how-to block ads
|
dg2
Premium
join:2004-01-22
Lowell, AR
 ·Cox HSI
| Re: Bottom up security I agree with your premise, but would like to pitch in the following thought (previously posted in the Cox HSI forum, but seems relevant here.)
When we signed up for DSL at the office, we had an option of receiving a DSL modem or a combined DSL modem/router. Similar devices exist for Cable.
If we're having all these problems with people who aren't behind a firewall (in this case a NAT router), why not require them to take the combination modem/router? The idea is this -- when you sign up, the ISP asks "Do you currently have a router?" If no, then they automatically get the combo unit. If yes, and the ISP can be satisfied with it, they get the modem only.
I know there are details which would have to be worked out, but why wouldn't this help? | |
|  
Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
·Shaw
| Re: Bottom up security I have wondered this myself as to why can't I have one unit that combines my cable modem and router/firewall it only makes sense and certainly reduces the amount of cabling and such (network cable from modem to firewall and one power cable as well, likely save a bit on the power bill as well). I know some ISPs are moving in this direction, but the more the better.
Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel | |
| | B
Premium,MVM
join:2000-10-28
| Re: Bottom up security
Well, yeah, IF they continue to allow the users fine-grained control of that built in NAT service. Otherwise, if they were to start locking that NAT in place, it's a slippery slope towards a "Port 25 and Port 80/443 Outbound Only" world.
-- B
--
In a realm outside causality and function | |
| 
antiserious
The Future ain't what it used to be
Premium
join:2001-12-12
Scranton, PA
| said by dg2  :
When we signed up for DSL at the office, we had an option of receiving a DSL modem or a combined DSL modem/router. Similar devices exist for Cable.
If we're having all these problems with people who aren't behind a firewall (in this case a NAT router), why not require them to take the combination modem/router? The idea is this -- when you sign up, the ISP asks "Do you currently have a router?" If no, then they automatically get the combo unit. If yes, and the ISP can be satisfied with it, they get the modem only.
I know there are details which would have to be worked out, but why wouldn't this help?
... Verizon offers the Westell 2000 in some areas, which has simple firewall capabilities, but they don't recommend using that feature, nor do they support it ... they also told me Westell doesn't 'support' it either (as if I could get through to westell to ask) ... so that diminishes its effectiveness ... I activated it anyway (simple 'low' setting, no rules), and ZoneAlarm Pro went silent - which is lovely - but I'm having some small issues and there's nobody available to help ... so a good idea, poorly formed ... as Verizon tech support said to me, they can only work with their network, and even though THEY supplied this equipment they don't feel this is under their support umbrella ...
.... while your idea has merit, as does Link Logger's, where would the support come from? ... I'm trying to learn as much as I can, but I'm reluctant to muck around with the equipment and settings (and I LOVE to muck around) with no backup ...
... f w i w ...
--
... "I don't wanna go Uptown, baby ... all the friends I got are Downtown anyway" ... william topley | |
| | | |
|
