Slashdot Mirror
Ask Slashdot: Dealing With an Unresponsive Manufacturer Who Doesn't Fix Bugs?
moofo writes: I've had huge problems with a security appliance since its installation. Specifically, the VPN SSL client is causing a problem for the majority of my remote clients. The company acknowledged the bug, but they are jerking me around, and no resolution is in sight. I tried third-party clients, but I'm wary of using them since they are not distributed by the manufacturer, and they require some maintenance to keep working properly.
I also talked to various executives at the company and besides giving me apologies, nothing good is coming my way. It's been more than two years (on a three-year subscription that I can't terminate early), and this is continually causing me trouble and aggravation. It also makes my internal customers unhappy. How do you deal with a manufacturer who doesn't fix bugs in a reasonable time frame?
I also talked to various executives at the company and besides giving me apologies, nothing good is coming my way. It's been more than two years (on a three-year subscription that I can't terminate early), and this is continually causing me trouble and aggravation. It also makes my internal customers unhappy. How do you deal with a manufacturer who doesn't fix bugs in a reasonable time frame?
One way is to give the public the name!
That may give you some rights. Post a link to the EULA, please.
If you have a legitimate beef with the manufacturer, why hide their name? You might find others with the same problem.
There is a simple and proven method.
Publish the information.
Why not just bad mouth them. If they get a reputation for poor service, then so be it. This shouldn't be anyone's first approach, but if you've tried for over a year and they're not living up to your expectations, then they squandered more than one chance to do better.
You chose your vendor poorly. Hope you learned from it. Next time choose a standards based VPN solution that works across many different platforms and clients.
If your company is large enough, have a quick chat with your legal department. A 3 year support contract that isn't providing you with any value is something that's worth addressing. A brief letter from your legal counsel ought to result in an interesting response (whether or not it results in action is another thing entirely).
consult a lawyer. Give them the option of fixing the bug or giving you enough money to replace them.
If they won't fix an acknowledged bug, and you have documentation to that effect, withhold any payments.
They'll either fix it or let you out of your contract.
If you've already paid them, start planning the rip now.
If you're trying to get slashdot to finally deal with some of their old bugs, I'm not sure that shaming them on their own front page is the way to do it. Granted, the exodus of users hasn't done it, either...
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Works with IPSEC standards, iOS, etc. Only costs you some time, and if you have any sort of street cred, it should be easy.
Give us the name of the company and the exact model number giving you the problem.
Post it on Reddit and Digg too.
You may not get your problem solved, but you will be doing a service for the rest of us you don't buy the crap.
Offer money. If uninterested, offer more money. Repeat until desired result obtained.
Read the contract carefully and sue them for breach of contract. You do have good documentation of the problem and your efforts to get them addressed, don't you? If, not, start creating your paper trail NOW. Depending on the size of contract, jurisdiction, etc., you may be able to take them to small claims court which may be quicker.
Otherwise, shame them by publicizing their name and behavior on sites like yelp, consumerist etc.
Here are your choices:
I tend to prefer the third option, although I've registered my displeasure on BBB on a few occasions too.
You may not be able to stop paying for the contract (be sure your next one is better worded, though), but you can stop using the service — as soon as you find a replacement...
In Soviet Washington the swamp drains you.
Just stop paying the subscription and inform to them upfront that you consider them to have terminated the contract through their own negligence. Go elsewhere.
Unfortunately there is not much that you can do at this point. Try to mitigate the problems if you can. In future, you must make a contract that prepares for things like this.
Make things uncomfortable for them publicly, and who knows, maybe you'll encounter a few other of their customers who are having similar experiences that will help pile on to get a solution fast-tracked.
OK, so there's a major bug. It's causing your device not to work as required, or as promised. They are unable to fix the bug.
That about the size of it? If so, talk options. "Look, your product doesn't deliver for me. I don't think either of us wants to end up in court, but it looks like the time has come for us to go our separate ways. I'd like you to agree to terminate our subscription early." Frankly, it doesn't matter what your EULA says - contracts only wind up in court if the relationship has failed beyond all recognition. Negotiate a settlement that's good for both parties - they agree to let you out of the contract, you agree not to actively denounce them publicly and promise not to sue for (for breech of contract, for breech of implied warranty, for breech of good faith and fair dealing). Or they agree to fix the bug, and suffer financial penalty if they don't deliver. Or whatever else makes sense.
If they can't deliver, and they admit it, TALK to them. If you've actually spoken to execs, tell them what you want, and negotiate something. This is business, not personal. Have a grown-up business conversation about you continuing to pay for a product that can't deliver. Ask for a meeting, bring your in-house counsel if you have one, and present options. Don't go nuclear until you've tried that.
If they won't do that, they your options are either of the legal variety, or to suck it up and deal.
It's been more than two years (on a three-year subscription that I can't terminate early)
So, you're worried about upholding your end of the contract even though the other side isn't upholding there end? Or did I miss something?
Do you have ESP?
Look you got burned. But end it. After 2 years they have made it clear they do not care to fix or can not fix it.
Make it clear to the provider of the hardware they suck and no future business will be coming there way. You can even rub it in and make them give you demos and dinner if you are feeling a bit vindictive. Make it clear you are shopping. You can get away with this because of the next steps.
Setup a budget for next year. Start off with a rough 'order of magnitude'. Present your case to your upper management. Buy/rent/borrow (the last is best if you can pull it off) demo hardware. Build a demo setup to prove to yourself and your upper management.
They are not going to fix it. Make it clear to your CTO/CEO they are screwing you.
This is going to be embarrassing. Especially if you recommended the solution. However never present it as 'pointing fingers'. Just put it in money terms. "If I had not came in to fix this it would have cost us XYZ" "You recommended this?" "Yes on the promise of our external vender they would help they do not appear to have the capacity any longer to do so we need to keep our business going and not depend on these guys"
Then offload the hardware onto some other sucker on ebay to help defray the costs.
Even at this point if they fix the issues. They are not a good vendor for you. Get rid of them.
Q. How do you deal with a manufacturer who doesn't fix bugs in a reasonable time frame?
A. Unfortunately my boss (Uncle Sam) generally answers this question by rewarding the manufacturer with additional contracts.
Rule #1 Always do your research on the Vendor before purchasing a product or signing contracts with them. But the reality is that businesses(including health care industry as a whole) in this country just don't give a damn about the consumers it's all about getting as much $$$ as they can for the shitty product or services they sell. This has always been an issue in the U.S and this is why the Japanese took over the U.S Automotive industry so easily. The majority of Japanese products are of better quality.
Proper escalation goes something like this:
0: Make sure you aren't doing something that's going to get you sued / fired. Meaning if this is already on your plate, I hope your manager knows about it. Tell them that you are going to be talking to legal/purchasing first about stopping the bills being paid. AKA "never make a threat you can't carry out".
1: Call your sales rep. Tell them that you find their product unacceptable, and you are withholding payment on the contract until such time as you are provided a list of fix dates, workarounds, etc for the product. Be sure to provide a list of the bugs as you understand them, listed in priority order. Be reasonable -- if you have ten bugs and items 1 and 2 are causing the most grief, it might be reasonable to accept immediate fixes for those, but the other ones my need to wait longer, or you can agree that they can be closed.
2: Start lining up a bake-off of similar devices now, to prep when the contract runs out, and start testing them with the people who found all the bugs in the other one. If the original vendor is unresponsive, switch off their device early. It may look like crap from the financial side, but depending on who and what is riding on this bit of equipment, better reliability / less bugginess / etc may have an immediate ROI and it might be worth it.
Other tips:
Never curse, lose your temper or be less than professional. Save that for when you get off the phone.
Schedule an in-person meeting if possible. Barring in-person, phone. Emails don't convey urgency well.
If the sales rep doesn't give you satisfaction, call their boss, then keep on working the way up to the top. Top managers do not like it when their lower level managers aren't doing their jobs. They want to concentrate on long term, not stuff like this. Make them irritated enough and you will have the management chain ensuring you go away because you make them look bad -- but this is the flip side of the "being professional" bit -- if you keep using words like "unacceptable", "does not meet advertised uptime numbers", "does not match your published specifications", "crashes when XXYY happens", you stay on issue. If you go off issue into raving lunatic, cursing land, you lose your credibility and are dismissed as "angry customer", not "that guy who has a legit list of 10 major bugs and who has his lawyer and finance department witholding payment".
During install and setup, I noted a couple inconsistencies; and contacted support. They indicated that I did not need to worry about it (the problems). The device is designed to handle more than one incoming high-speed internet line.. and to load balance and fail over should one (internet line) stop working. My primary (Comcast) failed; and the united did not 'fail over' as advertised (Also the problems from long ago now were obvious: The unit failed, and the 'fail over option' never did work as advertised).
I contacted support: the unit was out of warranty; did I wish to purchase another?
Company sells product. Check.
Product has issues. Check.
Company is unresponsive to problems. Check.
Company has you locked into support contract. Check.
Bummer, dude. But what you're describing is pretty much what any of us in the software industry have been seeing for a long time -- the salesman is always lying to you.
Out of curiosity, did you do your own extensive testing and have your legal department put penalty/early termination clauses in? Or, have you become victim to believing what the sales guy told you?
I'm betting half the people on Slashdot have worked at companies where the sales people sold impossible things which don't exist as sold. And the other half has worked for companies which have bought stuff which didn't live up to what the sales guy said.
I'm afraid I have little practical advice for this specific question, but I've seen more than enough examples of the sales guys really stretching the truth about what is real .. to the extent of being quite certain they took the buzzwords from several separate products, turned them into one list, and then claimed they were selling you something which checked all the boxes -- even if there was no way to connect the pieces.
And I've had numerous friends who have been tasked with building something the sales guys sold, only to discover there is no documentation, no resources to turn to, nobody has ever actually done it this way, and there's one guy who costs $4k/day who can be hired to come in and set it up ... if anybody can find him, and assuming he doesn't look at what the sales guys sold and say "wow, I don't think it does that".
So, the moral of the story is ... hang the salesman out the window until he can provide a working system, and make damned sure your legal department is building in clauses which protect you when you realize that you've been hoodwinked.
I've had more than a few vendors after the sale admit that, no, it doesn't really do that, but for our ridiculous consulting fee we can build something which might almost do that.
Lost at C:>. Found at C.
So CheckPoint brushes you off too?
If he had chosen a standards compliant open-source VPN solution, then he would not have to sue. He could hire programmers to fix the problem himself, rather than hiring lawyers to sue the company and hope that someday two years from now the problem is resolved.
Even if the existing one is still under support replace it anyway.
I had a similar issue with Citrix Access Gateway (which is SSL VPN) and OS X clients. Took support more than 1 year to find the problem and provide a workaround (root cause not fixed more than 2 years since I first reported issue).
Users hated the VPN, some still do even though the workarounds fixed most of the issues. I had another plan at the time which was to use our SonicWall systems with client software from www.vpntracker.com (official recommendation from Sonicwall) though it is ~$100/user I think. Fortunately we were able to nail down the main problem with the Citrix VPN for OS X users.
Once Citrix was able to reproduce the problem (which as I said took about a year, escalated to the highest levels internally) they provided a workaround fairly quickly. They were responsive and helpful the whole time, I was frustrated they couldn't reproduce the issue for the longest time but in general satisfied in that we did finally trace the problem and get a workaround. They never told me to go away, never told me they weren't going to help etc..
I have had another issue with Citrix on a memory leak in our load balancers which is just about 1 year and counting, they have been unable to reproduce that one as well, memory dumps, support dumps, logs etc nothing has provided insight as to what is causing the load balancers to leak memory like crazy.
(posted as AC since I don't have a slashdot account, been reading for 15 years but posted maybe 5 times)
In rare cases, you can still pay people for a subscription you don't use and use an alternative instead. e.g. Use an open source piece of software. The only small hitch is that usually executives mandate something be used if they pay for it. Which is why these cases are rare.
While I agree with gist of your sentiment, you're making the assumption that the submitter was able to make the choice of vendor. Not all of us get to choose which technologies we're required to support. Maybe a pointy-haired boss told the guy to go with the vendor because his buddy, the vendor's CEO, let's him win at golf.
This is America! Be a good patriot/consumer and STFU! Corporation Banks and hedge funds are your betters and should be deferred to in all circumstances.
Simple: file a Bugzilla report on them: that will definitely get the word out!
Most vendor contracts in my experience have long, obtuse and legally dense clauses in them that seek to prevent customers from discussing publicly issues with the product, and setting maximum compensatory relief for lost business and costs as the initial purchase cost of the solution.
However, many of those clauses are also not enforceable under the specific state/federal (or in the case of Europe, EU) laws. The only real way to know what you recourse is within the terms of the contract is to get advice from a contract lawyer first of all, about which legal jurisdiction would be available or need to be used when seeking redress, and second from a contract law expert in that specific jurisdiction about what your legal options are.
The only way the vendor is going to give a damn about you as a client is if they are facing some kind of legal action for not addressing the problems. Their EULA ? Vendor Supply Contract will include a clause that problems with the system are not grounds for legal action or compensation, but those are almost always worth less than the ink used to print the text. If the threat of legal action does not work, and the cost of pursuing actual action and compensation is worth more than the cost of the solution, then probably the only courses open to you will be to you are junking the system and paying up the remainder of the contract/early exit termination fees, or living with it for another 12 months.
Either way, more thorough and extensive pre-acceptance testing next time might be in order. Learn where your client went wrong with the evaluation of the existing solution, and correct those mistakes when evaluating the next.
...Is a major reason the GPL and free software / open source movements exist. Remember proprietary Unix and its tool support in the 1980s?
you had me at #!
If your possibly looking for the vendor name... there is one listed in the stroy tags. (or was that a generalization)
... You're a guru, right?
Someone in that company gives a shit, you just have to find them.
Do some homework and start climbing up the ladder using the telephone. No emails for now.
When you hit on someone who's going to help, THEN send up a followup email. Copy your management if applicable.
"I enjoyed our telcon this date, Joe, and I am looking forward to the assistance you have offered in resolving this issue, including your promise t (blah blah).
As we discussed, I can expect resolution by (date) and I will followup by phone (post phone number).
We both want what's best for our firms and your help is greatly appreciated."
If that bastard falls down, climb higher.
Lather, rinse, repeat.
It little behooves the best of us to comment on the rest of us.
Because he might want to have a decent relationship with them? Other then this issue, it might be a great product, might be getting a discount and so on.
Future relationship?!?
So they can buy *more* products with bugs an unresponsive support in the future? I can see why you'd want to protect *that* relationship...
"It's been more than two years (on a three-year subscription that I can't terminate early), and this is continually causing me trouble and aggravation. It also makes my internal customers unhappy."
Get a lawyer.
You're paying for a functional service, the bugs are not included in that contract. Even internet providers have clauses that state you can leave the contract penalty free or get reinbursed if they don't have at least 97-99% uptime per month.
Also, put up their name. They're causing you to lose business, do the same for them.
Vote with your boots. Either kick ass or walk away or both. If you can sue, do so. Find out what your legal remedies are per the contract you signed. I presume that's why there was a contract rather than a handshake. Make it clear to your sales rep that you will not be renewing your contract unless the issue is resolved in a specific amount of time. Business isn't for friendships, and sometimes you have to burn some bridges.
Which has more power: the hammer, or the anvil?
According to OPs slashdot profile, his personal website is: http://www.moofo.com/ He has a posting on there about purchasing a watchguard in 2012, their buggy SSL client, and the ineptitude of Watchguard support. http://www.moofo.com/2014/07/1...
I bought a USB temperature reader and the software that came with it would not even run. After 2 weeks of complaining to the manufacturer (in China) I complained to the website that I bought it from. The software was fixed the next day. It turns out the supplier (also in China) had a close business relationship with the manufacturer and basically told them to fix it. I never quite understood how they could let it get to the point of burning software CDs with software that didn't work at all.
1) Get a copy of the contract between you and the vendor. Read it and understand it thoroughly. Read it at least 3 times. Use a highlighter. Does the contract give you an out?
2) Retrieve any correspondence between you and the vendor and your users that you have. Dig deep. Don't forget those post it notes you may have with info. Don't forget invoices, payment records. Leave nothing behind.
3) Compile everything all correspondence you have into a single chronological document. Note in it when you have failed to or fully fulfilled the terms of the contract. Do the same thing for the vendor.
4) Compare the contract to the noted events in correspondence document. You need to see if you have fully fulfilled the terms from your side of the agreement as well as has the vendor.
5A) Contact your legal department. Have them review it and explain the costs to them if they ignore it.
5B) If you don't have enough yet, it is time to trap the vendor by using terms of the contract against them. Contact them for support using terms from the contract as the language for your assistance. This can be tricky in that you will not be trying to tip your hand. You should be dealing with support staff and their supervisors. Be very precise in your requests for assistance. Again, use the language of the contract as how you talk to them. Once you get enough here then proceed back to step 5A.
6) Start drafting specifications for the next bid/contract for this particular need. Be specific as possible in the most open sort of way. Drafting specs is very difficult to do correctly. The word MUST is key for you. Avoid the world SHOULD as much as possible. SHOULD will cause you grief beyond belief. The vendor will abuse this word more than you can believe. You are trying to leave the vendor very little wiggle room for problems but open so they can provide the latest technology. Again, you have to be careful here to make sure you don't make it too open so the vendor can force you to the latest version that may not be ready for prime time. It is a very difficult dance. Best to assume the worst of a vendor and how they can abuse the terms in their benefit. Write terms to close up and eliminate these potential abuses.
7) If legal doesn't want to touch the current contract, then your option is to ride it out. Keep documenting things though. You will need this later.
7) Once the contract has ended (time or terminated early for non-performance), put out the new bid to vendors. Make sure you have performance metrics specified for the review process. Be open with the vendors so they know what is happening. Remember those things that you documented earlier? Use them here to exclude your problem vendor. With enough documentation they won't put up a fight when they lose the bidding process.
8) When the new contract starts, so does the documentation. Do it comprehensively. Leave nothing out because you will not want a repeat of what just happened. We know it can and may happen but at least you will be in a position if it does to be ready for it.
I have lived this the hard way more than once. Once I accepted the above while the vendors never seemed to change attitude, the ability to terminate contracts and eliminate them as future vendors became far easier. Eventually doing this you will find people you can trust (but verify) to a degree.
For VPN it's just the same. I've been dealing with Cisco AnyCrap VPN for the last 4 months and our problem - establishing a network-transparent VPN access to a remote share to deploy software without Cisco Malware (TM) hijacking our netconfig - still hasn't gone away. Naturally. The fuss is mostly politics (90%) with 3 parties and 15 individuals involved pushing responsibility around and fussing with bullshit that would be fixed in 30 minutes if they'd actually deliver what we need, but I guess that's the usual problem.
Moral to the story, once again, as has been for the past 2 decades:
Never, ever go with proprietary solutions and vendor/service lock-in for mission critical stuff!
That aside, how does your contract look? Is it Lawyer-time yet? Perhaps you should start playing 'legal-ball' or at least start writing snail-mail solicited letters as to indicate that you're pissed and won't take this much longer. Can actually work wonders.
Good luck. And don't forget to add "OpenVPN Compatible" into your next contracts.
We suffer more in our imagination than in reality. - Seneca
Welcome to the new world.
I am aparently one of the increasingly few Software Engineers that does acutally believe in the overall business benefits of only releasing well-engineered software and not treating your customers like Alpha testers,
As such I am becoming more and more disillusioned about my chances of ever working for a company where all the managers are not just always looking for (and rewarding) ways to push some barely functional piece of badly engineered shit out the door as soon as possible, and only investing effort in coming up with new excuses to ignore customer complaints.
You may notice that since we have no details about your problem you won't get responses specific enough to be useful.
Problem with your remote clients... What does that mean?
Try security.stackexchange.com and be specific.
In America, the truth is an absolute defense against libel/slander. As long as you have documented your accusations, you have little to worry about.
Except for perhaps going bankrupt defending yourself. Being right isn't worth much if you get put out of business proving that fact. Accusing a large company with flesh eating lawyers of anything publicly can result in a very costly lawsuit regardless of the merits of the case.
You are two years in out of three.
So after swimming more than half way across the ocean you are thinking of turning around? Why not just complete the swim and move on?
If you think your security appliance is bad, wait till the management hears about the tech support appliance used by your IT. It seems to consist of posting a vague statement to Slashdot and hoping to get a solution. It is not how IT is done, buddy.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Or he could just buy something that is known to work and have good support. Cisco, Juniper, SoncWall (maybe) and others come to mind.
In a civil lawsuit, all the filing costs are paid by the plaintiff, not the defendant.
Filing costs maybe but not lawyers fees which always account for the bulk of the cost of any lawsuit aside from any adverse judgements. Filing costs are a rounding error.
If you know you spoke the truth, and you have solid evidence to back that up, then you really don't need a lawyer.
HAHAHAHAHAHA... If you believe that you are an idiot and have never been on the pointy end of an actual lawsuit. This isn't an episode of Judge Judy we are talking about here.
Dealing With an Unresponsive Manufacturer Who Doesn't Fix Bugs?
Dunno, it's a good question. But I'm sure that someone at slashdot can answer it with the same reasoning that they' use to still be apparently trying to roll out the beta design, despite the fact that some of it's own users (customers???) have in their sig, "FUCK BETA".
Politics; n. : A religion whereby man is god.
You may have some legal recourse in this. You've paid for a specific service in subscription form and the vendor is not living up to its obligations. I would consult the company's legal department.
Socialize the bug. The bigger the audience, the better. I suspect that this is especially important with security issues. Argue that of the three legs of security, the bug violates "availability" if the users can't use the service. Also remind the vendor that even if you can't get out of the contract, you have to provide the service, so you will be forced to seek a different solution.
Back when Usenet was still a thang, I was the primary sysadmin for an SGI shop. Some version of SGI had upgraded NFS to some new version but had not updated lockd. File locking over NFS between Sun and SGI machines ceased to work. SGI engineering argued that there was no compelling new functionality in the new version of lockd, so they had not bothered to port it, and besides, "it works for us".
I complained bitterly about this in the appropriate Usenet groups, with analysis and examples. A few weeks later, I was contacted by our sales engineer with a patch, just for us, that fixed the problem. The very next OS release the patch became standard.
Point is, arguing the facts with the vendor did not get the problem fixed. Publicly rubbing the vendor's nose in it did.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Then I've a simple fix: use a different VPN solution.
WatchGuard has offered clients using SSL VPNs and IPSec VPNs. The WatchGuard device likely supports both. Simply check a box in WatchGuard's interface to make sure that both VPN types are enabled. Then have the end user machines install the other client.
We've found that the cause of the issue is not necessarily the end user machines, but the networks they are connecting from. To be safe, having both clients installed is a good thing. Note that client workstations may need to be rebooted.
Sensible? Not really. Did it work reliably? Yes. Using one piece of client software or the other, we could get workstations to connect successfully.
Then, see earlier comment for a long term solution.
Get off slashdot and call a lawyer.
I'm working for a company that provides services.... and here's my experience with this
The customer asks to get a high-level person from my company to speak to them directly... asking them to acknowledge the issue and provide an estimates of resolution. In which communication, the provider side also promises to provide a periodic update until resolution is reached. After a certain threshold is reached and the solution is not developed, the customer will cease all funding/payments and escalate all the way to the very highest person in both organizations. This is how you pressure the provider side to live up with their products/services...
Anything less than a several tens or hundreds of thousands of dollars device you can forget it. And even with enterprise grade stuff few bugs are ever really addressed let alone in any timely manner. They will do nothing unless some big retailer gets screwed by hackers and they can point conclusively to THAT device. Otherwise it's like auto recalls. Usually and until the company's name is already being harmed it's cheaper to kill people.
Get a spare server (2 at least) and deploy OpenVPN.
Seriously. Two years into a three year contract and they haven't provided what is advertised within a reasonable effort?
It's only been just under a year for the company I just got hired on, I found the website isn't working as advertised, and was never meant to (hard-coded HTML as placeholders, unable to accept AJAX input from my auction plugin despite them saying they could do it) and we're already lawyering up.
We've already been hit with tens of thousands of dollars in losses because of the site - you better believe you're getting hit for as much and you need to be contacting a lawyer as this is going beyond small claims court.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Is it by chance Dell SonicWALL? I've had nothing but problems with their Global Client VPN (IPSEC) and Netextender (SSL). Global Client has frequent RDP freezes but the sessions resume. The Netextender has extremely slow file transfer speed. I've had 2 cases open now with them for 4+ months. It's taken 2 weeks to attempt to get them to escalate the case. I still can't get an escalation manager to call me back.
The company may have sold off the product line. Another is that they are trying to force an upgrade to the newest and latest client, and deprecated the existing.
Sorry, but this is your fault. They'll cover what's in your service contract.
In there you should have very specifically, what is considered reasonable performance. What is a bug. What is not. And how long they have to remedy that. If you don't, that's your own damned fault. If it is in there, and they aren't living up to it, then your lawyers should be talking to theirs about a financial remedy which should also be spelled out in the contract.
Is it Untangle?
Their update for the v10.2 release changed the OpenVPN configuration (the tunnel interface can now be NAT'd -- and is by default, even if it wasn't before), leaving some of us frustrated trying to find what wasn't working. If that's so, you have three options: adjust your network settings to account for NAT, disable NAT on the tunnel interface, or (recommended) switch to the IPSec VPN option. IPSec just works better anyway. I know my users have been a lot happier, and I've preferred not needing to distribute a client at all for most users.
Does that saying apply to lawyers too if they get sued? Maybe they would end up making stupid mistakes because of the emotional involvement?
Lawyers do seem pretty good at the job security game: make the system very complicated and convince everyone they need lawyers. Software houses should keep this in mind and not try to focus on ease of use. :-)
According to OPs slashdot profile, his personal website is: http://www.moofo.com/ He has a posting on there about purchasing a watchguard in 2012, their buggy SSL client, and the ineptitude of Watchguard support. http://www.moofo.com/2014/07/1...
Request a meeting with their executives at your offices to discuss the issue. That should send a clear signal that you're not happy.
As for the discussion - it all depends on what you want, so figure that out first. You might want to get legal advice too, just remember that negotiations aren't limited to what a court could enforce.
I remember watching a movie about Alan Turing where his therapist asked him to describe some top secret work he had been doing, which he obviously was not allowed to share. The therapist suggested that there are many to communicate - such as dreaming. Where I'm going with this is that perhaps if you told us about some dream you had the other night, which incidentally happened to involve company xyz doing acb, then this recounted dream could not be held as libel. Then again I saw this in the moves so I don't know.
I deal a lot with clients who have compliance requirements such as PCI. This sort of thing is an endless source of grief, where the, "it doesn't matter, it's just an appliance" phrase comes up all the time. You have devices put into PCI-scoped network zones to do a job, but which are either using a dusty version of a commodity OS under the hood, or don't support a bunch of requirements like account controls such as password complexity and account lockouts.
Being big-name security appliance and networking companies, it's tough to justify taking them all out back to the shooting range. But I'd love to...
Also I'd look at moving to another solution. The VPN gives you access to sensitive parts of your network. It should be one of your most secure components. Having the vendor dragging their heels refusing to fix bugs makes me think what else aren't they fixing. Are there vulnerabilities they're sitting on (similar to heartbleed etc)? That would make me run a mile from them. Write off the last year of the support contract if you have to, but find a supplier that'll actually be secure.
So your suggested solution is a time machine and self-support?
I'd like to introduce you to Bossy, the Spherical Cow.
Welcome to the Panopticon. Used to be a prison, now it's your home.
Sonicwall is planned obsolescence at its finest and most sinister.
-
Comment removed based on user account deletion
If you believe that you are an idiot and have never been on the pointy end of an actual lawsuit.
I may be an idiot, but after 30 years in the software business, I have been involved in many lawsuits. Most were about IP law, but some involved employment, and contract law. I used a lawyer when I was the plaintiff, and I used a lawyer if the case was complex and the stakes were high. But for routine stuff, I represented myself. In more than a dozen instances, I only lost once, which was an employment case. I fired a guy for stealing money from a postage meter, and refused to pay him severance since it was "for cause". The judge disagreed, and said I couldn't withhold severance for stealing unless I had filed a police report. So I had to pay him four weeks severance, which was way less than I would have paid a lawyer even if I had won. The thief/ex-employee also represented himself, so even this instance wasn't a case of "you need a lawyer to win".
Why not just fork the project and cut the bad vendor out of the loop. You do have the source code right? And it's GPL licensed?
Depending on the contract you may only be paying for the right to use the applicance as it was when the contract started.
"We have a deliverable! Congratulations, you're fired!"
If so, that's who you should be talking to about this. As soon as you even mention involving a lawyer this kind of crap tends to get fixed very quickly.
If your business needs a working VPN and your current supplier isn't capable of providing one you must to cut your losses and procure a new solution. And this time get someone who knows what they are doing to run the procurement process. Once you have the working alternative in place let your lawyers try to recover costs if you must. But my experience, which is that the behaviour you are experiencing is what happens shortly before the supplier goes bust. Namgge
is such a case, he should make the "decider" aware that this particular vendor is a problem and is not fulfilling the contract.
First, discuss your issue with a few competitors, get quotes. Ask for a competitive discount.
Second, If you're paying a monthly, tell the bean counters to withhold it. Let the support staff know the ticket needs to be escalated, and that until the issues are resolved, you won't be paying them. Most appliances are on a 3-year anyway so you're probably bitched here.
If it's a large scale enterprise deployment worth millions, involve the lawyers and the beancounters. They will do 90% of the bitching and harassment work for you.
Finally, throw their shit out and move on.
If a vendor doesn't deliver, go somewhere else.
When a certain Jeep owner couldn't get Chrysler to admit that there were numerous manufacturing defects with his Patriot nor get Chrysler to fix them, he invited 100 of his closest friends to publicly demolish the vehicle for $200 each (which went to charity). And videoed it. After all was said and done the remains were hoisted onto a pile of wood and set fire to. And the videos posted to YouTube.
Assuming said bug affects the services they agreed to provide you can get out of the contract. If one party fails to uphold a contract the other party may render the contract null and void.
(IANAL, depending on location, all that yack yack yack)
You are two plus years into a three year contract on a product that is alienating your customers.
You can always terminate a contract for non-performance.
If you don't want to lawyer up for a letter to the manufacturer threatening to terminate the contract for non-performance, then send a letter threatening to switch vendors. Then switch vendors. Don't provide financial support to a non-performant vendor. Sever your contract or eat the costs. But switch vendors and be open and vocal about the fact and the reasons for switching. "Vendor so-and-so's products are so bad, I willingly paid extra not to have to use them. We experienced problems A, B, and C. The company repeatedly ignored reports of these problems. They left us no choice but to switch, despite the costs involved."
You don't have to spend too much time complaining about them. Just walk away and take your money with you.
If it's anything like many such big companies the customer service team couldn't tell the difference between a bug and user error to save their lives. The're probably also under pressure to admit no bugs - which is easy, because the software is bug-free until the instant a new release is made, anyway.
I wouldn't be surprised if the dev team used the mailing list to bypass the customer service people as well. That way they can actually find out about problems from customers without having to interpret reports filtered through four layers of idiot between the customer and the dev team.
I have the pleasure of working for a company where the dev team ARE the support escalations team and keep an eye on support contacts. Of course, we're small, and that doesn't scale, but we're also not afraid to say "I think that might be our bug, let me look into it."
Naming names?
His experience perfectly matches our experience with WatchGuard.
Here is your one choice between three options:
FTFY
Install openVPN on a server somewhere. Get your company's legal people do get your support money back. job done.
In my business, we keep a spreadsheet of company names and websites we call "NEVER AGAIN." We check this list before every purchase, to make sure we're not buying from vendors of unreliable products (e.g., WiFi adapters from StarTech), those who don't have responsible software update policies, or those with unreasonable policies (e.g., No returns after one week).
I do not live in fear of legal retaliation. If, for example, StarTech wants to sue me for my opinions about their products, I will stand on my First Amendment rights in the U.S.A. to express my opinion. We also keep scrupulous records when we attempt to install new products (in the case of Startech, they don't even supply the latest versions of software available from THEIR supplier; we logged every version of software we tried).
The only way to punish these kinds of vendors is to deprive them of our revenue. The larger the company, the less likely they are to take customer dissatisfaction seriously (e.g., AT&T)...with some notable exceptions (e.g., Dell).
Just tried to post to another thread as AC and failed because the code word was longer than the field for the entry. Is that a bug? Is the beta UI a bug. I closed my longin to Slashdot when a thread from yesterday set the beta UI by default. I don't like the beta UI, for one the markers that distinguish different parts of the UI are all lower contrast than the current UI and harder for a visually impaired user to see, and another is that the styling is wrong, it has lost some of the styling for quotes. Slashdot should adopt the Markdown standard for comments and move away from a Facebook style.
....after consulting with a lawyer. Services were not rendered and for that reason you should not feel obligated to pay full price. And terminate the contract early. If an employee does not do the job you can fire her or him, same applies to a vendor. Given that you talked to the top brass it should not come as a surprise to them. Leave it at that. While public shaming is a powerful tool it also comes with a long tail that will spell trouble for you and your company. Assuming that the vendor treats other customers the same way they will sooner than later find out that their business is going down the drain. Then again, not fixing bugs and instead crank out more features in ever shorter cycles is what the Agile revolution has brought us. Mediocre is the new black!