My answer to this software maturity and hardware maturity question is short and simple: If a VAR is not willing to put a product in its own production environment to support their own business and to completely understand the technology, operational requirements and support issues involved with the product, the product should not be recommended to customers.
Test, test, test. Given how security solutions are chained together today as solution suites, if you're not performing diligent testing in combinations with other products on your line card, nasty surprises are bound to occur.
I think most VARs do "eat their own dog food" by using the products they sell and service, but VARs are opportunity driven and will often find new technologies that satisfy a requirement and recommend it to a customer before they perform due diligence.
The risk appetite of your customer is important to consider before introducing emerging security technology or products and solutions to their network. Your customer's comfort level should be established up front to ensure a smooth support experience if the need should arise. Finally, ask yourself whether a new product or solution is the best solution for the customer's needs – if so, go ahead and recommend it to them.
Good VARs know their customers. They can establish up front that a technology is new. Rather than rushing into production, a mutual testing effort might be prudent. That way everyone's expectations are set, and issues can be dealt with calmly and professionally.
This was first published in December 2007