This is exactly the sort of issue that prevented us from buying
Gauntlet. A secure firewall that doesn't let you do what you need to do
to support your business doesn't do anyone any good. NAI doesn't seem
to be any faster at adding new proxies than TIS was. The list of
supported services
(http://www.nai.com/products/security/prodserv/gauntlet/firewalls/configurations/unix/unix.asp#supported_services)
doesn't look much longer than it was the last time I checked. The NT
version is even worse.
When we were looking into firewalls, one of the things we wanted support
on was ICA. I see that NAI still hasn't added ICA support, even though
many people use ICA. Many Application Service Providers (ASPs) are
going to be using this or a similar product -- and they're going to want
to use firewalls to protect their servers.
Any Gauntlet users care to defend the product? I guess if all you use
are the supported protocols, then it's a wonder. But if you need
something different, you've got troubles.
Jen
Mike Batchelor wrote:
>
> You may wish to remind your application folks, that if they cannot get this
> DCOM application to work behind their own firewall, then it's highly likely
> that other visitors will have the same troubles behind *their* company
> firewall.
>
> Or do they only care about visitors who dialup directly to an ISP? If so,
> then some dialup lines would be appropriate for your application people to use
> to test their DCOM application. That solves the immediate problem, and has
> the added benefit that your application people won't overload the new web site
> with useless graphics. :)
>
> DCOM is what Microsoft and Digital (before they became Compaq) were touting as
> a competitor to CORBA and IIOP. Or something like that.
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Magowan, Richard M.
> > (ITS)
> > Sent: Friday, May 21, 1999 6:34 AM
> > To: '[EMAIL PROTECTED]'
> > Subject: DCOM on Gauntlet
> >
> >
> > Hi Folks,
> >
> > One of my user departments is developing an application that uses facilities
> > at a site www.claimcard.com <http://www.claimcard.com> . The application
> > apparently uses DCOM. The application will not work through my Gauntlet
> > firewall (which I can't play with, it's managed). Claimcard tells me I have
> > to implement DCOM on gauntlet. I realize Gauntlet is a proxy style firewall
> > and that DCOM may have to be proxied. Is DCOM related to Active X? Is there
> > a DCOM proxy for Gauntlet?
> > We ran some traces, first using a dial-up internet connection to the
> > claimcard site which worked fine, then traced the activity through Gauntlet.
> > The good trace shows an HTTP "GET" command with two fields
> > "If-Modified-Since:" and "If-None-Match:" which are not present in the bad
> > trace. I have no clue what all this means. The applications folks came to me
> > and said "you have to change your firewall". Well, as you may guess this is
> > not gonna happen. Can anyone out there give me some hints as to what might
> > be going on and maybe some suggestions to pass along to my ISP to see if
> > they can get this thing to work. Any comments are appreciated.
> >
> > Thanks.
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
> >
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
