Use of firewall software in desktops

  • Thread starter Thread starter WH
  • Start date Start date
W

WH

Hi,

I have a group of avid travelling users in my company. They will normally
connect to the internet from a hotel or internet cafe connection and VPN to
access internal resources.

I figured out the best way to prevent trojans or viruses from spreading when
these users connect the same machines when they are back into the office
LAN, is to ask them to turn on some kind of personal firewall when they are
connecting from a hotel or internet cafe.

Can someone advise me the best way to approach this, and what kind of
firewall software should I use???? I think Windows XP firewall is good
enough, but it gives problem when I tried to use VPN over the
Internet........

pls advise!
 
WH said:
Hi,

I have a group of avid travelling users in my company. They will
normally connect to the internet from a hotel or internet cafe
connection and VPN to access internal resources.

I figured out the best way to prevent trojans or viruses from spreading
when these users connect the same machines when they are back into the
office LAN, is to ask them to turn on some kind of personal firewall
when they are connecting from a hotel or internet cafe.

Can someone advise me the best way to approach this, and what kind of
firewall software should I use???? I think Windows XP firewall is good
enough,
Click to expand...

Correct. The Windows XP built in firewall should be sufficient.
Some of the third party products are better for computer literate users, but
the majority are confused by messages like 'Application xxx is trying to
connect to host www.domain.com on port 384. Do you want to allow this' and
just click Yes anyway, so the additional safety is negated.
but it gives problem when I tried to use VPN over the
Internet........
Click to expand...

What VPN client are you using? Maybe try using a third party firewall on your
own machine so it can tell you what ports are being used by the VPN client
and open those specific ports on the built in XP firewall for your general
users.

Andy.
 
Andrew Mitchell wrote:
What VPN client are you using? Maybe try using a third party firewall
on your own machine so it can tell you what ports are being used by
the VPN client and open those specific ports on the built in XP
firewall for your general users.
Click to expand...

Nothing inbound would need to be opened up for VPN, and since the XP
firewall doesn't block any outbound traffic, it should work fine. I've done
it :-)
 
"Lanwench [MVP - Exchange]"
Andrew Mitchell wrote:


Nothing inbound would need to be opened up for VPN, and since the XP
firewall doesn't block any outbound traffic, it should work fine. I've done
it :-)
Click to expand...

I thought I had read somewhere that the Nokia VPN client required the user to
open an incoming port below 1024. The only reason I remember this is that an
ISP in Melbourne (Australia) was having problems due to their blocking of all
incoming traffic to clients on ports below 1024 to stop them running servers.

Not sure. It was a while ago.....

Andy.
 
Andrew said:
"Lanwench [MVP - Exchange]"
Andrew Mitchell wrote:


Nothing inbound would need to be opened up for VPN, and since the XP
firewall doesn't block any outbound traffic, it should work fine.
I've done it :-)
Click to expand...

I thought I had read somewhere that the Nokia VPN client required the
user to open an incoming port below 1024. The only reason I remember
this is that an ISP in Melbourne (Australia) was having problems due
to their blocking of all incoming traffic to clients on ports below
1024 to stop them running servers.
Click to expand...

Hmm - I've never used that client. I've used plenty of Sonicwall and
Checkpoint stuff, and pptp....nothing inbound required. If the tunnel
connection is initiated from the inside, and isn't being blocked, it
just....works. :-)
 
Back
Top