News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Patch Lady – for small businesses remember your firewall is a computer too

    Posted on November 19th, 2019 at 15:35 Susan Bradley Comment on the AskWoody Lounge

    If you are like many small businesses, in addition to the router provided by your Internet provider, you also may have a hardware firewall that goes between you and the outside world.  It provides additional filtering and protection.  In this era of cloud computing it may be getting less important, but I still like to have a bit of web filtering between me and the bad guys that come through browsing in a firm setting.

    Last night at 5:05ish p.m. our Sophos firewall hardware completely died.  Good news is that is covered under warranty they are shipping out a unit overnight.

    The good news is that I quickly downloaded a ISO of a trial of Sophos firewall software, stuck it in hyperV, installed it and after a few missteps in setting up firewall rules, got the server/network back online.  It pays to have a server with spare networking ports that you aren’t using that you can set up a virtual appliance firewall.  I’m using a 30 days trial version to tide me over.  I’m thinking about sticking the home license in there and keeping it on the server as a just in case of emergency.  You don’t realize how dependent you are on the firewall until it goes boom. And then you realize your ENTIRE network goes through a SINGLE box.

    For those of you that are small business consultants, you may want to see if your firewall vendor has similar software appliance downloads to work as a temp firewall as long as you have two nics free.  Once you get it up it looks just like your real firewall.

    Here’s the bad news:  So in googling around last night, I realized that I have a rev 1 SG125 and guess what….. there’s a known issue in these suckers

    And it’s been known for at least two years.  So you may want to google on the firewall vendor forums every now and then to determine if other devices are like this unit:

    “Please do not go screaming at Sophos as this one is NOT THEIR FAULT.  Intel is hampering things trying to contain the damage by not allowing the vendors to say exactly which chips are hit..but a little self-research makes it very easy to figure out whoe SOC is screwed up and which devices are a time bomb.”

    Apparently I’m lucky that it hasn’t occurred before this.

    More on this issue:

    And it impacts Cisco too: