Lots of vendors dismiss support issues without strong data. But if you go to the length of decoding the request, outlining the steps to reproduce etc you can have a much faster experience. Especially with network vendors where 99%+ of their support workload is dealing with client or reseller misconfiguration.
Its maybe a bit trumped up, it smells a bit like MSP marketing but its also at least a little bit warranted?
Actually I was in a similar place with Palo 24 months or so ago, and despite handing them everything they could possibly expect they handed us a workaround (Just bounce your vpn sessions manually when they fail) instead of issuing a patch. However there was a strong argument there that our customer was a bit too dedicated to their wacky vpn architecture and should be doing things differently. Really the kudos here is getting the vendor to perform which I feel is a huge skill these days.
felt the same tbh.. - u won't believe how many trouble previously was needed to go through to get this vendor to acknowledge a CVE >.> - hard to believe this is the whole story.. maybe they learnt finally not to try and shove shit under the carpet. who knows. I doubt it.
Op here. It was but a very muddy timeline... there was also a wildfire cve which I didn't detail due to how it was discovered (long story) but playing responsible is good!
Long story short. We patched the firewall things broke... we spoke to TAC they had no idea kept just saying it was client so we went log digging realised it was a DoS and sent it over to PSIRT and they confirmed it and raised the CVE
Lots of vendors dismiss support issues without strong data. But if you go to the length of decoding the request, outlining the steps to reproduce etc you can have a much faster experience. Especially with network vendors where 99%+ of their support workload is dealing with client or reseller misconfiguration.
Its maybe a bit trumped up, it smells a bit like MSP marketing but its also at least a little bit warranted?
Actually I was in a similar place with Palo 24 months or so ago, and despite handing them everything they could possibly expect they handed us a workaround (Just bounce your vpn sessions manually when they fail) instead of issuing a patch. However there was a strong argument there that our customer was a bit too dedicated to their wacky vpn architecture and should be doing things differently. Really the kudos here is getting the vendor to perform which I feel is a huge skill these days.