Great Circle Associates Firewalls
(April 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Instant Internet
From: Steve Benesko/CTI <Steve_Benesko @ cti . ca>
Date: 3 Apr 96 16:39:22 EDT
To: firewalls <firewalls @ greatcircle . com> 
>Hi All,
>
>Can anyone provide we with information about a product called Instant 
>Internet.  Is it a fully fledged firewall ?
>
>Any and all information would be appreciated.
>

Internet Anywhere qualifies as a firewall ONLY by protocol isolation.  Which 
means that it is fine as long as you are not running TCPIP anywhere else on 
your network.

I evaluated this product a couple of months ago, and I wasn't impressed.
First off, it can only support a max of 50 users.
Second, It is limited to the 16-bit winsock.dll which means mac, OS/2, Unix, 
and 32-bit windows95 apps are right out!

Also, I am not even sure if it supports host filtering or not (I never got that 
far with the install before I lost my patience with it)

>Cape Town City Council
>Cape Town
>South Africa
 
This poses an interesting problem.
You see "Instant internet" is only "Instant" if you happen to subscribe to a 
ISP that they support (Mostly United States ISP's).  Otherwise, you have to 
wait up to 6 WEEKS (like I did) for a dialer script to connect to your provider.

My suggestion is to use Quarterdeck's Iware Connect or Cisco's Internet 
Junction.
Iware is an NLM that runs on your NetWare server.  Used in conjunction with a 
proper router/gateway, it works wonders on Novell networks.

The Number of users actually supported depends on how many license packs you 
buy for it.

Iware has much better filtering and host screening options.  For instance, You 
can get some kind of package for it that acts as "netwatch" or "CyberSitter" 
that can filter out unwanted sites via a central database (Very useful for 
schools)

Then again this is ALL relative to what your security needs actually are.  You 
can't just throw a firewall at it and it will magically go away. You need to 
first evaluate and establish a  security policy, then look for a firewall or 
screening router that fits your requirements (if you indeed require one)
In general, Netware IP is pretty secure from the internet so you may not even 
need a firewall.  The only ways I have heard about that Netware IP can be 
attacked from are so obscure, they are barely a risk.  (If somebody can prove 
otherwise, I would like to talk to you)
Neither of these options can be used to screen out attacks to TCPIP, so 
consider your TCPIP side of things a DMZ and you should be fine on the IPX/SPX 
side as long as nobody pingfloods you or spoofs your address.
Indexed By Date Previous: Re: Securid BAD Tech Support
From: "Alastair Young" <alastair @ cadence . com>
Next: Re: Firewalls-Digest V5 #206
From: Daniel Berger <dberger @ cs . UCR . edu>
Indexed By Thread Previous: Re: Instant Internet
From: "Eliot T. Ware" <etware @ access . digex . net>
Next: Instant Internet
From: lresch @ relay . nswc . navy . mil
Google
 
Search Internet Search www.greatcircle.com