You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-user@db.apache.org by Damian Carey <ja...@gmail.com> on 2008/12/29 00:37:35 UTC
Off topic? Small business firewall candidates
Hi all,
Sorry if this is too off topic - but I need advice. Any direction
would be useful.
What is a good (what ever that means) - reliable - ZERO MAINTENANCE
firewall for small business PCs that allows me to open individual
ports to the local LAN?
We are soon to deploy our distributed Java Desktop app out to
customers. Typical customers will run from 1 to perhaps 10 PCs, all
working off the same database. These businesses are very "industrial"
(think "Auto Mechanic") - so forget what they SHOULD do - they just
plug in new PCs and get going - and they will not change their ways.
Generally the PCs are pretty infected - but that is their problem. At
our trial customers our DBs and apps work brilliantly despite any
issues.
What I'm looking for is candidates for firewalls for our server.
Essentially we just want to open ports 1527 (Derby) and 1099 (RMI) to
the LAN (say 192.168.1.1 thru 192.168.1.254). Also - this needs to be
set-and-forget - there is no IT support in these small organisations.
I love my ESET NOD32 Anti-virus and firewall at home - and I have
never had a problem in years, but unfortunately I can't just set it to
"Automatic Mode" and then open some ports - I must go to "Policy" or
"Interactive" Mode to open those ports - and that is completley
unacceptable for our customers.
I always struggle with Norton - it is not transparent (to me) about
what it is doing or what it is blocking or why or how to unblock
something. It gives me nightmares and I will never recommend it to a
customer. Norton and McAfee (aka "more coffee") seem to focus on
getting customer subscriptions renewals - not at helping my technical
challenges.
Any advice, suggestions, recommendation is welcome - even from Norton
and McAfee fans!
Many thanks,
-Damian
Re: Off topic? Small business firewall candidates
Posted by Damian Carey <ja...@gmail.com>.
On Mon, Dec 29, 2008 at 10:46 AM, Peter Ondruška
<pe...@gmail.com> wrote:
> :-) I must say you will hear lot of advises to go UNIX or Linux or
> whatever different from Windows :-) I have heard there is something
> like iptables for Windows, google-around this topic.
Thanks Peter - I will have a look.
The problem is that at least 100% of our customers will be using
MS-Windows. Maybe more. Our app will be installed on their existing
PCs.
Essentially these Mechanic's PCs will be in a worse condition that the
worst unmaintained geek cars! We could ask "what is a good candidate
car for a geek to buy - if the geek refuses to look after that car as
well as a car-lover".
If we inverse that question we get "what is a suitable firewall /
protection suite for a mechanic who has computers and does not know /
understand / care what they need to do to protect themselves".
One answer is "we don't care, or "there is no answer" - but the truth
is that there is always some reasonable approach.
It will not save them from everything, but it will be a useful start.
Thanks again,
-Damian
> On Mon, Dec 29, 2008 at 00:37, Damian Carey <ja...@gmail.com> wrote:
>> Hi all,
>> Sorry if this is too off topic - but I need advice. Any direction
>> would be useful.
>>
>> What is a good (what ever that means) - reliable - ZERO MAINTENANCE
>> firewall for small business PCs that allows me to open individual
>> ports to the local LAN?
>>
>> We are soon to deploy our distributed Java Desktop app out to
>> customers. Typical customers will run from 1 to perhaps 10 PCs, all
>> working off the same database. These businesses are very "industrial"
>> (think "Auto Mechanic") - so forget what they SHOULD do - they just
>> plug in new PCs and get going - and they will not change their ways.
>> Generally the PCs are pretty infected - but that is their problem. At
>> our trial customers our DBs and apps work brilliantly despite any
>> issues.
>>
>> What I'm looking for is candidates for firewalls for our server.
>> Essentially we just want to open ports 1527 (Derby) and 1099 (RMI) to
>> the LAN (say 192.168.1.1 thru 192.168.1.254). Also - this needs to be
>> set-and-forget - there is no IT support in these small organisations.
>>
>> I love my ESET NOD32 Anti-virus and firewall at home - and I have
>> never had a problem in years, but unfortunately I can't just set it to
>> "Automatic Mode" and then open some ports - I must go to "Policy" or
>> "Interactive" Mode to open those ports - and that is completley
>> unacceptable for our customers.
>>
>> I always struggle with Norton - it is not transparent (to me) about
>> what it is doing or what it is blocking or why or how to unblock
>> something. It gives me nightmares and I will never recommend it to a
>> customer. Norton and McAfee (aka "more coffee") seem to focus on
>> getting customer subscriptions renewals - not at helping my technical
>> challenges.
>>
>> Any advice, suggestions, recommendation is welcome - even from Norton
>> and McAfee fans!
>>
>> Many thanks,
>> -Damian
>>
>
Re: Off topic? Small business firewall candidates
Posted by Thomas Kellerer <sp...@gmx.net>.
Peter Ondruška wrote on 29.12.2008 00:46:
> :-) I must say you will hear lot of advises to go UNIX or Linux or
> whatever different from Windows :-) I have heard there is something
> like iptables for Windows, google-around this topic.
IPSec can be used to implement a firewall similar to iptables.
Some links regarding this topic:
http://technet.microsoft.com/de-de/library/bb877982(en-us).aspx
http://www.securityfocus.com/infocus/1526
http://homepages.wmich.edu/~mchugha/w2kfirewall.htm
Thomas
Re: Off topic? Small business firewall candidates
Posted by Peter Ondruška <pe...@gmail.com>.
:-) I must say you will hear lot of advises to go UNIX or Linux or
whatever different from Windows :-) I have heard there is something
like iptables for Windows, google-around this topic.
On Mon, Dec 29, 2008 at 00:37, Damian Carey <ja...@gmail.com> wrote:
> Hi all,
> Sorry if this is too off topic - but I need advice. Any direction
> would be useful.
>
> What is a good (what ever that means) - reliable - ZERO MAINTENANCE
> firewall for small business PCs that allows me to open individual
> ports to the local LAN?
>
> We are soon to deploy our distributed Java Desktop app out to
> customers. Typical customers will run from 1 to perhaps 10 PCs, all
> working off the same database. These businesses are very "industrial"
> (think "Auto Mechanic") - so forget what they SHOULD do - they just
> plug in new PCs and get going - and they will not change their ways.
> Generally the PCs are pretty infected - but that is their problem. At
> our trial customers our DBs and apps work brilliantly despite any
> issues.
>
> What I'm looking for is candidates for firewalls for our server.
> Essentially we just want to open ports 1527 (Derby) and 1099 (RMI) to
> the LAN (say 192.168.1.1 thru 192.168.1.254). Also - this needs to be
> set-and-forget - there is no IT support in these small organisations.
>
> I love my ESET NOD32 Anti-virus and firewall at home - and I have
> never had a problem in years, but unfortunately I can't just set it to
> "Automatic Mode" and then open some ports - I must go to "Policy" or
> "Interactive" Mode to open those ports - and that is completley
> unacceptable for our customers.
>
> I always struggle with Norton - it is not transparent (to me) about
> what it is doing or what it is blocking or why or how to unblock
> something. It gives me nightmares and I will never recommend it to a
> customer. Norton and McAfee (aka "more coffee") seem to focus on
> getting customer subscriptions renewals - not at helping my technical
> challenges.
>
> Any advice, suggestions, recommendation is welcome - even from Norton
> and McAfee fans!
>
> Many thanks,
> -Damian
>