"


    You have a 100MB network. You have 3 VLANS on that network. Do you
    honestly believe that all 3 get 100MB rather than 100MB being the
    limit for the aggregate? Of course, if your VLAN is limited to just
    one box.... Then it just takes up from the aggregate for that box,
    which may, in fact, be higher. But then, why not just a separate box
    and limit the complexity? (KISS) :-)

    >
    >> >
    >> > If they are worried about OpenVMS security, I guess that is a an

    >> education =3D
    >> > problem.
    >> >
    >> > [Can't help smiling on this - what they are doing is like protecting

    >> a poli=3D
    >> > ce station by placing a rent-a-cop in front of it.]
    >> >
    >> >:-)

    >>
    >> Your opinion. The rest of the industry just doesn't see your "legacy"
    >> product as offering any increase in security that it needs over Unix.
    >> Of course, you have this notion that every Unix box ont he planet is
    >> hacked at least 5 times a day and evidence to the contrary is just
    >> swept aside.
    >>

    >
    > Nope - never stated that.
    >
    > Linux I stated had 5-20 security patches per month and that is a fact as ev=
    > idenced on the RH security web site. Anyone can go there and count them up =
    > themselves.


    Damn, now your starting to sound like Bob. Read my lips. VMS never
    reports to CERT so there is no way to make a realistic comparison.

    >
    > UNIX no.
    >
    > You are simply being to sensitive and feel you need to protect your preferr=
    > ed platform.


    Actually, I just attack FUD.

    >
    >> >
    >> > Here are a few security whitepapers that may be of interest to your

    >> network=3D
    >> > folks:
    >> >
    >> > http://h71028.www7.hp.com/ERC/downlo...A0-2896ENW.pdf
    >> > This whitepaper presents an overview of OpenVMS security and its role

    >> in en=3D
    >> > terprise business continuity. The whitepaper supports the conclusion

    >> that I=3D
    >> > T environments requiring elevated security capabilities need OpenVMS

    >> now mo=3D
    >> > re than ever, whether on HP Integrity servers, AlphaServer systems,

    >> or a co=3D
    >> > mbination of both. (November 2005)
    >> >
    >> > http://h71000.www7.hp.com/openvms/wh...s/TCS_2004.pdf
    >> > Techwise Research - This whitepaper provides a detailed comparison of

    >> poten=3D
    >> > tial vulnerabilities and security-related cluster crashes for HP

    >> OpenVMS, I=3D
    >> > BM AIX, and Sun Solaris Server Clusters. (June 2004)

    >>
    >> A lot of old drivel from a biased source. It is doubtful it was
    >> accurate
    >> when written, but it is rather long int he tooth today. Surely you can
    >> do better.
    >>
    >> bill
    >>

    >
    > Ok, so tell us where the report is in error.


    Was done ages ago. I have better things to do than rehash the
    obvious.

    bill

    --
    Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
    bill@cs.scranton.edu | and a sheep voting on what's for dinner.
    University of Scranton |
    Scranton, Pennsylvania | #include

  5. RE: VMS cluster behind a *NIX firewall

    > -----Original Message-----
    > From: bill@triangle.cs.uofs.edu [mailto:bill@triangle.cs.uofs.edu] On
    > Behalf Of Bill Gunshannon
    > Sent: August 3, 2007 10:19 AM
    > To: Info-VAX@Mvb.Saic.Com
    > Subject: Re: VMS cluster behind a *NIX firewall
    >
    > In article
    > > t>,
    > "Main, Kerry" writes:
    > >
    > >> -----Original Message-----
    > >> From: bill@cs.uofs.edu On
    > >> Behalf Of Bill Gunshannon
    > >> Sent: August 2, 2007 8:49 AM
    > >> To: Info-VAX@Mvb.Saic.Com
    > >> Subject: Re: VMS cluster behind a *NIX firewall
    > >>
    > >> In article
    > >>

    >
    > >> t>,
    > >> "Main, Kerry" writes:
    > >> >> -----Original Message-----
    > >> >> From: Anton Shterenlikht
    > >> >> Sent: August 1, 2007 7:25 AM
    > >> >> To: Info-VAX@Mvb.Saic.Com
    > >> >> Subject: Re: VMS cluster behind a *NIX firewall
    > >> >>
    > >> >> On Tue, Jul 31, 2007 at 08:45:34PM -0500, Paul Raulerson wrote:
    > >> >> >
    > >> >> > It sounds to me like our friend here is involved in a "prove

    > it!"
    > >> >> issue with
    > >> >> > the VMS systems, and so getting them up and running is more
    > >> >> profitable than
    > >> >> > worrying about SPOF issues right now; let the SPOF issues

    > become
    > >> >> a problem
    > >> >> > for the "unix people" would be my way of handling it.
    > >> >>
    > >> >> that's about right
    > >> >>
    > >> > Anton,
    > >> >
    > >> > Is the concern the network folks have related to non-TCPIP

    > protocols
    > >> on the=3D
    > >> > net or OpenVMS itself?
    > >> >
    > >> > If it is network protocols, they are worried about, then setting

    > up a
    > >> priva=3D
    > >> > te VLAN for the cluster SCS traffic and restricting the primary

    > NICs
    > >> to TCP=3D
    > >> > IP only would solve that.
    > >>
    > >> Sadly, that will not protect the bandwidth if they percieve the
    > >> protocol
    > >> as too "chatty". You would need an entire, separate physical

    > network.
    > >> Which is, of course, also doable.
    > >>

    > >
    > > Huh?
    > >
    > > VLANS are separate from the main network and easy to set-up. You use

    > a sep=
    > > arate NIC on the host side as well. What goes on a VLAN is not seen

    > on the =
    > > main network.
    > >
    > > Can you explain why you think you need a "separate network?"

    >
    > You have a 100MB network. You have 3 VLANS on that network. Do you
    > honestly believe that all 3 get 100MB rather than 100MB being the
    > limit for the aggregate? Of course, if your VLAN is limited to just
    > one box.... Then it just takes up from the aggregate for that box,
    > which may, in fact, be higher. But then, why not just a separate box
    > and limit the complexity? (KISS) :-)
    >

    I don't think you understand VLAN's and the way they work with normal routers today.

    > >
    > >> >
    > >> > If they are worried about OpenVMS security, I guess that is a an
    > >> education =3D
    > >> > problem.
    > >> >
    > >> > [Can't help smiling on this - what they are doing is like

    > protecting
    > >> a poli=3D
    > >> > ce station by placing a rent-a-cop in front of it.]
    > >> >
    > >> >:-)
    > >>
    > >> Your opinion. The rest of the industry just doesn't see your

    > "legacy"
    > >> product as offering any increase in security that it needs over

    > Unix.
    > >> Of course, you have this notion that every Unix box ont he planet is
    > >> hacked at least 5 times a day and evidence to the contrary is just
    > >> swept aside.
    > >>

    > >
    > > Nope - never stated that.
    > >
    > > Linux I stated had 5-20 security patches per month and that is a fact

    > as ev=
    > > idenced on the RH security web site. Anyone can go there and count

    > them up =
    > > themselves.

    >
    > Damn, now your starting to sound like Bob. Read my lips. VMS never
    > reports to CERT so there is no way to make a realistic comparison.
    >


    Sure it does. Hey, you are now starting to sound like Andrew.

    :-)


    > >
    > > UNIX no.
    > >
    > > You are simply being to sensitive and feel you need to protect your

    > preferr=
    > > ed platform.

    >
    > Actually, I just attack FUD.
    >


    But you simply use FUD (i.e. your personal opinion based on your personal view of the universe) to attack what you think is FUD.

    Being a UNIX person, it is hard for you to understand how things are done when you do not have a UNIX focus.

    > >
    > >> >
    > >> > Here are a few security whitepapers that may be of interest to

    > your
    > >> network=3D
    > >> > folks:
    > >> >
    > >> > http://h71028.www7.hp.com/ERC/downlo...A0-2896ENW.pdf
    > >> > This whitepaper presents an overview of OpenVMS security and its

    > role
    > >> in en=3D
    > >> > terprise business continuity. The whitepaper supports the

    > conclusion
    > >> that I=3D
    > >> > T environments requiring elevated security capabilities need

    > OpenVMS
    > >> now mo=3D
    > >> > re than ever, whether on HP Integrity servers, AlphaServer

    > systems,
    > >> or a co=3D
    > >> > mbination of both. (November 2005)
    > >> >
    > >> > http://h71000.www7.hp.com/openvms/wh...s/TCS_2004.pdf
    > >> > Techwise Research - This whitepaper provides a detailed comparison

    > of
    > >> poten=3D
    > >> > tial vulnerabilities and security-related cluster crashes for HP
    > >> OpenVMS, I=3D
    > >> > BM AIX, and Sun Solaris Server Clusters. (June 2004)
    > >>
    > >> A lot of old drivel from a biased source. It is doubtful it was
    > >> accurate
    > >> when written, but it is rather long int he tooth today. Surely you

    > can
    > >> do better.
    > >>
    > >> bill
    > >>

    > >
    > > Ok, so tell us where the report is in error.

    >
    > Was done ages ago. I have better things to do than rehash the
    > obvious.
    >
    > bill



    Ok, Andrew. That about sums it up.

    Why bother with technical analysis when FUD is so much simpler and quicker to generate?

    Regards


    Kerry Main
    Senior Consultant
    HP Services Canada
    Voice: 613-592-4660
    Fax: 613-591-4477
    kerryDOTmainAThpDOTcom
    (remove the DOT's and AT)

    OpenVMS - the secure, multi-site OS that just works.




  6. Re: VMS cluster behind a *NIX firewall

    In article ,
    "Main, Kerry" writes:
    >> -----Original Message-----
    >> From: bill@cs.uofs.edu On
    >> Behalf Of Bill Gunshannon
    >> Sent: August 3, 2007 10:19 AM
    >> To: Info-VAX@Mvb.Saic.Com
    >> Subject: Re: VMS cluster behind a *NIX firewall
    >>
    >> In article
    >> >> t>,
    >> "Main, Kerry" writes:
    >> >
    >> >> -----Original Message-----
    >> >> From: bill@cs.uofs.edu On
    >> >> Behalf Of Bill Gunshannon
    >> >> Sent: August 2, 2007 8:49 AM
    >> >> To: Info-VAX@Mvb.Saic.Com
    >> >> Subject: Re: VMS cluster behind a *NIX firewall
    >> >>
    >> >> In article
    >> >>

    >>
    >> >> t>,
    >> >> "Main, Kerry" writes:
    >> >> >> -----Original Message-----
    >> >> >> From: Anton Shterenlikht
    >> >> >> Sent: August 1, 2007 7:25 AM
    >> >> >> To: Info-VAX@Mvb.Saic.Com
    >> >> >> Subject: Re: VMS cluster behind a *NIX firewall
    >> >> >>
    >> >> >> On Tue, Jul 31, 2007 at 08:45:34PM -0500, Paul Raulerson wrote:
    >> >> >> >
    >> >> >> > It sounds to me like our friend here is involved in a "prove

    >> it!"
    >> >> >> issue with
    >> >> >> > the VMS systems, and so getting them up and running is more
    >> >> >> profitable than
    >> >> >> > worrying about SPOF issues right now; let the SPOF issues

    >> become
    >> >> >> a problem
    >> >> >> > for the "unix people" would be my way of handling it.
    >> >> >>
    >> >> >> that's about right
    >> >> >>
    >> >> > Anton,
    >> >> >
    >> >> > Is the concern the network folks have related to non-TCPIP

    >> protocols
    >> >> on the=3D3D
    >> >> > net or OpenVMS itself?
    >> >> >
    >> >> > If it is network protocols, they are worried about, then setting

    >> up a
    >> >> priva=3D3D
    >> >> > te VLAN for the cluster SCS traffic and restricting the primary

    >> NICs
    >> >> to TCP=3D3D
    >> >> > IP only would solve that.
    >> >>
    >> >> Sadly, that will not protect the bandwidth if they percieve the
    >> >> protocol
    >> >> as too "chatty". You would need an entire, separate physical

    >> network.
    >> >> Which is, of course, also doable.
    >> >>
    >> >
    >> > Huh?
    >> >
    >> > VLANS are separate from the main network and easy to set-up. You use

    >> a sep=3D
    >> > arate NIC on the host side as well. What goes on a VLAN is not seen

    >> on the =3D
    >> > main network.
    >> >
    >> > Can you explain why you think you need a "separate network?"

    >>
    >> You have a 100MB network. You have 3 VLANS on that network. Do you
    >> honestly believe that all 3 get 100MB rather than 100MB being the
    >> limit for the aggregate? Of course, if your VLAN is limited to just
    >> one box.... Then it just takes up from the aggregate for that box,
    >> which may, in fact, be higher. But then, why not just a separate box
    >> and limit the complexity? (KISS) :-)
    >>

    >
    > I don't think you understand VLAN's and the way they work with normal route=
    > rs today.
    P

    Of course I do, do you? A VLAN is independant only within the single box.
    If it leaves the box, via a trunk, you only have the bqandwidth of that
    one port, n o matter how many VLANS you have. So, if your VLAN is going
    to be located in one place with all the devices on it connected to one
    box (like in the computer room) then using the KISS priciple it makes more
    sense to just use a separate switch (what do they cost today $50?) and avoid
    the complexity of setting up VLANS to accomplish the same thing. It's
    really not what VLANS were intended to do.

    >
    >> >
    >> >> >
    >> >> > If they are worried about OpenVMS security, I guess that is a an
    >> >> education =3D3D
    >> >> > problem.
    >> >> >
    >> >> > [Can't help smiling on this - what they are doing is like

    >> protecting
    >> >> a poli=3D3D
    >> >> > ce station by placing a rent-a-cop in front of it.]
    >> >> >
    >> >> >:-)
    >> >>
    >> >> Your opinion. The rest of the industry just doesn't see your

    >> "legacy"
    >> >> product as offering any increase in security that it needs over

    >> Unix.
    >> >> Of course, you have this notion that every Unix box ont he planet is
    >> >> hacked at least 5 times a day and evidence to the contrary is just
    >> >> swept aside.
    >> >>
    >> >
    >> > Nope - never stated that.
    >> >
    >> > Linux I stated had 5-20 security patches per month and that is a fact

    >> as ev=3D
    >> > idenced on the RH security web site. Anyone can go there and count

    >> them up =3D
    >> > themselves.

    >>
    >> Damn, now your starting to sound like Bob. Read my lips. VMS never
    >> reports to CERT so there is no way to make a realistic comparison.
    >>

    >
    > Sure it does. Hey, you are now starting to sound like Andrew.


    Of the two, I consider that a compliment.

    >
    >:-)
    >
    >
    >> >
    >> > UNIX no.
    >> >
    >> > You are simply being to sensitive and feel you need to protect your

    >> preferr=3D
    >> > ed platform.

    >>
    >> Actually, I just attack FUD.
    >>

    >
    > But you simply use FUD (i.e. your personal opinion based on your personal v=
    > iew of the universe) to attack what you think is FUD.
    >
    > Being a UNIX person, it is hard for you to understand how things are done w=
    > hen you do not have a UNIX focus.


    Once again, bullcrap. I worked with a lot of different OSes long before
    I touched my first Unix box. Some of them were better, some were worse.
    Most of them are no more. I have been working with computers since before
    Unix or VMS even existed. I can tell bullcrap when I see it.

    >
    >> >
    >> >> >
    >> >> > Here are a few security whitepapers that may be of interest to

    >> your
    >> >> network=3D3D
    >> >> > folks:
    >> >> >
    >> >> > http://h71028.www7.hp.com/ERC/downlo...A0-2896ENW.pdf
    >> >> > This whitepaper presents an overview of OpenVMS security and its

    >> role
    >> >> in en=3D3D
    >> >> > terprise business continuity. The whitepaper supports the

    >> conclusion
    >> >> that I=3D3D
    >> >> > T environments requiring elevated security capabilities need

    >> OpenVMS
    >> >> now mo=3D3D
    >> >> > re than ever, whether on HP Integrity servers, AlphaServer

    >> systems,
    >> >> or a co=3D3D
    >> >> > mbination of both. (November 2005)
    >> >> >
    >> >> > http://h71000.www7.hp.com/openvms/wh...s/TCS_2004.pdf
    >> >> > Techwise Research - This whitepaper provides a detailed comparison

    >> of
    >> >> poten=3D3D
    >> >> > tial vulnerabilities and security-related cluster crashes for HP
    >> >> OpenVMS, I=3D3D
    >> >> > BM AIX, and Sun Solaris Server Clusters. (June 2004)
    >> >>
    >> >> A lot of old drivel from a biased source. It is doubtful it was
    >> >> accurate
    >> >> when written, but it is rather long int he tooth today. Surely you

    >> can
    >> >> do better.
    >> >>
    >> >> bill
    >> >>
    >> >
    >> > Ok, so tell us where the report is in error.

    >>
    >> Was done ages ago. I have better things to do than rehash the
    >> obvious.
    >>
    >> bill

    >
    >
    > Ok, Andrew. That about sums it up.
    >
    > Why bother with technical analysis when FUD is so much simpler and quicker =
    > to generate?
    >


    Because even if I wasted my time you would merely trot out the same
    tired argument again in 3-4 months. Luckily, the industry isn't
    listening to it any more. Of course, being a good HP drone, once
    they abandon VMS and only sell Windows I am sure you will be singing
    the company line about it and telling people how VMS was always a bad
    idea.

    bill

    --
    Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
    bill@cs.scranton.edu | and a sheep voting on what's for dinner.
    University of Scranton |
    Scranton, Pennsylvania | #include

+ Reply to Thread