Letters to the editor: “Microsoft, Cisco not in sync on security”

Also: a stress test of the Cisco Certified Internetworking Expert (CCIE) exam, VoIP call quality can improve with SSL VPN links,’Net neutrality, and more.

Out of sync

Regarding “Microsoft, Cisco not in sync on security”: This really shouldn’t be a surprise to any of us “in the trenches” with either of these vendors. Microsoft has made some dramatic improvements, but the momentum from years of pushing ease of use over security has yet to be overcome. And my experience with Cisco over the past several years is one of arrogance. I took issue with a local Cisco representative after attending a demo where he insisted that I should never install my Windows patches because they just cause problems and his equipment prevented all vulnerabilities, including those yet to be discovered, from being exploited.

Bottom line, if admins are relying on Microsoft or Cisco (or any other vendor) to protect them, and not configuring and managing their network with good common sense, they’re going to have problems.

Eric Mims

Network engineer

Ryan Consulting

Victoria, Texas

Stress test

“Talk about a stress test” gave me much insight into the Cisco Certified Internetworking Expert (CCIE) exam – enough insight to start studying for it. I suggest a similar article on SANS GSE with the background on the CCIE research.

John Jenkinson

Anchorage, Alaska

VoIP and VPN

Regarding “Test shows VoIP call quality can improve with SSL VPN links”: A VPN is handled at the ingress, egress and on the backbone like leased-line, dedicated bandwidth. (Sometimes the service provider will save money by using the old TDM equipment, and then it truly is a leased line.) SSL is just a software-based security protocol (read: more overhead).

If you have a high speed, full-duplex, service-level agreement, you can’t do wrong by VoIP whether you use VPN, SSL, IPSec or none of the above — however, if you don’t encrypt, you could be providing content to the entire Internet. Using VPN will drive up the cost in dollars and overhead, because you need higher-speed, symmetrical bandwidth for each call. If you are using this DSL access for VoIP at a multi-person office, then bandwidth utilization easily could be high enough to appreciably, negatively, impact the response time for all the other traffic over the circuit. You could wind up with VoIP that mimics circuit-switched quality, and pay more to get it.

Stephen Wyman

Network specialist

Texas Department of Transportation

Austin, Texas

Apple of his eye

I enjoyed Winn Schwartau’s article on the Apple MacTel. As someone who has spent many years supporting both Macs and WinTel boxes, I can attest to the accuracy of his conclusions. Hopefully more IT departments will come to the same realizations and save users and themselves time, money and headaches.

Guy Graham

IT manager

Superior Exhibits & Design

Elk Grove Village, Ill.

Formatting counts

Regarding Mark Gibbs’ column, “The format is in the e-mail”: Those from the old school of e-mail don’t understand that e-mail is so pervasive it has reached all corners of society. That’s obvious, but the point is the users are not all techno-geeks anymore. Nor are they necessarily techno-philes. E-mail is used as a tool of persuasion, debate, influence, propaganda, any form of manipulation. That is not sinister, that is what humans (and indeed all social animals) have been doing for millions of years. We use body language to communicate without words and the reciprocal is we try and read other people’s body language to gain advantage. People have written countless books on the art of negotiation. We humans purely and simply love power; need it actually to survive and thrive.

E-mail can be used effectively to influence others, but that depends on how the information is conveyed. Paragraphs help organize information in our minds, but for extensive lists, you really need bullets or numbered lists. Boldifying, italicizing, underlining and capitalizing are also useful for emphasis, as is changing the color of certain words. Tables are even more effective for certain types of numerical or sets of information. If you want someone to read your e-mail and remember what it was you were trying to say, you really need to take formatting into account.

Thomas Manley

Systems engineer

Boeing

Canberra, Australia

Apple coverage needs polishing

I am a little disappointed in your coverage of Apple over the years. I look to Network World for news, views and expert analysis that I can trust. But it seems as though the Apple system (which is not subject to real viruses or exploits, is more robust than Windows and is easier to use) only warrants your attention when news – usually exaggerated or inaccurate – of a “threat” like the OSX.Inqtana.A worm is circulating.

As more and more organizations turn to Apple systems to cut technical support costs and because their workers are sick of Windows with its viruses, crashes, freezes, pop-ups and frequent security patches, it behooves you to give Apple its due and cover the positive.

Mark Sealey

Valencia, Calif.

‘Net neutrality

In her column, “Both sides have a point in ‘Net neutrality”, Johna Till Johnson writes: “Certain types of traffic – voice, video and some interactive applications – do stress the network more than others, and this impact is particularly severe at last-mile broadband links, where congestion is most likely.” Therefore, the control should be with the last-mile “end user.” Let the LAN owner (business) control its own quality of service.

Also, in this virtual world of packets, costs are on a downward trend – so putting money into expanding capacity is better than spending money to restrict supply. For an example, look at long distance phone charges. With competition, the price to monitor, computer distance and time, and custom bill has been replaced by fixed monthly fees. Why? Because it is cheaper and simpler.

Brandon Fouts

Senior systems engineer

Puget Sound Regional Council

Seattle

I agree in principle with the notion that ISPs should be able to charge more to carry applications that stress the network (more packets per second, higher prioritization, more stringent QoS). But given the strong not-so-hidden agenda of the ISPs – to preclude others from providing applications the ISPs themselves want to provide for the revenues they produce – who will police the charges imposed for stressing the network? Is there even a good model of what extra packets per second or prioritization costs an ISP? In a deregulatory environment, who will audit claims about the cost of the extra stress – or for that matter, the claims about network harm? What compliance monitoring will be done, and what will be the punishment for unreasonable charges? If your answer to all this is that the marketplace will reward those companies that price stress correctly, then we didn’t need to worry about net neutrality in the first place, because the marketplace would reward the competitor that provided open access.

My concern is we are coming face to face with the consequences of having lost the concept of common carriage, in which carriers provide unbiased transport independent of the affiliation of the applications and content providers that use their networks. We may yet pay a big price for distorting the Internet model by having rewarded the telcos’ intransigence in providing open access to their networks and uncritically accepting their superficial arguments about disincentives to invest when such open access is required.

Robert Mercer

President

BroadView Telecommunications

Boulder, Colo.