But ours is not planned out or determine by any process or comes with advance notices & dates. But we might do things that could speed up and terminate our life-cycle :)
Within fortinet, you have support that can be looked at in one of two ways ; hardware & software.
With regards to the support contracts. Fortinet is obligated to maintain the systems during the life-time of the Support Cycle. So if my little FWF30B should die before it reaches the End of Support, and I have a validate support contract, Fortinet is on the hook for replacing it or doing what's required to make it correct.
One good thing about the fortinet products; They seem to last & holdup quite good imho. My older gear has done great over the course of 6-7+ years now. The only bad thing with the older gear, you don't get the chance to take advantage of new features that's available in the new code releases.
Fortinet almost always add new features & technologies, but constricts these improvement to the software releases and these usually doesn't include support for any of the older hardware due to the model hardware-type, ASIC-type, cpu, memory,disk-storage,etc....
The last order date, means exactly that. This is the extreme last date that a fortinet partner will except orders for a particular model. After this date, you will need to order the replacement model. Your fortinet sales team or security consultant, can guide you to what's best for you and your environment.
Example here's the fortigate 30B models. This is a lowend SOHO device that was designed around the home users who might need a smaller and cheaper Security Appliance. Or the home telecommuter who has more than 1+ devices & his/her home & that needed security services & connectivity back to the main HQ, but didn't want to use the forticlient for vpn access.
The last possible date for extending your maintenance contract is 4 years later ( 07/09/2018 )
And finally, the end of support (EoS ) is deemed at ( 07/09/2019 )
Technically and legality, at the conclusions of the EoS date the hardware is deem obsolete & fortinet will not honor any maintenance actions against this product. If you tried to contact TAC with regards to a problem ( software or hardware ) they will politely turn you down.
As security/network consultant, I'm face with the cheaper and low budget organizations that comes to me for support. When I find their device is out of warranty, has no contract & is EoL. I can only shrug my arms and say " there's nothing I can do for you ".
Also Fortinet will not allow a support contract to be sold or registered outside of the last maintenance date for contract extensions. So even if the Security Appliances is not at EoL, but after the last possible support contract sales date, there's nothing that can be done from a support stance.
btw: Juniper, Checkpoint , Cisco, and others, all works in this exact same fashion.
For software we have another issues to contend with. Almost all software has a "GA" release versions ( general availability ) & guess what? They have a life-cycle also.
What this means, Fortinet will continue to support and build minor revisions or builds against the parent code for 36months. This typically boils down to bug fixes, correction for items that didn't work and any major security fixes. Almost always, they never add new features within that software train from my experience.
So 4.0 GA release will have a MR ( Maintenance Release ) and 36 months later, they will end software support for that maintenance release train. The same for 4.0 MR2 and the same for 5.0 MR1 and so on.
This way they can build faith in the end-user & ensure that they will not abandon the customer by keeping a continual support with regards to software improvements & fixes.
Now why do you need to know this?
From a IT-dept role, you should ask and review the EoS date to ensure the product your buying is not going to be obsolete at any near future date for both software and hardware.
e.g
It would not make any sense to buy a 30B model Security appliances
By selecting a Fortigate 30D model you would have a longer time before EoS; http://www.fortinet.com/products/fortigate/utm-30series.html
Keep in mind the following;
- not all partners/resellers are honest
- some will try to sell you want they have in stock & at that time
- a few seller website will not disclose that the product is coming soon to a LoD or even discuss the life-cycle concerns with regards to that model of Security Appliance that you thinking of buying
NOTE: I don't want to bad mouth any one single partners or resellers, but you should always inquiry about the life-cycle of the product before committing to purchasing any gear. I 've seem some fishy action going along with a few of these folks that are " listed as authorized resellers of brand xyz "
IMHO, you should always protect your interest and deal with an reputable partner. You should always consultant with a security consultant ( at minimum ) or partner before buying any security appliance.
For the a IT director position, he/she should budget for gear change out for new features and for taking advantage of new technologies over the course of <3-4 years of the life-cycle of the product.
Example, maybe your in a healthcare sector, and you know DLP is required for compliance regulations. You aging old cisco PIX is not reliable any more, stuck at fast-ethernet speeds, and lacks any advance UTM features. You might want to leverage buying a single device that can offer DLP and other UTM features.
So by leveraging a single plane of device, you can use a fortigate security-appliance that offers the DLP and at the same time, make a big improvement within your security firewall.
With proper IT-dept design & budgeting concerns, we should include some type of refreshing and renewing of your hardware at every 4-5 years. This will ensure that you are up to date with regards to security threats and compliance.
With fortinet, you can ask for trade-in considerations and/or find out if any trade-in or trade-up programs are in place. The partner will quickly explain what they do offer, and offer any rebate that they can offer at that time. To learn more about this program follow this link; http://www.fortinet.com/promo/trade-up.html
The trade-up program is a way for fortinet to enhance their customer loyalty and to give you some type of price break for being a fortinet end-user. It never hurts to ask.
NOTE: For a good & reputable partner , please look at maxis360 http://www.maxisnetworks.com
Ken Felix
Freelance Network/Security Engineer
kfelix -----a----t---- Socpuppets ---dot---com
^ ^
=( $ $ )=
@
/ \
No comments:
Post a Comment