On Wed, 19 Jan 2011 07:08:54 PST, cpolish@xxxxxxxxxxxx said: > Here's another factor to consider: with $VENDOR's kit you can't > get support unless all the released patches are in place. Equally bad - $APP_VENDOR only certifies their product against specific outdated patch levels of $OS_VENDOR. For a while, we had a printing system in-house that under the covers was NT4.0 (in a day when Win2K had already been out for a while). Trying to patch it was futile, as it would (a) usually break the print software, (b) render it unsupported by the vendor and (c) they updated the print software by re-imaging the whole thing, so you'd end up back at the same vulnerable release and patchlevel of NT4.0. (The vendor's intransigence for not supporting current OS releases ended up with us buying another vendor's printer when it came to replacement time, but that took several years of lack of fun). We were also stuck with an instance of Oracle 8.0 when everything else was at 10.0 because a package vendor hadn't certified anything past 8.0. That wasn't much fun either, and the DBAs went out to do some major celebrating when 10.0 finally got certified. :)
Attachment:
pgpYIsL6J58Ox.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/