Firewall for 50 network.

Similar Messages

• Looking for Mac network professional to setup our small business network.

  I've installed OS X Server on an iMac within our office to act as a file server and also allow us to access files using a VPN.  Probably should have purchased a Mac Mini Server and will likely go that route in the end. 
  I'm computer savy, but little networks experience and just can't get this working correctly. If we had more time to dedicate to this and with help from this forum, I'm sure we could get it up and running.  The goal is to get a simple network going that will allow us to access files, etc in the field and at our home offices with the ability to grow as our business expands.
  At this time I'd really like to have someone just handle the setup of the network so we can get functionality asap.  I've done some searches and looked for a network professional in our area with experience in Mac networking within a business environment, but haven't had much luck.
  If anyone point me in a direction of someone that can help get this going I'd be forever greatful:)
  Location: Southern California (Rancho Cucamonga)

  I'm not a rocket scientist but I do have a working mail server and website using a mini mac and os x server (Mavericks).
  It all begins with your DNS and I recommend you do use a mac mini with OS X Server as it's designed for that very purpose. You absolutely must get your DNS situation working first. There's a guy in this forum named Mr. Hoffman who is particularly useful (there are others) in this area. He has a website with lots of helpful advice and, in particular, this: http://labs.hoffmanlabs.com/node/1436.
  However, before you embark on that journey, this is what you'll basically need to do:
  You're going to need a public (external/public facing) DNS and a private (internal) DNS. Your private DNS (served by your os x server) needs to live behind some kind of hardware firewall/router to prevent the great unwashed and curious from venturing into places they probably shouldn't be venturing. It's port(s) should never be exposed to the outside world.
  Get a static IP from your ISP and register a domain name.
  Let your domain registrar provide the external DNS.
  You'll want to set up an internal DNS using OS X Server in the 10.0.0.0/16 subnet (it doesn't seem to let you use 10.0.0.0/8 and it really hates 192.168.0.0/24).
  The server itself will need to be "self-aware" by setting it's System Preferences > Network Preferences > DNS Server to 127.0.0.1.
  Of course, once you get the DNS working you'll want to turn on File Sharing and then (and only then) Open Directory. THen you can begin adding other services such as web, mail, vpn, etc...
  I'm sure there is lots more that I've missed but this should do for now. Good luck.

• Hi looking for a bit of free  anti - virus and firewall for osx 10.8.2

  hi looking for a bit of free  anti - virus and firewall for osx 10.8.2 any pointers also any one used Mac cleaner ?

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files. This feature is transparent to the user, but internally Apple calls it "XProtect." The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't actually been tested by Apple (unless it comes from the Mac App Store), but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
  Gatekeeper has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to evade Apple's controls.
  For more information about Gatekeeper, see this Apple Support article.
  4. Beyond XProtect and Gatekeeper, there’s no benefit, in most cases, from any other automated protection against malware. The first and best line of defense is always your own intelligence. All known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore reduces to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source. How do you know whether a source is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  “Cracked” copies of commercial software downloaded from a bittorrent are likely to be infected.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.
  5. Java on the network (not to be confused with JavaScript, to which it's not related) is a weak point in the security of any operating system. If a Java web plugin is not installed, don't install one unless you really need it. If it is installed, you should disable it (not JavaScript) in your web browsers. Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in OS X 10.5.8 or earlier, because Java in those obsolete versions has known security flaws that make it unsafe to use on the Internet. The flaws will never be fixed. Regardless of version, experience has shown that Java can never be fully trusted, even if no vulnerabilities are publicly known at the moment.
  Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.
  6. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  7. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so can corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. If you don't need to do that, avoid it. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  8. The greatest danger posed by anti-virus software, in my opinion, is its effect on human behavior. When people install such software, which does little or nothing to protect them from emerging threats, they get a false sense of security from it, and then they may do things that make them more vulnerable. Nothing can lessen the need for safe computing practices.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use.

• How to uncheck File and Printer Sharing for Microsoft Networks by Command!!

  Dear everybody,
  I meet a problem with my System now, and I need your help!!!
  As mentioned in title, I need uncheck on File and Printer Sharing for Microsoft Networks by Command for Security purpose.
  Could you show me the way to do it by command line
  I think GPO can solve this but My Boss want to do it by command line
  Thanks for your help!!!

  netsh advfirewall firewall set rule group="Network Discovery" new enable=Yes
  netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes
  To disable these functions in Windows, use the same command and replace 'Yes' to 'No' in the above commands.

• X301 "File and Printer Sharing for Microsoft Networks" removed at re booting (XP SP-3)

  Even if I run the “Network Identification Wizard” (under System properties/Computer Name) to join a Workgroup, the box ‘File and Printer Sharing for Microsoft Networks’ remains unchecked.  If I ticked it manually, it remains checked for the current session, but it is unchecked at booting.
  The same occurs with the Windows Firewall (I am running that from Symantec). I switch the Windows Firewall off, but after rebooting, it appears selected again!.
  This happens only with my brand new ThinkPad X301, which came with Vista. The package included a kit to convert to XP, but this installed a ‘naked’ XP, which required downloading from Lenovo and Windows about 1Gb of files (bad service, Lenovo guys!).
  I wonder which “safety” issue of the X301 causes this, but how can I stop this happening? (It does not occur with any of my two old ThinkPads, also running XP SP-3 and Lenovo software).
  Solved!
  Go to Solution.

  See -> http://www.vistax64.com/vista-networking-sharing/72537-file-printer-sharing-turned-off-reboot.html  Here is the text. Re: File and Printer sharing turned off on reboot
  I FOUND MY SOLUTION!!!
  In my case, it was in Lenovo's "ThinkVantage Access Connections" applet. It
  is additional security that is applied at the CONNECTION level.
  Here is how I fixed it:
  1. Double click on the ThinkVantage Access Connections applet in the
  notification area.
  2. Click on the MANAGE button on the toolbar
  3. Select the SSID where you want File Sharing to work, and click EDIT
  4. Click on the ADDITIONAL SETTINGS tab
  5. Next to "Network Security", click the SETTINGS button
  6. The first option in Security Settings is "Disable file and printer
  sharing". UNCHECK this box. Click OK for 3 levels of dialog boxes, then
  close Access Connections
  Although these directions are specific to ThinkPad notebooks, the same
  principle may apply for other manufacturers' connection managers.
  Best of luck!

• Unable to install Client for Microsoft Network

  Bonjour guys, i'm having a terrible issue. I'm running Vista Sp2 Home Premium Edition, and i was having an IP adresse issue, i was getting 169.etc, and couldn't go online. So i tried various things to solve the issue, including uninstalling the various componets
  of my Connection, including "Client for Microsoft Network".
  When i rebooted the PC, and installed my Wifi Usb dongle and its software, the IP issue was solved (192.etc), but with a twist. Now, i can't go to website using their Urls (www.google.com), i can only access them via their IP adresses (173.X.X.X)
  I verified/changed the DNS, no improvment.
  I deactivated/activated the firewall, no improvment.
  I verified the DHCP, it's working fine.
  So i checked the propreties of the Connection, and noticed that the only thing that was missing, was "Client for Microsoft Network", which i tried to install, abut got an error:
  "Could not add the requested feature. The error is: The remote procedure call failed"
  So i went to services.msc, checked the various services, RPC started, DNS client started, DHCP started, server started
  Then i decided to uninstall the SP2 upgrade, and reinstall it, but the issue still remains.
  Can you help me re-instal the Client for Microsoft Network ?

  Hi,
  You can run SFC command to check your system file:
  http://support.microsoft.com/KB/929833
  Alex Zhao
  TechNet Community Support

• Firewall for PC's

  I have a general query related to firewall for small LAN. We have couple of PC's which connect to internet thru ADSL line. They want to access some resources of the Company's LAN by setting up another NIC on the PC and plugging it into our LAN. As its a security issue what is the most economical/secure way of achieving this with the use of firewall?
  Thanks

  Firewall solutions for small business are available as either software or hardware (with software components). Software firewalls protect each individual PC they're installed on. But to protect all your company's computers, each must have a software firewall installed. It can be difficult to maintain.
  On the other hand, hardware-based firewall solutions for small business protect all computers on your network. A hardware-based firewall is easier to administer, too.
  The ideal firewall solutions for small business integrate a hardware firewall with software controls into a comprehensive security solution that includes virtual private network (VPN) support, antivirus, antispam, antispyware, and content filtering capabilities.

• How disable the firewall for only one NIC (aka adapter)

  Hi people,
  in winXP it was super easy to disable the firewall for one specific "adapter"
  (just to need to uncheck)
  so in Win7 how we disable firewall for one adapter ?
  thx people :D

  I have found it :D
  Go into Firewall with Advanced Security
  Click on Windows firewall Properties
  Then clic on Protected network connection
  and here they are :)

• Firewall for iPodTouch

  Hi
  I am not sure if this is the right place to post this question. I want to develop an application that can block the internet access (drop the tcp packets) in an ipod touch. If it was a mac - i would use the IPFW driver. Can i do the same with an iPod touch ? Are there any alternatives ?
  Or atleast is it possible to develop a firewall from scratch for the iPodTouch os ?
  Many Thanks
  Hazem

  Hello Ibrahim,
  Its common sense, a server farm got to be carefully placed into your network.
  You will have the most important information on your company on those serves, why would not you have a firewall for them, would be the right question?
  Each single network has a lot of vulnerabilities, we as security engineers are in charge of reducing the amount of vulnerabilities so people on the outside of our network cannot compromise our servers.
  And that is the whole point of a firewall, reduce the possibility of an attack to our servers.
  Hope this helps.
  Julio
  Security Engineer
  Do rate all the helpful posts!!!

• Firewall for servers

  Hi
  why we need firewall for the server farm?
  thanks

  Hello Ibrahim,
  Its common sense, a server farm got to be carefully placed into your network.
  You will have the most important information on your company on those serves, why would not you have a firewall for them, would be the right question?
  Each single network has a lot of vulnerabilities, we as security engineers are in charge of reducing the amount of vulnerabilities so people on the outside of our network cannot compromise our servers.
  And that is the whole point of a firewall, reduce the possibility of an attack to our servers.
  Hope this helps.
  Julio
  Security Engineer
  Do rate all the helpful posts!!!

• Firewall "on" no network printer, firewall "off" network printer works great.

  When I turn my firewall on my network printer (via ethernet AEBS) is no longer available. 
  Printer sharing is turned on.
  Any help is greatly appreciated.
  Patrick

  If the Airport Admin Utility cannot automatically "see" your Base Station, you have a big clue as to the cause of your problems. On a private LAN, it should never be necessary to select "Other" and manually type in the Base Station's IP address.
  The most likely cause for the Airport Admin Utility not being able to automatically "see" an Airport Base Station - is a firewall on the Mac that is blocking it. Any of the following are possible:
  - you have installed non-Apple firewall software on the Mac
  - you have installed so-called "internet protection" software on the Mac
  - you have installed "internet monitoring" software on the Mac (like "Little Snitch")
  - you have installed VPN client software on the Mac - and many of these applications install their own firewall
  All this stuff needs to go, since it will cause all sorts of trouble with communication between a Base Station or Airport Express, and a Mac.
  I'd also be very worried about what this "Cocktail" utility is really doing to your system.

• HT200259 Configuring adaptive firewall for VNC and RDP connections

  Hello, I'm using Yosemite with OSX Server.  Is there a way of configuring adaptive firewall for VNC and RDP connections?

  Apple has never documented what the adaptive firewall really does, as far as I know. It seems that the built-in network services send it some kind of notification whenever there is a connection attempt. The Screen Sharing service is one of those, so it should be protected. There is no built-in RDP service, so if you somehow added one, it would not be protected.

• My iPhone won't allow me to scan for any network and won't even pick up on any wifi networks near by. How do I fix this?

  My iPhone 4s won't allow me to scan for any networks and won't even pull up wifi networks near by. How do I fix this?

  Settings > General > Network > Reset Network Settings.
  If that does not resolve the issue...
  Basic troubleshooting from the User's Guide is reset, restart, restore (first from backup then as new).  Has any of this been tried?

• Where is the hyphen (-) on the apple TV?  I am trying to set up my network and there is a hyphen in the password for the network

  Where is the hyphen on the apple TV?  I am trying to set up my network and there is a hyphen in the password for the network

  A few options to try:
  They hyphen should be next to the + on the character map.
  If you are still having issues, provided your ATV software is up to date, you can now connect an Apple Wireless Keyboard through bluetooth connections.
  Change your network password so it does not use a hyphen
  Good luck!

• Report for Material Consumption for WBSE & Network

  Dear Experts,
  I want to see Material Consumption for
  for WBSE 281Q (Project to Project)
  for Network 221Q (Network from Project)
  I can see values in Report MB51,
  but I can not see for which WBSE it is consumed or from which WBSE it is consumed.
  The Entries are there in table MSEG field MAT_PSPNR.
  It is not shown in Report MB51, For this column blank is shown, no value is shown.
  Can you help me, how can I see material consumption for WBSE & Network with WBSE ID for/from which.
  Thanks
  SSanjay

  Dear Muralee,
  I think I am not able to explain you the thing or you are not getting what I want to say.
  In my first post I have said:
  I am trying MB51, with
  221Q Project to Project GI
  281Q Project to Network GI.
  I am getting material consumption quantities,
  Network/Activities for which consumption is done is also shown.
  But the WBSE for which / from which consumption is done, that column is blank.
  It is showing WBSE for 101 GR for Project
  I want to know for which /from which WBSE material was consumed?
  I have tried to explain problem again.
  Can you please help?
  SSanjay