i am shure astaro team reads all posts, but i think they have not time to answer all posts. they invest the answer time in develop [;)]
Astaro-Report-Manager is an new feature to do a central reporting for asl-firewalls, e.g. you have to administrate a lot of, you can central see what happens. also you can correlate you data.
i can't belive that there are people out there (in the security business) defending products (security products) that are buggy.
[/ QUOTE ]
Uhm.. if none of the security products on the market had bugs, then why would every vendor release patches, updates, etc?
And what about people running something like Symantec or Checkpoint or even MS ISA server on an extremely buggy OS like Windows? That doubles the trouble for a firewall.
So don't act like Astaro is the only product with bugs in it.
I use almost every single feature included in ASL, and I have had very few problems with any feature. Maybe it is because I run them on decent hardware, and not try to make it run on a Pentium 200 or some old crap like that?
[/ QUOTE ]
you know what is hilarious about this? MOST of the users reporting problems are on p-4' 2.0 ghz and up and athlon xp's..many(maybe not most with at least 256 or more of ram and 20-100 gig drives. Hardware is not the issue.
[ QUOTE ] It was the whole Dick Morrell and Smoothwall thing that made me turn to Astaro years ago. Since then I have not looked back.
However speaking from experience, ASL is the BEST firewall I have encountered. I use on a daily basis (and have to suffer with them): Netscreens, Symantec (Raptor/Enteprise) Firewalls, Cisco PIX, Mandrake MNF, Smoothwall, Checkpoints, and Nortels.
I dare you to find one product for the same pricepoint that offers nearly as many features!
Even though I do have occasional issue with any of my 7 ASL installs, a simple email to support usually gets the problem taken care of right away. AND that is without me paying any extra for support.
If you ever get the chance to talk to any of the people who work @ Astaro, you would understand exactly how busy they are. I have met and talked with a few of them, and they are some of the nicest people you could know.
I really hope those of you who are bashing them for not doing this, that, or whatever, are at least paying customers. If you are a home user, put up with it or leave the nest. There are many other products out there for piddly little home users.
[/ QUOTE ] As far as moothie goes dick morrel is gone now and the attitude is totally different. Smoothie has its good points..one being highly customizable.
[ QUOTE ] I have to totally diasgree with you OD..ASL may be ISCA 4 certified and that's all well and good but right now for many users the software while secure is so unstable it is unsusable. Astaro needs to fix the codebase(i have been saying this for a looooooooooooooooooong time) and get it stable before releasing new features. No Astaro bashing..just the facts.
[/ QUOTE ]
If it is so "unstable", then why is it running just fine at every single site our company manages? We're talking lots and lots of sites, all of which I either manage myself or oversee the management of. And then there are the locations we do consulting for, those are running just fine on v5 as well -- if they weren't, I'd have a bunch of network techs barking at me on a daily basis. Yes, there are issues, but they aren't show-stoppers, just inconveniences that have to be worked around until the fixes are out. There were some serious problems with the early releases of version 5, but those are gone.
As far as the decision by Astaro to push out the new feature in the 5.025 release, the assumptions being made in this thread are completely wrong. Astaro runs its releases on a schedule, and the new feature in 5.025 was mapped out a long time ago and has been in QA testing for some time. The new feature in 5.025 is NOT an indication that Astaro isn't fixing the current issues -- they don't drop the ball while they work on a new feature, they have a team of developers working on various things. Astaro is a company, not a couple of guys in a basement hacking out code. The assumptions being made in this thread are simply ridiculous.
[ QUOTE ] OfficeDefender, I fully understand and agree with you in many ways but I have to say that releasing a new feature prior to a bug fixes was not a great idea.
Releasing new features before bug fixes may be Astaros policy but I do not agree with it.
[/ QUOTE ]
There is a SERIOUS misunderstanding on this board as to how this all works, I hope I can correct it. Astaro, like most software vendors, runs on a roadmap. For example, when they released version 5 they had already mapped out a rough release schedule for features that didn't make it in the first cut. They know what they expect version 6 to be and they are working their way along a roadmap to get to that level. *Simultaneously*, they have developers working on bug fixes and releasing them as fast as possible after going through a QA process. THE RELEASE OF THE NEW FEATURE IN 5.025 IS NOT, I REPEAT, NOT AN INDICATION THAT ASTARO ISN'T WORKING ON FIXING EXISTING ISSUES!! You folks are reading way, way too much into this.
you think that you are a really nice guy?! let me ask you something - would you eat sh.. if it's for free or cheap enough with a lot of features? we're talking about the stability of asl and not whether it's cheap or not -> i'm a homeuser and i use it for free, well that's nice, but i think it's ok to get an answer what's going on with this product.
but it seems that you should better keep watching out the bargain-basements
[ QUOTE ] [ QUOTE ] I have to totally diasgree with you OD..ASL may be ISCA 4 certified and that's all well and good but right now for many users the software while secure is so unstable it is unsusable. Astaro needs to fix the codebase(i have been saying this for a looooooooooooooooooong time) and get it stable before releasing new features. No Astaro bashing..just the facts.
[/ QUOTE ]
If it is so "unstable", then why is it running just fine at every single site our company manages? We're talking lots and lots of sites, all of which I either manage myself or oversee the management of. And then there are the locations we do consulting for, those are running just fine on v5 as well -- if they weren't, I'd have a bunch of network techs barking at me on a daily basis. Yes, there are issues, but they aren't show-stoppers, just inconveniences that have to be worked around until the fixes are out. There were some serious problems with the early releases of version 5, but those are gone.
As far as the decision by Astaro to push out the new feature in the 5.025 release, the assumptions being made in this thread are completely wrong. Astaro runs its releases on a schedule, and the new feature in 5.025 was mapped out a long time ago and has been in QA testing for some time. The new feature in 5.025 is NOT an indication that Astaro isn't fixing the current issues -- they don't drop the ball while they work on a new feature, they have a team of developers working on various things. Astaro is a company, not a couple of guys in a basement hacking out code. The assumptions being made in this thread are simply ridiculous.
-Steve
[/ QUOTE ]
I stand by what i have near the beginning of this thread. It is not ridiculous to question the logic of adding features to a codebase with obvious stability rpboems. I am glad it runs for you just fine at everywhere you have deployed it....but a vast majority on these forums are not. It bothers me that you have to throw a 2.4 ghz p-4 with half a gig of ram at a piece of software to get it to run nicely. Even windows xp is not that demanding.
I have to once again disagree with you steve. Some posts here my be over the top but ..but i am standing by mine.
[ QUOTE ] [ QUOTE ] I have to totally diasgree with you OD..ASL may be ISCA 4 certified and that's all well and good but right now for many users the software while secure is so unstable it is unsusable. Astaro needs to fix the codebase(i have been saying this for a looooooooooooooooooong time) and get it stable before releasing new features. No Astaro bashing..just the facts.
[/ QUOTE ]
If it is so "unstable", then why is it running just fine at every single site our company manages? We're talking lots and lots of sites, all of which I either manage myself or oversee the management of. And then there are the locations we do consulting for, those are running just fine on v5 as well -- if they weren't, I'd have a bunch of network techs barking at me on a daily basis. Yes, there are issues, but they aren't show-stoppers, just inconveniences that have to be worked around until the fixes are out. There were some serious problems with the early releases of version 5, but those are gone.
As far as the decision by Astaro to push out the new feature in the 5.025 release, the assumptions being made in this thread are completely wrong. Astaro runs its releases on a schedule, and the new feature in 5.025 was mapped out a long time ago and has been in QA testing for some time. The new feature in 5.025 is NOT an indication that Astaro isn't fixing the current issues -- they don't drop the ball while they work on a new feature, they have a team of developers working on various things. Astaro is a company, not a couple of guys in a basement hacking out code. The assumptions being made in this thread are simply ridiculous.
-Steve
[/ QUOTE ] that flies in the face of a few updates ago when the codebase was even more unstable where you mentioned you had to stop deployment of ASL because of instabilities. Things have improved..but much more needs to be done.
[ QUOTE ] I stand by what i have near the beginning of this thread. It is not ridiculous to question the logic of adding features to a codebase with obvious stability problems. I am glad it runs for you just fine at everywhere you have deployed it....but a vast majority on these forums are not. It bothers me that you have to throw a 2.4 ghz p-4 with half a gig of ram at a piece of software to get it to run nicely. Even windows xp is not that demanding.
I have to once again disagree with you steve. Some posts here my be over the top but ..but i am standing by mine.
[/ QUOTE ]
Our company is one of the largest and most active Astaro partners in the United States. We've stood side by side with them at Networld/Interop in Las Vegas, we've had input to some of the improvements in the product, we are personally acquainted with much of Astaro's US management, and we have a hotline to Astaro support. You don't have to believe me, but what I am telling you is the truth. Astaro is by no means dropping the ball on fixing bugs, they're not risking destabilizing their product by adding this feature (isn't that really for THEM to determine?), and they are actively and voraciously working on closing out any discrepancy reports. And I will reitirate what I said before: ASL V5 is plenty stable for production deployment. I can also tell you that about 75 percent of the time, difficulties with the product can be traced to configuration issues.
[ QUOTE ] That flies in the face of a few updates ago when the codebase was even more unstable where you mentioned you had to stop deployment of ASL because of instabilities.
[/ QUOTE ]
'Tis true that there were problems in the earlier releases of v5 that were significant enough to cause us to delay deployment. But those days have been gone for months now. Sure, there's more work for Astaro to do, but isn't this always the case for virtually any piece of software? We shouldn't look to Astaro for perfection, we should look to them for action -- and I think they're delivering on that level quite well.
As a network engineer, I work with firewalls of many makes and models on a variety of networks -- everything from the cheap, consumer-grade junk in the stores to Ciscos, Gauntlet, etc. I would take Astaro any day, warts and all, over ANY other firewall. It has an unmatched price vs. features vs. performance ratios that put its competitors to shame. Astaro is the most user-friendly, easy to deploy and administer, cost-effective, feature-rich security solution on the market - period! So what if a few things aren't quite up to snuff yet, we know they're working hard to fix them and it will be fixed soon enough. None of the problems are "show stoppers", either -- just work around them for now. For example, we all know that the content filtering (more often, the web antivirus scanning) is causing some slowdowns. If the slowdowns are a problem, just shut off content filtering temporarily. Life as we know it will not end if content filtering is disabled for a few weeks until a fix is deployed. ASL is quite sound and there's no reason to not use it.
[ QUOTE ] That flies in the face of a few updates ago when the codebase was even more unstable where you mentioned you had to stop deployment of ASL because of instabilities.
[/ QUOTE ]
'Tis true that there were problems in the earlier releases of v5 that were significant enough to cause us to delay deployment. But those days have been gone for months now. Sure, there's more work for Astaro to do, but isn't this always the case for virtually any piece of software? We shouldn't look to Astaro for perfection, we should look to them for action -- and I think they're delivering on that level quite well.
As a network engineer, I work with firewalls of many makes and models on a variety of networks -- everything from the cheap, consumer-grade junk in the stores to Ciscos, Gauntlet, etc. I would take Astaro any day, warts and all, over ANY other firewall. It has an unmatched price vs. features vs. performance ratios that put its competitors to shame. Astaro is the most user-friendly, easy to deploy and administer, cost-effective, feature-rich security solution on the market - period! So what if a few things aren't quite up to snuff yet, we know they're working hard to fix them and it will be fixed soon enough. None of the problems are "show stoppers", either -- just work around them for now. For example, we all know that the content filtering (more often, the web antivirus scanning) is causing some slowdowns. If the slowdowns are a problem, just shut off content filtering temporarily. Life as we know it will not end if content filtering is disabled for a few weeks until a fix is deployed. ASL is quite sound and there's no reason to not use it.
OfficeDefender, you can't just temporarily shut off a feature that's causing problems without repercussions.
Users start asking what the hell is going on and sometimes things like that fly in the face of corporate IT policies. (Sorry guys I have to let porn sites through again coz the filter aint working right, just please don't sue us in the meantime for exposing you to porn).
My organisation isn't that bad (and I decide IT policy), but I know of sites for which those statements are VERY applicable.
As stated in my prior post, something changed with v5, the QC on releases seems a lot worse, (you yourself were getting fed up at one point). And yes it's better now, but some people are still having serious issues.
I'd say 95% of all these whines would go away if Astaro just kept us better informed.
You probably are chatting to them everyday and have inside knowledge, most people here only see what's written on the forum.
Can you tell me when Astaro are going to stop my systems whining to me daily about licensing issues and when we can stop having to custom configure our firewalls so that license counts don't skyrocket when we get portscanned?
[ QUOTE ] Can you tell me when Astaro are going to stop my systems whining to me daily about licensing issues and when we can stop having to custom configure our firewalls so that license counts don't skyrocket when we get portscanned?
All of which are new "features"....
[/ QUOTE ]
Just ignore anything having to do with license counts. Pretend it doesn't exist and make no assumptions. Astaro is still working on this feature and it is not fully implemented or enforced at this time.
OfficeDefender wrote: >Just ignore anything having to do with license counts. >Pretend it doesn't exist and make no assumptions. >Astaro is still working on this feature and it is not fully implemented or enforced at this time.
So why put it in? It does not make sense to me. If they need to test something like this, test it internally. Then, when it's ready to be FULLY tested, beta test it on volunteers and release to public after that.
I'm always ready to beta test Astaro on my HOME machine but lately it seems we've been live testing it in production environments.
Anyway, I've said my bit and that's enough for now. Wait and see what happens. I will only respond on this thread further if someone directly addresses me.
[ QUOTE ] So why put it in? It does not make sense to me. If they need to test something like this, test it internally.
[/ QUOTE ]
Why worry about it? Neither you nor I run Astaro. I'm sure they have their reasons or they wouldn't do it. Just forget about the license count problems for now. Take a sedative, or something ... [;)]
"Why worry about it? Neither you nor I run Astaro. I'm sure they have their reasons or they wouldn't do it. Just forget about the license count problems for now. Take a sedative, or something ... "
I'm not "worried" about it. I'm just concerned that they stuck this in, which to an end user seems pointless and it annoys the crap outa me.
Telling us to "Just ignore that, it's not working yet" is wrong.
It's like a mechanic telling me, "Just ignore that, it's not working yet" when I take my car in for a service and they service it but now there's an annoying ticking noise. Oh bring it back next week, or maybe a week later and we'll finish the job.
Sure it might not be harmful, but it doesnt seem the right way to make software to me.
