>Can anyone provide we with information about a product called Instant
>Internet. Is it a fully fledged firewall ?
>Any and all information would be appreciated.
Internet Anywhere qualifies as a firewall ONLY by protocol isolation. Which
means that it is fine as long as you are not running TCPIP anywhere else on
I evaluated this product a couple of months ago, and I wasn't impressed.
First off, it can only support a max of 50 users.
Second, It is limited to the 16-bit winsock.dll which means mac, OS/2, Unix,
and 32-bit windows95 apps are right out!
Also, I am not even sure if it supports host filtering or not (I never got that
far with the install before I lost my patience with it)
>Cape Town City Council
This poses an interesting problem.
You see "Instant internet" is only "Instant" if you happen to subscribe to a
ISP that they support (Mostly United States ISP's). Otherwise, you have to
wait up to 6 WEEKS (like I did) for a dialer script to connect to your provider.
My suggestion is to use Quarterdeck's Iware Connect or Cisco's Internet
Iware is an NLM that runs on your NetWare server. Used in conjunction with a
proper router/gateway, it works wonders on Novell networks.
The Number of users actually supported depends on how many license packs you
buy for it.
Iware has much better filtering and host screening options. For instance, You
can get some kind of package for it that acts as "netwatch" or "CyberSitter"
that can filter out unwanted sites via a central database (Very useful for
Then again this is ALL relative to what your security needs actually are. You
can't just throw a firewall at it and it will magically go away. You need to
first evaluate and establish a security policy, then look for a firewall or
screening router that fits your requirements (if you indeed require one)
In general, Netware IP is pretty secure from the internet so you may not even
need a firewall. The only ways I have heard about that Netware IP can be
attacked from are so obscure, they are barely a risk. (If somebody can prove
otherwise, I would like to talk to you)
Neither of these options can be used to screen out attacks to TCPIP, so
consider your TCPIP side of things a DMZ and you should be fine on the IPX/SPX
side as long as nobody pingfloods you or spoofs your address.