On Mon, Dec 29, 2008 at 10:46 AM, Peter Ondruška <[email protected]> wrote: > :-) I must say you will hear lot of advises to go UNIX or Linux or > whatever different from Windows :-) I have heard there is something > like iptables for Windows, google-around this topic.
Thanks Peter - I will have a look. The problem is that at least 100% of our customers will be using MS-Windows. Maybe more. Our app will be installed on their existing PCs. Essentially these Mechanic's PCs will be in a worse condition that the worst unmaintained geek cars! We could ask "what is a good candidate car for a geek to buy - if the geek refuses to look after that car as well as a car-lover". If we inverse that question we get "what is a suitable firewall / protection suite for a mechanic who has computers and does not know / understand / care what they need to do to protect themselves". One answer is "we don't care, or "there is no answer" - but the truth is that there is always some reasonable approach. It will not save them from everything, but it will be a useful start. Thanks again, -Damian > On Mon, Dec 29, 2008 at 00:37, Damian Carey <[email protected]> wrote: >> Hi all, >> Sorry if this is too off topic - but I need advice. Any direction >> would be useful. >> >> What is a good (what ever that means) - reliable - ZERO MAINTENANCE >> firewall for small business PCs that allows me to open individual >> ports to the local LAN? >> >> We are soon to deploy our distributed Java Desktop app out to >> customers. Typical customers will run from 1 to perhaps 10 PCs, all >> working off the same database. These businesses are very "industrial" >> (think "Auto Mechanic") - so forget what they SHOULD do - they just >> plug in new PCs and get going - and they will not change their ways. >> Generally the PCs are pretty infected - but that is their problem. At >> our trial customers our DBs and apps work brilliantly despite any >> issues. >> >> What I'm looking for is candidates for firewalls for our server. >> Essentially we just want to open ports 1527 (Derby) and 1099 (RMI) to >> the LAN (say 192.168.1.1 thru 192.168.1.254). Also - this needs to be >> set-and-forget - there is no IT support in these small organisations. >> >> I love my ESET NOD32 Anti-virus and firewall at home - and I have >> never had a problem in years, but unfortunately I can't just set it to >> "Automatic Mode" and then open some ports - I must go to "Policy" or >> "Interactive" Mode to open those ports - and that is completley >> unacceptable for our customers. >> >> I always struggle with Norton - it is not transparent (to me) about >> what it is doing or what it is blocking or why or how to unblock >> something. It gives me nightmares and I will never recommend it to a >> customer. Norton and McAfee (aka "more coffee") seem to focus on >> getting customer subscriptions renewals - not at helping my technical >> challenges. >> >> Any advice, suggestions, recommendation is welcome - even from Norton >> and McAfee fans! >> >> Many thanks, >> -Damian >> >
