i am shure astaro team reads all posts, but i think they have not time to answer all posts. they invest the answer time in develop [;)]
Astaro-Report-Manager is an new feature to do a central reporting for asl-firewalls, e.g. you have to administrate a lot of, you can central see what happens. also you can correlate you data.
yep,many matter was dropped,but to tell the truth..you are wrong.,this because you make a noise without fondation..
I've make moderator in position to know the existence of this tread..
what "noise" are you referring to? Some of us know Astaro is busy right now and are voicing our concerns. Some may post out of sheer frustration. Plus i am sure the moderators already know of this thread.....Simply saying"you are making noise without a foundation" is exactly what you just did..this is not an argument just trying to belittle somebody.
[ QUOTE ] yep,many matter was dropped,but to tell the truth..you are wrong.,this because you make a noise without fondation.. I've make moderator in position to know the existence of this tread..
if u dont like this product,just dont use it.
Regards lin
[/ QUOTE ]
sit back and relax most of the users here are old asl irons - so i think that you're not really in the position to say kinda stuff, but hey you're the man [;)]
people draw conclusions based on the information they have.
As it stands there are three key facts:
Astaro make very little information available via this forum. Astaro has identified bugs in the firewall. Astaro are releasing new features in favour of fixes.
No matter how much you debate it these three facts are true.
In my opinion two things make this thread so popular.
Lack of information via this forum from Astaro and the simple undeniable fact of anyone who is interested in security (e.g. all here) that security devices and software should not have identified bugs with no impending solution.
Cap this of with users waiting eagerly for bug fix patches to fix the problems they "personally" are having and it is a recipe for bad relations.
In my opinion Astaro should:
Start a public bug tracker Dedicate some man power to these forums Release bug fixes until we have at least one stable V5 release
and then the prolem goes away.
If this is not possible then do what all big linux projects do... have a stable and devleopment branch.
At the end of the day it is lack of information that has caused this (which is one of many) threads.
I've been following this thread in silence, biting my tongue. But enough is enough, I've got to say something, and just let the chips fall where they may:
The beating up on Astaro in this thread (and some others) is unhelpful. If some of you think Astaro has issues, go use some of the other firewalls on the market -- none of them are perfect. There isn't a single piece of software or an operating system that doesn't have bugs that need fixing, and most companies just leave the bugs in and hope the users will put up with them. It seems to me that Astaro goes out of their way to make ASL the best it can be -- and they're doing a damn good job. Just go to the ICSA website and compare Astaro against all the other firewalls in the 4.0 criteria certified list -- most of them are dysfunctional toys compared to Astaro. There is NO DOUBT that ASL has some bugs that need fixing, but there is also no doubt that Astaro developers are chewing their fingers down to the knuckles and burning the midnight oil to get it right.
I apologize if my comments offended any individual -- I'm speaking to this whole thread in general.
I'm with OfficeDefender, You're getting about a million times more than you paid for. If you're a commercial client, use the support you're paying for. These forums are for FREE support for the FREE product you're using. Would you apply a windows service pack before seeing what other problems it creates. That the risk us "early adopters" run for being on the edge. If you're so offended that Astaro doesn't pay attention to this forum the way you think they should, try Smoothwall and Dick Morrell's attitude. We'll see you back here REAL soon.
OfficeDefender, I fully understand and agree with you in many ways but I have to say that releasing a new feature prior to a bug fixes was not a great idea.
Releasing new features before bug fixes may be Astaros policy but I do not agree with it.
I also agree that no piece of software does not have bugs.
But i reiterate my point, the ONLY REAL problem with Astaro is lack of information causing legitimate paying users to make assumptions that may ultimately be wrong.
As for Smoothwall do even go there... I too have been on the end of that terrible terrible attitude.
of course the easiest thing is to say -> "if you don't like it don't use it", but i think we all agree if we say that this is chicken .... and not really professional.
i can't belive that there are people out there (in the security business) defending products (security products) that are buggy.
and the best thing is that those become angry here, when they read negativ response from "home users".
sorry dudes -> i'm a home user but why shouldn't i tell the world that this software is not really usable at the moment??!
of course there are people out there (astaro partners, etc) who maybe think that they get invited to a cup of coffe by astaro for shutting up the home users mouths, but mine will stay open -> not with me dudes, not with me
[ QUOTE ] I've been following this thread in silence, biting my tongue. But enough is enough, I've got to say something, and just let the chips fall where they may:
The beating up on Astaro in this thread (and some others) is unhelpful. If some of you think Astaro has issues, go use some of the other firewalls on the market -- none of them are perfect. There isn't a single piece of software or an operating system that doesn't have bugs that need fixing, and most companies just leave the bugs in and hope the users will put up with them. It seems to me that Astaro goes out of their way to make ASL the best it can be -- and they're doing a damn good job. Just go to the ICSA website and compare Astaro against all the other firewalls in the 4.0 criteria certified list -- most of them are dysfunctional toys compared to Astaro. There is NO DOUBT that ASL has some bugs that need fixing, but there is also no doubt that Astaro developers are chewing their fingers down to the knuckles and burning the midnight oil to get it right.
I apologize if my comments offended any individual -- I'm speaking to this whole thread in general.
Steve.
[/ QUOTE ] I have to totally diasgree with you OD..ASL may be ISCA 4 certified and that's all well and good but right now for many users the software while secure is so unstable it is unsusable. Astaro needs to fix the codebase(i have been saying this for a looooooooooooooooooong time) and get it stable before releasing new features. No Astaro bashing..just the facts.
[ QUOTE ] I've been following this thread in silence, biting my tongue. But enough is enough, I've got to say something, and just let the chips fall where they may:
The beating up on Astaro in this thread (and some others) is unhelpful. If some of you think Astaro has issues, go use some of the other firewalls on the market -- none of them are perfect. There isn't a single piece of software or an operating system that doesn't have bugs that need fixing, and most companies just leave the bugs in and hope the users will put up with them. It seems to me that Astaro goes out of their way to make ASL the best it can be -- and they're doing a damn good job. Just go to the ICSA website and compare Astaro against all the other firewalls in the 4.0 criteria certified list -- most of them are dysfunctional toys compared to Astaro. There is NO DOUBT that ASL has some bugs that need fixing, but there is also no doubt that Astaro developers are chewing their fingers down to the knuckles and burning the midnight oil to get it right.
I apologize if my comments offended any individual -- I'm speaking to this whole thread in general.
Steve.
[/ QUOTE ] I have to totally diasgree with you OD..ASL may be ISCA 4 certified and that's all well and good but right now for many users the software while secure is so unstable it is unsusable. Astaro needs to fix the codebase(i have been saying this for a looooooooooooooooooong time) and get it stable before releasing new features. No Astaro bashing..just the facts.
It was the whole Dick Morrell and Smoothwall thing that made me turn to Astaro years ago. Since then I have not looked back.
However speaking from experience, ASL is the BEST firewall I have encountered. I use on a daily basis (and have to suffer with them): Netscreens, Symantec (Raptor/Enteprise) Firewalls, Cisco PIX, Mandrake MNF, Smoothwall, Checkpoints, and Nortels.
I dare you to find one product for the same pricepoint that offers nearly as many features!
Even though I do have occasional issue with any of my 7 ASL installs, a simple email to support usually gets the problem taken care of right away. AND that is without me paying any extra for support.
If you ever get the chance to talk to any of the people who work @ Astaro, you would understand exactly how busy they are. I have met and talked with a few of them, and they are some of the nicest people you could know.
I really hope those of you who are bashing them for not doing this, that, or whatever, are at least paying customers. If you are a home user, put up with it or leave the nest. There are many other products out there for piddly little home users.
[ QUOTE ] It was the whole Dick Morrell and Smoothwall thing that made me turn to Astaro years ago. Since then I have not looked back.
However speaking from experience, ASL is the BEST firewall I have encountered. I use on a daily basis (and have to suffer with them): Netscreens, Symantec (Raptor/Enteprise) Firewalls, Cisco PIX, Mandrake MNF, Smoothwall, Checkpoints, and Nortels.
I dare you to find one product for the same pricepoint that offers nearly as many features!
Even though I do have occasional issue with any of my 7 ASL installs, a simple email to support usually gets the problem taken care of right away. AND that is without me paying any extra for support.
If you ever get the chance to talk to any of the people who work @ Astaro, you would understand exactly how busy they are. I have met and talked with a few of them, and they are some of the nicest people you could know.
I really hope those of you who are bashing them for not doing this, that, or whatever, are at least paying customers. If you are a home user, put up with it or leave the nest. There are many other products out there for piddly little home users.
[/ QUOTE ] As far as moothie goes dick morrel is gone now and the attitude is totally different. Smoothie has its good points..one being highly customizable.
[ QUOTE ] I have to totally diasgree with you OD..ASL may be ISCA 4 certified and that's all well and good but right now for many users the software while secure is so unstable it is unsusable. Astaro needs to fix the codebase(i have been saying this for a looooooooooooooooooong time) and get it stable before releasing new features. No Astaro bashing..just the facts.
[/ QUOTE ]
If it is so "unstable", then why is it running just fine at every single site our company manages? We're talking lots and lots of sites, all of which I either manage myself or oversee the management of. And then there are the locations we do consulting for, those are running just fine on v5 as well -- if they weren't, I'd have a bunch of network techs barking at me on a daily basis. Yes, there are issues, but they aren't show-stoppers, just inconveniences that have to be worked around until the fixes are out. There were some serious problems with the early releases of version 5, but those are gone.
As far as the decision by Astaro to push out the new feature in the 5.025 release, the assumptions being made in this thread are completely wrong. Astaro runs its releases on a schedule, and the new feature in 5.025 was mapped out a long time ago and has been in QA testing for some time. The new feature in 5.025 is NOT an indication that Astaro isn't fixing the current issues -- they don't drop the ball while they work on a new feature, they have a team of developers working on various things. Astaro is a company, not a couple of guys in a basement hacking out code. The assumptions being made in this thread are simply ridiculous.
[ QUOTE ] [ QUOTE ] I have to totally diasgree with you OD..ASL may be ISCA 4 certified and that's all well and good but right now for many users the software while secure is so unstable it is unsusable. Astaro needs to fix the codebase(i have been saying this for a looooooooooooooooooong time) and get it stable before releasing new features. No Astaro bashing..just the facts.
[/ QUOTE ]
If it is so "unstable", then why is it running just fine at every single site our company manages? We're talking lots and lots of sites, all of which I either manage myself or oversee the management of. And then there are the locations we do consulting for, those are running just fine on v5 as well -- if they weren't, I'd have a bunch of network techs barking at me on a daily basis. Yes, there are issues, but they aren't show-stoppers, just inconveniences that have to be worked around until the fixes are out. There were some serious problems with the early releases of version 5, but those are gone.
As far as the decision by Astaro to push out the new feature in the 5.025 release, the assumptions being made in this thread are completely wrong. Astaro runs its releases on a schedule, and the new feature in 5.025 was mapped out a long time ago and has been in QA testing for some time. The new feature in 5.025 is NOT an indication that Astaro isn't fixing the current issues -- they don't drop the ball while they work on a new feature, they have a team of developers working on various things. Astaro is a company, not a couple of guys in a basement hacking out code. The assumptions being made in this thread are simply ridiculous.
-Steve
[/ QUOTE ]
I stand by what i have near the beginning of this thread. It is not ridiculous to question the logic of adding features to a codebase with obvious stability rpboems. I am glad it runs for you just fine at everywhere you have deployed it....but a vast majority on these forums are not. It bothers me that you have to throw a 2.4 ghz p-4 with half a gig of ram at a piece of software to get it to run nicely. Even windows xp is not that demanding.
I have to once again disagree with you steve. Some posts here my be over the top but ..but i am standing by mine.
[ QUOTE ] [ QUOTE ] I have to totally diasgree with you OD..ASL may be ISCA 4 certified and that's all well and good but right now for many users the software while secure is so unstable it is unsusable. Astaro needs to fix the codebase(i have been saying this for a looooooooooooooooooong time) and get it stable before releasing new features. No Astaro bashing..just the facts.
[/ QUOTE ]
If it is so "unstable", then why is it running just fine at every single site our company manages? We're talking lots and lots of sites, all of which I either manage myself or oversee the management of. And then there are the locations we do consulting for, those are running just fine on v5 as well -- if they weren't, I'd have a bunch of network techs barking at me on a daily basis. Yes, there are issues, but they aren't show-stoppers, just inconveniences that have to be worked around until the fixes are out. There were some serious problems with the early releases of version 5, but those are gone.
As far as the decision by Astaro to push out the new feature in the 5.025 release, the assumptions being made in this thread are completely wrong. Astaro runs its releases on a schedule, and the new feature in 5.025 was mapped out a long time ago and has been in QA testing for some time. The new feature in 5.025 is NOT an indication that Astaro isn't fixing the current issues -- they don't drop the ball while they work on a new feature, they have a team of developers working on various things. Astaro is a company, not a couple of guys in a basement hacking out code. The assumptions being made in this thread are simply ridiculous.
-Steve
[/ QUOTE ] that flies in the face of a few updates ago when the codebase was even more unstable where you mentioned you had to stop deployment of ASL because of instabilities. Things have improved..but much more needs to be done.
[ QUOTE ] I stand by what i have near the beginning of this thread. It is not ridiculous to question the logic of adding features to a codebase with obvious stability problems. I am glad it runs for you just fine at everywhere you have deployed it....but a vast majority on these forums are not. It bothers me that you have to throw a 2.4 ghz p-4 with half a gig of ram at a piece of software to get it to run nicely. Even windows xp is not that demanding.
I have to once again disagree with you steve. Some posts here my be over the top but ..but i am standing by mine.
[/ QUOTE ]
Our company is one of the largest and most active Astaro partners in the United States. We've stood side by side with them at Networld/Interop in Las Vegas, we've had input to some of the improvements in the product, we are personally acquainted with much of Astaro's US management, and we have a hotline to Astaro support. You don't have to believe me, but what I am telling you is the truth. Astaro is by no means dropping the ball on fixing bugs, they're not risking destabilizing their product by adding this feature (isn't that really for THEM to determine?), and they are actively and voraciously working on closing out any discrepancy reports. And I will reitirate what I said before: ASL V5 is plenty stable for production deployment. I can also tell you that about 75 percent of the time, difficulties with the product can be traced to configuration issues.
[ QUOTE ] That flies in the face of a few updates ago when the codebase was even more unstable where you mentioned you had to stop deployment of ASL because of instabilities.
[/ QUOTE ]
'Tis true that there were problems in the earlier releases of v5 that were significant enough to cause us to delay deployment. But those days have been gone for months now. Sure, there's more work for Astaro to do, but isn't this always the case for virtually any piece of software? We shouldn't look to Astaro for perfection, we should look to them for action -- and I think they're delivering on that level quite well.
As a network engineer, I work with firewalls of many makes and models on a variety of networks -- everything from the cheap, consumer-grade junk in the stores to Ciscos, Gauntlet, etc. I would take Astaro any day, warts and all, over ANY other firewall. It has an unmatched price vs. features vs. performance ratios that put its competitors to shame. Astaro is the most user-friendly, easy to deploy and administer, cost-effective, feature-rich security solution on the market - period! So what if a few things aren't quite up to snuff yet, we know they're working hard to fix them and it will be fixed soon enough. None of the problems are "show stoppers", either -- just work around them for now. For example, we all know that the content filtering (more often, the web antivirus scanning) is causing some slowdowns. If the slowdowns are a problem, just shut off content filtering temporarily. Life as we know it will not end if content filtering is disabled for a few weeks until a fix is deployed. ASL is quite sound and there's no reason to not use it.
OfficeDefender, I've been using Astaro for a LONG time and it seems to me that the companies attitude has changed around about the initial v5 release.
I'm sure Astaro have a development schedule, but there are simply a lot of issues that are causing a lot of paid up users hassle. My personal beef is the SSL encryption being now enforced on the SMTP authentication. Yes there's a workaround, and yes a solution has been promised. However new up2dates are overwriting the recommended fix, meaningwe have to go re-edit. (Not to mention warranty being voided by having to do this).
My corporate installations are running fine, a few niggly issues like the SMTP thing and spiking graphs. (Which has also been happening a long time).
OfficeDefender, you can't just temporarily shut off a feature that's causing problems without repercussions.
Users start asking what the hell is going on and sometimes things like that fly in the face of corporate IT policies. (Sorry guys I have to let porn sites through again coz the filter aint working right, just please don't sue us in the meantime for exposing you to porn).
My organisation isn't that bad (and I decide IT policy), but I know of sites for which those statements are VERY applicable.
As stated in my prior post, something changed with v5, the QC on releases seems a lot worse, (you yourself were getting fed up at one point). And yes it's better now, but some people are still having serious issues.
I'd say 95% of all these whines would go away if Astaro just kept us better informed.
You probably are chatting to them everyday and have inside knowledge, most people here only see what's written on the forum.
Can you tell me when Astaro are going to stop my systems whining to me daily about licensing issues and when we can stop having to custom configure our firewalls so that license counts don't skyrocket when we get portscanned?
