Friday, 27 June 2008

Firewall Problems and Solutions

I would love to hear back from people on this as I received a question around firewall problems and solutions that I've not heard as much in the past couple of years. This blog reader provides eLearning content to a variety of customers from their hosted solution. Their solution uses a variety of technologies including: .wma files, JavaScript, Flash, HTML and downloadable PPT.

Their issue is that they are running into customers who are tightening their firewall settings and it causes some of their content to not work.

My sense is that the days when IT was doing things like stripping JavaScript, disallowing Flash, etc. are gone. So my first question is ...
Are you finding issues with firewalls these days? If so, what are you seeing?

Anyone having issues with Windows Media and firewalls? How about other media playback?
I couldn't tell from the message, but it could be the case that they are using some kind of custom player. My sense is that using a custom Player is still a really bad idea in most cases. Creating a Flash shell or a JavaScript based shell is fine. Anything else, especially ActiveX or Java is likely going to be a big problem. Even if you try to do everything over port 80, it's still an issue to get something down and run. But that's my bias. So my second question is ...
Are people still using custom players in anything other than Flash? If so, how do they avoid problems with firewalls and other security systems designed to strip out potentially malicious code? Do Flash players cause any problems with firewalls?
Finally, the reader asked about requesting clients to change their firewall settings. My experience is "good luck." There have been a couple of occasions when we could get changes made to the firewall. But unless you have a lot of influence, you should not be creating solutions that generally require changes. Thus, stick with standard ports, protocols, file formats, etc. Does anyone disagree?
What about getting changes made to firewall settings?

No comments:

Post a Comment