On 1/20/13, Eric Wieling <EWieling at nyigc.com> wrote: There are very few networking products in existence that haven't had some kind of software stability problem or bad hardware design problem at one time or another; so don't mark down earlier version experience against MicroTik. I can tell you with certainty, that PIX515s crash too, and in certain configurations have very serious stability issues in certain situations; so do ASAs, and just about any router from any vendor. There aren't many non-trivial devices you can't say that kind of thing about. Manufacturer instructions, and running appropriate firmware versions, are very important. If it's a requirement that you have less than 1 crash a year, then that would most likely require something that can be used in a failover pair; possibly two of those PIX 51xx s. Otherwise, there is really no way on earth to have a significant level of assurance of availability. If you don't require an extensive feature set; usually using the simplest device and simplest software possible, will give you fewer things that can break. Using devices with more complex elements, like general purpose computers with spinning disks, would be asking for trouble, even though off the shelf servers that can run Linux are cheap. Make sure the configuration will be simple, a common configuration for the device, and fully supported and warranted by the manufacturer. I definitely do expect the mature appliance products on stable codebases, which have more engineering into them, when used in fully supported configurations to be on average a lot more reliable than some MicroTik components -- but the fact of the matter is you might have the bad luck of the draw, in regards to hardware, even with a competitors' device costing 100x as much. Regardless of manufacturer, some percentage of the components will have defects, it could be a hardware defect so minor that it just causes on average 2 crashes a year.
We are looking for something which crashes LESS than once per year. "had a few stability problems" doesn't give me a warm fuzzy feeling about the product. Configuration management is nice, but how important is it for a device which is never modified and has only one tunnel?
-- -JH