Re: XP vulnerabilities?
From: *Vanguard* (no-email_at_no-spam.invalid)
Date: 02/21/04
- Next message: *Vanguard*: "Re: XP vulnerabilities?"
- Previous message: *Vanguard*: "Re: XP vulnerabilities?"
- In reply to: joe: "Re: XP vulnerabilities?"
- Next in thread: S.B.: "Re: XP vulnerabilities?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 21 Feb 2004 11:22:30 -0600
> Thanks for your comments but - are you taking on the role of the net
> police? For your information, I run my own company from home so I
> have installed the valid corp edition on all my networked computers.
> Nice of you to jump to conclusions - and why the hell are you so
> personally "concerned"?
Note that I also questioned your use of the "Corporate Edition" of Windows.
In your original post, the implication was that you were asking about a
single computer. Now you are claiming to have several (which would have to
be a minimum of 5 hosts since the 5-license contract is the smallest you can
get in a volume license). Also, the only folks that I've seen refer to a
"Corporate Edition" are those that purchased just 1 copy of Windows. I
can't find any mention of "Corporate Edition" (other than for non-Microsoft
products) in a search at Microsoft. Once someone mentions "Corporate
Edition", the rest of us nod our heads knowing it is an illegally slice of
instance from a volume license (much like we nod our heads knowing the real
reason why users ask why Outlook doesn't have the slide show option that OE
used to have for picture attachments).
If you were indeed running a network of 5 or more hosts for which you
purchased a volume license then we wouldn't be talking about installing a
"personal" firewall on each of them but instead talking about a gateway or
firewall host running the firewall software through which all your intranet
hosts would make their Internet connections. Or we would be talking about a
NAT router which has a firewall in it (but, as with Windows XP ICS, only
protects against inbound initiated connections) which may prove sufficient
for you.
Trying to keep 5, or more, intranet hosts sync'ed together can result in
errors and inconsistencies. While they may perform their auto update okay
while independently protecting just the one host, you'll have to manually
define the firewall and application rules on each host for each independent
firewall program. Perhaps one of the other firewall products lets you
export their rules so you can migrate them easily to another host, but NIS
really sucks for rules as you cannot export and then import them. In
versions prior to NIS2003, you could export the portion of the registry
where the rules were stored provided you knew where they were. However,
Symantec has now encrypted them so you cannot simply export the registry
keys and import them in another instance. Getting application and web
content rules from one instance of NIS to another instance of it has always
been a sore point with that product. When I asked them about it when I was
using NIS2002, they said the export feature would appear in NIS2003. They
lied so I haven't bothered to upgrade to NIS2004. They don't consider
migration of app and web rules to be a necessary function of a "personal"
version of their firewall. Besides the instability of NIS (i.e., going
brain dead eventually), this is another reason why I'll be looking at a
different firewall. I'd like to export my settings and rules for both
applications and web content so I can restore them if (and when) I have to
uninstall NIS and reinstall it (reinstalling is often Symantec's response to
problems with their NIS product).
- Next message: *Vanguard*: "Re: XP vulnerabilities?"
- Previous message: *Vanguard*: "Re: XP vulnerabilities?"
- In reply to: joe: "Re: XP vulnerabilities?"
- Next in thread: S.B.: "Re: XP vulnerabilities?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
