My experience with the support from Sonicwall (one of the hardware firewalls
suggested) was much the same. And for that matter their online knowledge
base isn't. As an example that ties into a recent thread here the Sonicwall
answer to blocking napster is:
Napster uses ports 7777, 8875, and 8888 TCP. You can create three custom
service entries using the same exact name, and these port/protocol
combinations. Once you do that, you can write a rule that says:
deny Napster
source LAN *
destination * *
I tried this just out of curiosity and as I expected it didn't work.
David
-----Original Message-----
From: elvene [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 08, 2000 8:03 AM
To: [EMAIL PROTECTED]
Subject: Mid-range Firewalls?
.....
Please, please UNDERSTAND THIS. Neither of these solutions come with ANY
support to speak of. Sybergen, when I once asked them a question
mutliple times, responded 2 weeks after the first request - and parroted
back unrelated information from the manual which made it obvious that I
knew far more than the person responding. When I needed to know what
one of the confusing options in the WinRoute interface section setup
meant, The response was again parroted almost word for word from the
manual, with no additional detail - and neither of my "does it work like
this or this?" were addressed even remotely. When I sent Tiny Software
logs and a web address that would not browse via proxy, I was emailed
back instructions for how to set up IE to directly browse sites - even
though I had stated that my goal was to force all web browsing via proxy
so I didn't have to open port 80 globally.
So, while I can't speak for the support from the hardware oriented
firewall vender, expect to be VERY MUCH ON YOUR OWN with these
solutions. And that has a cost, too. In time, in "comfort", and in
vulnerability when you misunderstand and/or make a mistake.
Good Luck!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
