impasse with vendor and potentially boss

By keats175 ·

A vendor of ours wants to put a firewall inside my network rather than terminating a VPN tunnel on my firewall for the purpose of transferring data back and forth from the central office of the company to the satellite office located within my organization.

The vendor (a large national company) cites security risks and labor interchangeably as reasons for not working with my network engineers to either terminate the VPN tunnel on my firewall or set-up their firewall under our supervision and then let us change the password. For the latter suggestion they again cite security reasons. So I'm at an impasse.

At this point the question is not what other ways there are to do this as we've explored this and the solutions boil down to labor-intensive options (both in terms of set-up and mantainence ). My question is that it's likely my boss is going to demand I do this.

I feel if this happens I don't have a lot of options and may have to tender my resignation. Whether I leave or not, I am convinced that I should get this request signed and in writing, though the outcome of doing this (officially or not) is really grim for my network (I'm essentially then hostage to this outside company that has from the start treated my and my staff and our network as untrustworthy.)

Anyone out there been faced with similar challenges and what did you do?


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Document your concerns and request written conformation of any

by OH Smeg Moderator In reply to impasse with vendor and p ...

Changes that are Requested/Demanded by your Boss.

You need to remember to only list Security Concerns as a reason not to adopt this setup and possibly the costs involved in maintaining Network Security.

Personally while I don't like things like this for the very same reasons as you if told to implement this I would get the Order in Writing and file it along with my Written Reasons not to adopt this technology so that when the Brown Stuff Hits the Fan and the company is held Hostage you can point to the files stating the potential problems.

Basically if the Boss wants it you have to either deploy it or resign immediately.

But if this is between you and the company what would happen if you told them where to get off and stooped attempting to deal with them any more?


Collapse -

Just apply an access list to the switch they plug into.

by Chris910 In reply to impasse with vendor and p ...

There must be a degree of trust with the vendor or you would not be doing business with them. Allow them to set up their router and then apply simple access lists to their connection point on your network limiting them to the access they need.

Look at it from their perspective: they do not want changes you might make to your firewall for another project to impact their
installation that is functional. They also do not want to have to analyse your firewall settings to troubleshoot problems with their software.

Related Discussions

Related Forums