The Water Cooler

Expand all | Collapse all

On the blocking of web sites by client companies

  • 1.  On the blocking of web sites by client companies

    Posted 01-22-2020 07:04 AM
    Edited by Carsten Schmitz 01-22-2020 07:04 AM
    Hi.

    Just a quick heads-up to the deciders at Broadcom.

    Due to increased security threads, our company has now also begun to block access to web resources based on rule sets set by third parties. For instance, it appears that all "online storage sites" are now blocked, and according to the security authority with whom I tried to argue this (naturally) this is non-negotiable. Seemingly I can only argue for access to core Broadcom or Automic domains.

    This means, for instance, that slideshare.net, where CA/Automic has hosted presentations at the time, is now unavailable to us, and other sites may follow.

    So, I am now a +1 to @Michael A. Lowry who has raised this particular issue before.

    While the blocks are certainly a thing that Broadcom/Automic is not responsible for, I ask for your essentials to be hosted on Broadcom or Automic domains. I am particularly concerned about the support portal. If this company adopts a ruleset that will block requests to "wolkenservice" and other (partly obscure) cloud providers, we would be locked out from using the portal.

    Best regards.

    ------------------------------
    These contain very good advise on asking questions and describing supposed bugs (no, you do not need to go to StackExchange for Automic questions, but yes, the parts on asking detailed, useful questions ARE usually relevant):

    http://www.catb.org/~esr/faqs/smart-questions.html

    https://www.chiark.greenend.org.uk/~sgtatham/bugs.html

    I will not respond to PM asking for help unless there's an actual reason to keep the discussion off of the public forums.
    ------------------------------


  • 2.  RE: On the blocking of web sites by client companies

    Posted 01-23-2020 09:13 AM
    I agree with you completely.  An organization having a significant portion of their support services hosted on a third-party domain not only adds another point of failure; it also raises the question of if it has the internal resources for those services to be considered a core competency. 

    Too many organizations fail to take this into account - especially during mergers and acquisitions.  Not enough resources are committed to bringing the organization into the domain. Once they figure out the increased churn rate is due to repeated disruptions / inconsistent quality of service from layers of outsourcing then it is usually too late to try to in-source it again. 

    This is also the case when moving from dedicated support to peer-to-peer/community support even inside the domain.

    As a general rule, they should ask the question if they would find this acceptable for Sales the same as Services.

    IMHO.

    J.W.

    ------------------------------
    "No matter where you go, there you are." - TAoBB:AtED
    ------------------------------



  • 3.  RE: On the blocking of web sites by client companies

    Posted 01-23-2020 09:55 AM
    Thank you Carsten (and Michael) for bring this up.  I have informed Product Management and hope to have a response for you soon.

    Thanks
    Diane

    ------------------------------
    Diane Craddock
    Community Manager, Broadcom Enterprise Software Division
    Broadcom Inc.
    ------------------------------



  • 4.  RE: On the blocking of web sites by client companies

    Posted 01-27-2020 02:13 PM
    Hi Carsten and Michael,

    Thank you both for your feedback and the warning. We will consider the feedback and how we could approach this. Our operations are fully based on cloud services which is not unusual in the market. Slideshare is not used anymore in the company and the Broadcom domain is reserved for the website and email domain. Assets could be shared within Broadcom and PMK will do an investigation regarding how we could approach a share of presentations on broadcom.com in the future.

    Thanks
    Diane

    ------------------------------
    Diane Craddock
    Community Manager, Broadcom Enterprise Software Division
    Broadcom Inc.
    ------------------------------



  • 5.  RE: On the blocking of web sites by client companies

    Posted 01-28-2020 05:21 AM
    Hi Diane.

    As always, thanks for the feedback. Cloud hosting of services is fine and not unusual, as long as all resources are refered to by a Broadcom domain. I believe that's how it'd work, having one's own DNS domains point to, say, EC2 instances or whatever. Cloud providers in the enterprise space will probably also offer this setup for their hosting products, I think.

    Also, I hate to pile on to this and it appears somewhat off topic (but you'll see how it still relates in a moment).

    I just saw that the 2FA emails are classified as spam​ by the (big vendor) appliance our company uses likely because the subdomain it's sending from has no reverse DNS entry. And domains that Broadcom purchased along with Automic and still redirects, such as support.automic.com, have expired SSL certificates (I pointed that one out months ago). Expired SSL certs on domains to one's name also don't look great in 2020. These are just examples.

    Getting all these things right is part of running a companies' web presence in a way that's accommodating to business customers. I humbly submit there's still some areas of improvement with that, especially following the mergers.

    Cheers :)
    Carsten

    ------------------------------
    These contain very good advise on asking questions and describing supposed bugs (no, you do not need to go to StackExchange for Automic questions, but yes, the parts on asking detailed, useful questions ARE usually relevant):

    http://www.catb.org/~esr/faqs/smart-questions.html

    https://www.chiark.greenend.org.uk/~sgtatham/bugs.html

    I will not respond to PM asking for help unless there's an actual reason to keep the discussion off of the public forums.
    ------------------------------