JDEV 10.1.3 and the outside world

Similar Messages

• Best Practice on Not Exposing your internal FQDN to the outside world

  Exchange server 2010, sits in DMZ, internet facing. The server is currently using the Default Receive Connector. This exposes the internal fqdn to the outside world (ehlo). Since you should not (can't) change the FQDN on your Default Receive connector, what
  is the best practice here?
  The only solution I can see is the following:
  1. Change the Network on the Default Receive Connector to only internal IP addresses.
  2. Create a new Internet Receive Connector port 25 for external IP addresses (not sure what to put in Network tab?) and use my external FQDN for ehlo responses (e.g. mail.domain.com)
  3. What do I pick for Auth and Permissions, TLS and Annoymous only?
  Michael Maxwell

  Yes, it fails PCI testing/compliance. I shouldn't be able to see my internal server and domain. I understand that is the recommendation, but my client doesn't want to host in the cloud or go with a Trend IHMS (trust me I like that better, but its
  not my choice). I have to work with the deck of cards dealt to me. Thanks, just want a solution with what I have now.
  Michael Maxwell
  Understand. I wont go into the value of those tests  :)
  If the customer is really concerned about exposing the internal name, then create a new receive connector with a different FQDN  ( and corresponding cert)  for anonymous connections as you mention above. Know that  it also means internal clients
  can connect to the server on port 25 as well if you dont have the ability to scope to set of ip addresses ( i.e. a SMTP gateway).
  The internal names of the servers will also be in the internet headers of messages sent out:
  http://exchangepedia.com/2008/05/removing-internal-host-names-and-ip-addresses-from-message-headers.html
  http://www.msexchange.org/kbase/ExchangeServerTips/ExchangeServer2007/SecurityMessageHygiene/HowtoremoveinternalservernamesandIPaddressesfromSMTPheaders.html
  Twitter!:
  Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

• How to expose a web service to the outside world?

  Hello,
  i have created a Web service from a Session bean and successfully published it on one of my UDDI registries using the Admin tool.
  At this point, what do I need to do further in order to expose this Web service not just in our LAN but to the outside world?
  Roy

  Offcourse it should be published at UDDI.
  Four play  key roles in Web services: Universal Description, Discovery and Integration (UDDI), Web Services Description Language (WSDL), Web Services Inspection Language (WSIL), SOAP, and Web Services Interoperability (WS-I).
  The UDDI specification defines open, platform-independent standards that enable businesses to share information in a global business registry, discover services on the registry, and define how they interact over the Internet.
  See this link too:
  http://help.eclipse.org/help32/index.jsp?topic=/org.eclipse.jst.ws.consumption.ui.doc.user/concepts/cwsdlud.html
  Regards, Suresh KB

• Make VM accessible to the outside world (iptables question)

  I have a VM running on one of our internal servers on top of Oracle Enterprise Linux 4.x with VMware Server 3.x
  Inside the VM runs a Oracle Database and a WebLogic Server, and I need to access the Weblogic administrative interface and the applications running on it from another computer part of Oracle Internal Network.
  If I start the VM with its network interface in "bridged" mode, then the VM doesn't get any IP by DHCP. If I try to manually assign an IP to it, the network doesn't work, most probably because of some security rules enforced by the local SA.
  If I start the VM with its network interface in NAT mode, then the internal applications fail to start with network sockets errors.
  The only way to start the VM and the applications running inside it without errors is the "host network only" mode, but then the applications are not available from any other machine than the one on top this VM runs.
  So I guess that the easiest way to solve this problem would be to create some IPTABLES rules so that all http/https/ssl traffic passing through the physical machine network interface on certain ports to be forwarded to the VM host-only network interface.
  I do not have enough knowledge of IPTABLES rules and I know this is quite a huge subject, so starting to learn it now will take some days which I can not afford right now...
  Is someone with more knowledge on the subject able to help me here?
  Thanks and Regards
  Serban

  Can you get in touch with your local SA to see if there are any policy or network security restrictions that apply? DHCP is not a good solution for your situation anyway, and I would not bother to setup firewall with dynamic port forwarding and proxying to bypass networking restrictions. I think, the most, if not the only feasible option, to make your VM talk to the outside world, is to setup your VM in bridged network mode, so that the VM interface can broadcast at the same level as your host interface. Besides, your current external network security may prevent routing any IP address other than the one of your host computer, in which case you will be able to access your VM only from within your host computer, regardless.
  If you cannot work out a static IP address or direct access to your VM from outside, perhaps simple port forwarding may work in your case, which will automatically forward all traffic to a certain port on your host computer to the network of your VM, but then you won't be able to choose.
  Edited by: Dude on Nov 12, 2010 7:14 AM

• Security: Portlets visible to the outside world?

  When I deploy portlets to a oc4j instance managed by the applicationserver it seems that the url of the webapplication is automatically visible through the ora http server. Since my webapplications only contain portlets that should be accessed by the portal, how do I prevent the outside world from sending request directly to the webapplication?

  You have used some very general terms in your question but I will attempt to reply with some caveats.
  Generally speaking most remote access VPNs use private addresses which are translated using NAT when traffic leaves the protected (internal) network en route to a public server, such as a web server on the Internet. You address appears to the remote server as one of the addresses from the NAT pool (or sometimes outside interface) of the VPN concentrator or firewall that is performing that function.
  You can always check your address as it appears to the outside by browsing to something like http://whatismyip.com

• Java ... and the real world

  Good Day,
  I'm new at JAVA language, I'm basicly a C++ programmer, but I wanted to get inside the java world and know what is it all about, I have the motivation to make it my 1st lang.
  But, there is a question, is it used widely like the other old and new languages, what makes it a better choice to develope with, what is the advantages I mean ??!!
  is it ready for a real huge application from the real world??
  give me an example
  thanks in advance

  Don't hold your breath ...by that I mean it will be
  better in some ways and the same in most ways.
  My point is that the future of computing, its
  application and its growth lies in network and
  inter-network applications, not in desktop and PC
  stand-alone applications.I don't know if i agree (that desktop apps aren't going to be 'the area' in the future)... just about everybody uses computers nowadays, with the vast majority being home desktop users. The desktop app market is set up in such a way that it cannot reach saturation, as 'everyone' (i.e. the majority of users) always want the upgrades... Norton Antivirus 2004 anyone?
  Basically, I agree with you that Java is not a player in this market, and systems integration is (and will continue to be) a huge growth area. Java should play a central role in this, due in part to its platform independence. Only problem is, in the future if the only programming jobs are bolting together components and existing systems, there will be even less coder jobs than today. So you could say, whilst the future of computing is network and inter-network apps, therein lies our doom...

• Relay Mail from FAX Machine to the Outside World via GMAIL

  Hey everyone, I am not really sure I am in the right place here, but I am tired of running into a brick wall over this issue.
  Here is my basic issue:
  I have a fax machine that supports a functionality known as Fax to email. The machine is new, but Ricoh (5510nf) does not seem to be up on things when it comes to configuration.
  The machine does not support SSL authentication, and for that matter I believe it requires an open relay to work (that is what Ricoh told me).
  So what I need is for the fax machine to use the OS X mail services (or any service/program...) to send a scanned image along the net to the recipient's address. So I log into the fax machine via it's internal address, and the settings of the fax machine include the following:
  SMTP Server:
  POP Server:
  Host Name:
  E-Mail Address:
  Domain Name:
  Account Name:
  Password:
  Reception Interval(min.)
  At first I thought this was going to be a no brainer, but it turns out that I am the no brainer.
  The OS X Server is not really setup to do anything but serve files right now. It is not setup with DNS or other such services.

  According to the available parameters you posted, the Fax machine supports authentication. This should be good enough to send through a mail server. It certainly does not require an open relay to send.
  However, given that gmail requires SSL, you are indeed stuck. That said, I am not sure setting up your own mail server just for this makes lots of sense. Running a mail server has implications. You need to secure it to make sure it is not abused and it also requires a certain amount of maintenance.
  I would rather try and use your ISP's SMTP server. Most likely they allow for sending without SSL and with authentication. Should this not be an option (unlikely), report back and I can try and help you to get your mail server up and running.
  HTH,
  Alex

• Where to store configuration about the outside world?

  I have an abap report that write files to a network share. I would like to store the information in a way that it won't get transferred to the QA system during system copy. How do you keep this kind of configuration outside of the database? Is there a standard way?
  Thanks.

  Hi Igal,
  I think you create param table in DEV system, then you just shouldn't import it to QUA. Configuration copy should not apply here as well as it is still part of development.
  If this doesn't work you can hardcode system check inside a report. There are system vairables like sy-syst or similar (can't remeber excat sy- names now) which stores name of the system, type, and client. I think by checking them inside a program you can ommit place where you call your production path on QUA system side.
  Regards
  Marcin

• Relay settings to get mail from the outside world

  Hello. First, let me say - I'm a mail newbie, so be gentle.
  I've just recently set up my mail server, and I am having an issue where I can receive mail from some people and not from others. Those who cannot send me mail get an error about the relay not accepting it. In server admin, I have checked accept SMTP relays only from these hosts and networks, and I have put in 127.0.0.1/32 and my server's ip/32 (at the advice of apple tech support when I was configuring mail). Is something missing here that would allow me to receive mail from anyone? Thanks in advance for any help.

  Here you go. Thank you.
  Admin$ postconf -n
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  content_filter =
  daemon_directory = /usr/libexec/postfix
  debugpeerlevel = 2
  enableserveroptions = yes
  html_directory = no
  inet_interfaces = all
  mail_owner = postfix
  mailboxsizelimit = 0
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  messagesizelimit = 10485760
  mydestination = $myhostname,localhost.$mydomain,localhost,brainart.biz,www.artsmiths.biz,artsmi ths.biz,www.brainart.biz,mail.artsmiths.biz,smtp.artsmiths.biz,mail.brainart.biz ,smtp.brainart.biz
  mydomain = artsmiths.biz
  mydomain_fallback = localhost
  myhostname = artsmiths.biz
  mynetworks = 127.0.0.1/32,70.90.83.165/32
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpdpw_server_securityoptions = none
  smtpdrecipientrestrictions = permitmynetworks,reject_unauthdestination,permit
  smtpdsasl_authenable = no
  smtpdtls_keyfile =
  smtpduse_pwserver = no
  unknownlocal_recipient_rejectcode = 550

• [solved] Postfix smtp filtered to the outside world

  Hi,
  I set up postfix+dovecot successfully except postfix smtp. I can't connect to smtp from a remote network. nmap shows:
  25/tcp filtered smtp
  When I connect to VPN on the same VPS running postfix, everything works. What could be behind this other than iptables? (I don't have any rules relevant to this set)
  Last edited by Nezmer (2010-01-02 14:32:21)

  Fixed running smtps.

• Why can't quicktime streaming server get to the outside world?

  I cannot get quicktime streaming server to go out to the web. Everyone on the other end gets connection failed. I have my firewall on my server temporarily turned off. It works fine on the LAN. Please give me some ideas.

  Firefox can't establish a connection to the server at upload.xvideos.com.
  How do I fix this

• VLANs unable to reach outside world

  I just purchased a Cisco 1941 ISR for my home lab and I'm running into a problem with getting all my devices behind it to get to the internet. Below is a layout of my network.
  I have 7 VLANs on an SG300-20 layer 3 switch. The switch is connected to my 1941 ISR. I have cable and my ISP is Comcast and they provide a cable modem/router as well. Unfortunately I cannot get rid of this device and I cannot turn off the routing functionality, however I don't actually think that this devices itself is causing any problems with the way I have it setup. I have a block of 5 static IP's from my ISP. I've used one of them as the IP address of my WAN link (G0/1), while the other interface is connected to my LAN (G0/0).
  I have interVLAN networking working just fine. I'm able to ping any VLAN gateway and/or host from any other device (this includes my switch and ISR). From my switch or any device behind it, I can ping the switch (10.1.8.1), I can ping my router (10.1.8.2), and I can even ping my router's WAN link (75.148.101.25). However, I cannot ping comcast's router (75.148.101.30). What is weird is that I can ssh into my ISR (which I can do from any device) and the Cisco router can ping the Comcast router and the outside world.
  If I try to ping 75.138.101.30 (Comcast external IP) from my switch or any device behind it, I get no response. If I try to ping 75.138.101.30 (Comcast external IP) from the Cisco 1941 I get a response.
  To me this looks like a problem with the Cisco router. It knows where to forward traffic but is refusing to do so for anything that does not originate from the router itself.
  Very lost at this point and looking for help.
  Thanks,
  Joshua

  Sure, no problem, happy to provide the full config. I'm very new to networking and just getting started, what command do I need to run to show the nat access list
  raynor#show running-config
  Building configuration...
  Current configuration : 1827 bytes
  ! Last configuration change at 23:18:53 UTC Sat Aug 16 2014 by jschaeffer
  ! NVRAM config last updated at 23:20:33 UTC Sat Aug 16 2014 by jschaeffer
  version 15.1
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname raynor
  boot-start-marker
  boot-end-marker
  enable secret 5 $6$t7$FHadfus1vHhykVc2QolPwTz/
  no aaa new-model
  no ipv6 cef
  ip source-route
  ip cef
  ip domain name harmonywave.com
  ip name-server 75.75.75.75
  ip name-server 75.75.75.76
  multilink bundle-name authenticated
  crypto pki token default removal timeout 0
  license udi pid CISCO1941/K9 sn FGL172610ZP
  username jschaeffer secret 5 $1$IQxQ$DtfZuO78mBeiEbsVD95Afq1
  username ckrupa one-time secret 5 $1$HAnq$$faaybor7t7wqewOqFLm9u0
  ip ssh version 2
  interface GigabitEthernet0/0
   description WAN link
   ip address 75.148.101.25 255.255.255.248
   ip nat outside
   ip virtual-reassembly in
   no ip route-cache cef
   no ip route-cache
   duplex auto
   speed auto
   no cdp enable
  interface GigabitEthernet0/1
   description LAN link
   ip address 10.1.8.2 255.255.255.0
   ip nat inside
   ip virtual-reassembly in
   no ip route-cache cef
   no ip route-cache
   duplex auto
   speed auto
   no cdp enable
  ip forward-protocol nd
  no ip http server
  no ip http secure-server
  ip route 0.0.0.0 0.0.0.0 75.148.101.30
  ip route 10.1.10.0 255.255.255.224 10.1.8.1
  ip route 10.1.10.32 255.255.255.224 10.1.8.1
  ip route 10.1.10.64 255.255.255.192 10.1.8.1
  ip route 10.1.11.0 255.255.255.0 10.1.8.1
  ip route 10.1.12.0 255.255.255.0 10.1.8.1
  ip route 10.1.15.0 255.255.255.0 10.1.8.1
  no cdp run
  control-plane
  line con 0
   logging synchronous
  line aux 0
  line vty 0 4
   login local
   transport input ssh
  line vty 5 15
   login local
   transport input ssh
  scheduler allocate 20000 1000
  end

• FTP and the virus that is connecting outside the network

  I have a problem that has been talked about on this forum, but without a resolution I have found yet. All the posts are unanswered, which tells me that either the person figured out the problem, or it was never resolved and they went on to another solution.
  I have no problem connecting on out 10.x.x.x network, however, on the outside, many problems. The server is on the DMZ, installed in a very large network of switches and doodads. However, this server does have a direct connection to the outside world via the DMZ. It is running OSX server 10.4.7 and it has no connectivity issues with port 80 outside whatsoever. On FTP, big problems outside the the network however. I have gone through the firewall and enabled every possible thing on the any and 192(?) services, at least as it might relate to FTP. That includes, ftp, secure ftp, UDP/TCP in out.. All that jazz.
  On the client side I have used Fetch 5, Transmit (latest version), and of course Terminal. All with similar effects. I can login, it gives me the welcome dialogs, when I connect, and when I finally login. The server seems very responsive. As soon as I initiate 'ls', it locks up. In transit is comes back that the connection timed out and died. In fetch it tells me that there is a firewall problem. As soon as I disable passive mode on the client side it just hangs. When I use terminal I get this:
  Remote system type is UNIX.
  Using binary mode to transfer files.
  ftp> list
  ?Invalid command.
  ftp> ls
  502 'EPSV': command not understood.
  227 Entering Passive Mode (209,130,203,108,199,99)
  200 PORT command successful.
  Then it just hangs until it says:
  421 Service not available, remote server timed out. Connection closed
  I'm open to any suggestions. What could it be that's causing such a problem. I can't imaging it's firewall related, but maybe I forgot to free some port.
  By the way, non of the other servers have any problems with FTP access. This includes 1 xserve, and 10 mac mini's that are functioning as minor servers (quite well i might add, in a controlled room the temps are nice and cool and they are very reliable).
  This server is also on a G4 mac mini. It is backed up once a week and scheduled to reboot every week. Don't ask me why, but it seems slower if you don't do that once a week, maybe a scripts thing. Dunno.
  I know this has been a LONG post, but I appreciate anyone that has read this far, and hope you have a suggestion.
  Thanks

  Nothing? I was kinda hoping for some sort of lead at least.

• Verizon Wireless Network Extender and the Terrible, Horrible, No Good, Very Bad Customer Service experience

  It was a dark and stormy night...
  For the past eight years, I had been happy with Verizon wireless service. Great coverage and rarely a dropped call. However, all of that changed when I moved into a lovely mid-century modern condominium. The solid concrete walls and ceilings were blocking my attempts to communicate with the outside world (i.e. order pizza).
  Enter the Verizon Wireless Network Extender! My own personal cell tower! Alas, the VWNE was $250, which was a lot of money. So, being the resourceful recycling advocate that I am, I procured a refurbished one and hooked it up to my network. Then I called Verizon to begin what would soon become one of the Bottom 10 Least Enjoyable Experiences in customer service history (note: obvious foreshadowing).
  The first technician I spoke with was Benjamin, who was actually quite helpful. He noted the VWNE's MAC address and other information before attempting to allow me to access my unit. But he could not. Why? Apparently the unit was still registered to another Verizon customer. He told me the matter would be forwarded to "Verizon Correspondence Support" who would contact the registered owner and get their approval to reassign the unit.
  A week later, I called in to ask about the status of my request, but was told by Darryl (another tech from the VWNE department) that the "Verizon Correspondence Support" department did not exist. Did. Not. Exist? Fine, I explained the situation again, and Darryl eventually told me he would submit a special access form which may resolve the problem. He apologized for the mixup, thanked me for my patience, and told me to wait 24-48 hours for his return call with the results.
  120 hours later, I called to ask about the status of the change access form because I had not received a callback. Michelle, another representative of VWNE support, told me there was no record of this form having been submitted. No. Record...? After which, she made no effort to help me after reading through my transcript. In fact, quite the opposite. To paraphrase...
  "I'm sorry we wasted two weeks of your time leading you to believe we had a solution. Actually, there is no Verizon Correspondence Department, there is no special access form, and no tech will be calling you back. Furthermore, I will not allow you to use our unit because the previous owner hasn't filled out Release Form 27B stroke 6. For all I know it might have been stolen. Perhaps by you? I guess we'll never know for sure, because I won't contact the owner for any reason. In fact, there is nothing I can do to help you whatsoever. But if you like, feel free to throw our network adapter in a landfill. Thank you and have a nice day."
  OK Michelle, here's the deal. I don't even WANT this doohickey. You see, all I want is for my phone to work. That's why I am calling you. To get THIS piece of your equipment working, at my expense, so that I can continue to be a Verizon customer. Seems like I'm doing my part. Why is this so difficult?
  "Sorry"
  Lesson of the story? DON'T BE A MICHELLE. If a customer is in trouble and you can't solve his/her problem, contact a supervisor and work out an alternative. In my example, perhaps Verizon could have provided me with an "official" VWNE? At a discount? Or have a technician sent out to examine the signal? Really, *anything* is better than being brushed off. After being brushed off.
  After being brushed off.

  Follow up: I acquired another VWNE from a local seller, just in case he had to be contacted for the Nuclear Priority Phone Release Code (geez). Ironically, it wasn't necessary, because said fellow had already left Verizon after too many negative customer service issues. Oops.
  The good news is that Verizon was able to properly activate the second unit. I was connected to a VWNE tech named Bertha who was VERY helpful and treated me like a human being. Which made all the difference and restored my faith in humanity. I requested that my story be relayed to upper management so that the hordes of secondhand VWNE buyers wouldn't also get burned by Verizon's "hands off and look elsewhere" policy. Bingo. Finally. Done.
  Epilogue: Until Verizon eases up on their needlessly stringent policy, beware the unchecked VWNE! Be sure to get the MAC code and check it with a local store/tech support before buying it.

• Apple and the pro market

  So upon a few days of playing and reflection, a few things are clear. Actually they've been coming into focus for a while and it's been pretty clear if you've been paying attention.
  Bear in mind that I'm not bitter or angry about this, it's just business. But the bottom line is we need to find other solutions and move on.
  1. Apple is no longer in the Professional market
  Please let's not argue over "Professional". Obviously I don't mean if you upload to youtube you don't do good work. There is some genius work being done by kids sitting in the living room with an iMac. No doubt. "Professional" has nothing to do with quality. It has to do with worklfow, clients, and commerce. If you run a facility, you need to move away from Apple solutions. I'm not saying Apple won't magically add the features to FCPX to make it work for facilities, but it's so far off right now that it's not even in the discussion. To people who've never hired editors, or collaborated with audio post house, etc etc, please don't argue. Take my word for it when I say you might as well suggest that a facility begin deploying iMovie in their suites.
  By the way, this is not only about video post production. Look across their product lines. Apple changed the game with low cost editing solutions, so we have them to thank for that. Be grateful it happened at all, and now look for other solutions. It was great while it lasted but it's over, at least from Apple.
  2. Apple doesn't generally make these kinds of mistakes
  Which is why I don't think it was a mistake. I don't think the product managers are particularly surprised by the reaction. Maybe they are disappointed, but I'll bet you anything they saw it coming. It's just part of the strategy. And that strategy involves selling more seats at a cheaper price to all the people buying DSLRs and finally shooting that movie they've had brewing in the back of their head. Which is great, and I don't begrudge them that at all. But essentially FCPX is not a replacement for FCP7. It's a replacement for FCP Express.
  3. Apple might add the features necessary to use in a profession environment.
  I'll grant that this is a possibility, but right now it feels like a long way off. And if you are running a shop you need one thing above all else. A plan. And if you don't know that these features are coming, why on earth would you spend any time investing in training? I doesn't make any sense. There are so many things missing that I just don't see it happening. For starters, I've never hired an editor that didn't completely re-arrange the layout of FCP to suit their style of working. The list goes on. Yes, there are some cool things in FCPX. We may even install it on the machines so we can modify some shots using those tools. I'm not sure, we need to keep investigating. But as facility tool it's a non-starter.
  4. Why does a one man band care?
  Well, here's where it gets tricky. And this is why this version may be a miscalculation on Apple's part. Even somebody sitting alone, editing at 10x speed due to FCPX's "revolutionary workflow" will likely eventually need to communicate with the outside world. Suppose you edit your masterpiece, submit it to a festival, but the audio *****? You realize this is your big break, but you don't have the skills to sweeting the audio yourself. Now what? Autoduck to OMF I suppose. Or maybe you've gotten your edit 90% there and you need a rock star editor to come in and really finish it off. Erm... who would that be, exactly? So I guess my point is, unless some real interchange is built in quick, people are going to be sandboxed without the ability to exchange and collaborate. And collaboration is the lifeblood of this industry.
  5. What now?
  Well, the prevailing attitude seems to be "What's your problem? Keep using FCP7 you Dinosaur Who Hates Progress! What, you want to go back to floppies too?!" I'm sure we will keep using FCP7, but eventually it's a dead end. There will be system update which fixes some other bug and simultaneously breaks something in FCP. So we'll be in a trap. Not to mention having no hope of the existing bugs (gamma shifts, cough) never being fixed. But the real issue is access to labor. Essentially there are Avid editors and there are FCP editors (with a lot of them doing both). I've never once tried to hire a Premiere editor, though I suppose it's possible some know Premiere it or could find their way around it, but I'm not exactly willing to pay an editor to learn how to navigate the UI. So... for this one I suppose what we'll do is add a Media Composer to an edit suite and start using Premiere on the graphics workstations and see how that goes.
  There is obviously a split on this board. So to those of you who don't understand why many professionals have a negative reaction to this release, maybe this post will help explain why. It has nothing to do with "progress" of the fear thereof. I'll no doubt personally keep playing with FCPX at home to see what it has to offer, but generally speaking I use tools that play nice with other tools. For all the hysterical reaction, well, I *do* get it. It's bit like having the rug pulled out from under you. But oh well. It's not the end of the world. There are other tools out there. Personally I'm starting to wonder if Motion isn't the real story here.
  And like I said, maybe Apple *does* have a plan for adding the required functionality. If they do, I wished they'd tell us straight up. I'd cheer that news. I'm just not convinced that they have any desire to be in this market any more. Apple didn't exit the professional marked because they hate you. I'm sure they did it because it wasn't profitable to them. Apple (or any company) doesn't really make emotional decisions, they make economic ones. We need to do the same.
  Gary Jaeger // Core Studio
  <Personal Information Edited by Host>

  VERY well said.     Everyone who is furious and feels betrayed uses the word "clients"
  All the folks calling us Ludite Greybeards have NEVER dealt with a client.
  The only thing that i would disagree with is that i DO think this is a massive mistake.   This isn't the Steve Jobs Apple Corp that we knew and loved (yes, past tense).    I don't think anybodys hands are on the wheel of this ship.
  They were the dominant, industry standard...  and they snuffed a once proud FCP franchise out of existence in one day.
  And this makes me VERY worried about Lion.  
  Speaking of Lion,  in one months time....  you will only be able to buy new Macs that have Lion.   And you can't install FCP7 under Lion (and you can't buy FCP7 anyway).    So this is an absolute end of the road for any pro shop.   Right now.  Today.