• Patch Lady – for small businesses remember your firewall is a computer too

    Posted on November 19, 2019 at 15:35 CST by Comment in the Forums

    If you are like many small businesses, in addition to the router provided by your Internet provider, you also may have a hardware firewall that goes between you and the outside world.  It provides additional filtering and protection.  In this era of cloud computing it may be getting less important, but I still like to have a bit of web filtering between me and the bad guys that come through browsing in a firm setting.

    Last night at 5:05ish p.m. our Sophos firewall hardware completely died.  Good news is that is covered under warranty they are shipping out a unit overnight.

    The good news is that I quickly downloaded a ISO of a trial of Sophos firewall software, stuck it in hyperV, installed it and after a few missteps in setting up firewall rules, got the server/network back online.  It pays to have a server with spare networking ports that you aren’t using that you can set up a virtual appliance firewall.  I’m using a 30 days trial version to tide me over.  I’m thinking about sticking the home license in there and keeping it on the server as a just in case of emergency.  You don’t realize how dependent you are on the firewall until it goes boom. And then you realize your ENTIRE network goes through a SINGLE box.

    For those of you that are small business consultants, you may want to see if your firewall vendor has similar software appliance downloads to work as a temp firewall as long as you have two nics free.  Once you get it up it looks just like your real firewall.

    Here’s the bad news:  So in googling around last night, I realized that I have a rev 1 SG125 and guess what….. there’s a known issue in these suckers

    And it’s been known for at least two years.  So you may want to google on the firewall vendor forums every now and then to determine if other devices are like this unit:

    “Please do not go screaming at Sophos as this one is NOT THEIR FAULT.  Intel is hampering things trying to contain the damage by not allowing the vendors to say exactly which chips are hit..but a little self-research makes it very easy to figure out whoe SOC is screwed up and which devices are a time bomb.”

    Apparently I’m lucky that it hasn’t occurred before this.

    More on this issue:  https://www.theregister.co.uk/2017/02/06/cisco_intel_decline_to_link_product_warning_to_faulty_chip/

    And it impacts Cisco too:  https://www.reddit.com/r/networking/comments/5sbh7u/cisco_clock_issues_caused_by_faulty_intel_atom/

     

    Hardware
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.