slac2.gif (6526 bytes)

No Personal Firewall on SLAC Network

07 March 2002
SLAC NT Home Eudora FAQ

Windows workstations on the SLAC network should not be running personal firewalls (e.g., ZoneAlarm, BlackICE, Norton Personal Firewall, etc.).  However, if you are installing a system for use from your home, or a laptop that will be connected to the Internet from outside SLAC's firewall, then you may want to look at personal firewall options

In many cases the standard personal firewall configuration causes false alarms, or operational failure, costing SLAC support costs. Many hours of troubleshooting were spent trying to help users that were running personal firewalls get network connectivity.  The default for installing RH7.2 from the SLAC standard install point disables the RH "firewall" installation because it causes so much grief.

The other issue is such software often gives the user a false sense of security. ZoneAlarm and the ilk do not reduce the need to maintain the systems in any way. Some users mistakenly believe running ZoneAlarm means they are relieved of the need to maintain their system (because they are already protected). That is not true.

Owner:  Desktop-Admin