Just left a client today and found out that the firewall that I installed a few months back was removed from the network. It was a Watchguard Edge. Supposedly SBC and another guy reccommended it. They moved from a dynamic ip to a static ip. So how long before their SBS server is compromised?
If they are not running ANY firewall, then it could be anywhere from minutes to hours to days to never.
Never would only be an option if the SBS box was properly configured and services exposed to the world were disabled - that would require dual NIC.
I have a BUNCH of servers and even one SBS2003 Premium server setup behind a WG firewall, there is no reason to remove the WG.
I suspect that like most SBC tech's and customers, they don't know anything about security and SBC won't support customers that are not directly connected to the network.
A couple of years ago I tried selling a firewall appliance to a small company. The Admin really wanted to buy it - but his boss wouldn't let him.
Instead he ordered the admin to unplug the router on weekends...
Juergen Nieveler
My guess is that the SBC drone wants the customer to do that so they can ping the customer. Anything else is too advanced for them (although I'm sure they told the customer to reboot the server too).
Of course, the customer is just as much to blame if he called SBC for an apparent outage without being able to prove that the problem was on the SBC side of the firewall.
Unfortunately, there's no way to penetrate the firewall around people's brains which prevents cluons from entering.
Regards,
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.