There are programs where you can at least audit and try to remove some functions (Beyond Trust, etc), but really it comes down to too much work. We force strong anti-virus instead and use Websense to try to capture anything coming in from the web. Their build scripts temporarily disable real-time scan to speed up the builds.
Engineers don't have a clue about protecting their systems, they may be smarter than the average Joe, but that doesn't give them an advantage when dealing with system security/updates/etc. In most cases they are worse because they are lazy about updates (yet cry when you force it on them), and they seem to think that everyone in the world is a straight shooter - "oh, we don't need passwords" or "we don't need to limit access". Give me a break...
Or the other services that charge like GoodLink, etc. If you already have an Exchange server (okay it does require Exchange), wireless capability is free now and works almost as well as Blackberry. With Windows Mobile on the handheld, which is being deployed more now on phones it works great!
I've set up Sonicwall, but it's a totally hit or miss scenario. Users connected directly to the Internet with a public IP address work fine. But for those with NAT configurations - it's kinda of a nightmare. I've tested some of the common home routers (Netgear, Linksys, Dlink) and on the Linksys and Dlink routers I have to log on to the router and forward port 500 to the appropriate router. Do you know if there are any configurations on the firewall side to avoid configuration on the home routers?
Slashdot Mirror
There are programs where you can at least audit and try to remove some functions (Beyond Trust, etc), but really it comes down to too much work. We force strong anti-virus instead and use Websense to try to capture anything coming in from the web. Their build scripts temporarily disable real-time scan to speed up the builds. Engineers don't have a clue about protecting their systems, they may be smarter than the average Joe, but that doesn't give them an advantage when dealing with system security/updates/etc. In most cases they are worse because they are lazy about updates (yet cry when you force it on them), and they seem to think that everyone in the world is a straight shooter - "oh, we don't need passwords" or "we don't need to limit access". Give me a break...
Or the other services that charge like GoodLink, etc. If you already have an Exchange server (okay it does require Exchange), wireless capability is free now and works almost as well as Blackberry. With Windows Mobile on the handheld, which is being deployed more now on phones it works great!
I've set up Sonicwall, but it's a totally hit or miss scenario. Users connected directly to the Internet with a public IP address work fine. But for those with NAT configurations - it's kinda of a nightmare. I've tested some of the common home routers (Netgear, Linksys, Dlink) and on the Linksys and Dlink routers I have to log on to the router and forward port 500 to the appropriate router. Do you know if there are any configurations on the firewall side to avoid configuration on the home routers?