from the security-on-stock dept.
Several machines in our environment are unpatchable - because they are too old, no admin password known or the software won't run after patching. We offer for those cases small routers with NAT capability which could be used as firewalls. Read on how to get them and why you shold use it - or why you should not use it.
First of all, it's not a tool to stop your responsibility for your machine. It's also not a solution for computers where you read mail or explore the web - the router won't protect you from trojans included in webpages or emails. It's also not a solution when your computer does domain logon - the router does not pass all necessary packets.
We see in it just a possibilty to operate a machine like a measuring computer which you could no longer patch in our LAN. Second application is to get a secure place where you could set up your windows pcs without getting worms before you finished installation.
The Allied Telesyn AR220E has one 10MBit/s uplink which gets an IP number by DHCP and four 100MBit/s switched ports for the local computers. Setup is quite simple - plug it in the LAN and power, attach the computer and get an IP by DHCP. Several things may be configured with a simple webinterface in case of special requirements.
Our DHCP registration will be done for the router and in case of problems, you will be responsible for the computers attached to this box.
Contact us in case you have computers in such a
situation and like to protect them from attacks out of the internet.
< | >