So that would be the “professional” support? The “enterprise” tier says the “Target Initial Response SLA” time should be 4 hours, rather than “professional”'s 8 hour time.
Yup yup. And honestly, I wouldnt trust what they say timings for support are. They seem to be short handed on the support team.
That’s kind of concerning if they are, since they push you towards buying a three year plan paid upfront; then again, I’m not the target market here, so maybe that’s just a normal business thing to do?
For comparison, how much more does Cisco charge?
Or if you look at Deciso’s pricing, does that look too low:
| Deciso | Netgate | Cisco | |
|---|---|---|---|
| 1 yr | 299 EUR (~358 USD) | 948 USD (bundled: 588 USD) | ? USD |
| 3 yr | 897 EUR (~1072 USD) | 2124 USD (bundled: 1044 USD) | ? USD |
Again, I’m not sure if these are really comparable, Deciso emphasises 2 “support hours” and includes phone support, while Netgate doesn’t mention “support hours” and does not have phone support unless you go to the next tier.
Its good for what they provide, a good firewall with okish support reply times. If you need instant reply times (or near instant) for support, go with cisco.
Yeah, this hasnt impressed me when I first starting using pfsense. But since I knew my way around I havent really had to use support more than two times. But both times have been painful.
Haha. CISCO support is pretty crap too these days. I got the run-around for a week recently for a bug** in a 4500X switch because my symptoms involved VOIP. Switch team hand-balled to VOIP team who confirmed my initial assertion that it was not VOIP related, VOIP drop out was only ONE of the symptoms).
Support/licensing is the major reason I’m looking to ditch CISCO right now.
And yeah, once you factor in a 5 year license/support subscription for CISCO kit - it comes out at about 2x what the initial device purchase price was. I know this because I just spent about $220k on replacement Cisco equipment with depreciation/license/support over 5 years. About half of that cost was subscription/support.
e.g., on a device that can do anywhere close to what pfsense can do in terms of throughput on a cheap x86 PC in the ASA lineup i’d probably be looking at around $20k australian or more over 5 years. That’s a lot of potential lab/hot-spare hardware or consulting dollars.
Never mind that i can also use pfSense (or insert open source firewall of your choice) in dev/test environment for free. And i’m not regularly running up against bullshit licensing restrictions like VLAN count, number of supported IPSEC sessions, or whatever.
Maintaining a CISCO dev/test/lab environment is also pretty impossible. You’re either spending big dollars on hardware, working with out of date/no longer supported decommissioned gear, or using something like VIRL, which has its place but is limited in application.
edit:
** it was a mac address table vs. arp table aging bug. pretty fundamental to the operation of any layer 3 switch. how the fuck is this a thing in hardware/firmware shipped in 2017?
2 Likes