Fun with Firewall

OMG the support team finally figured out the tiny tiny tiny little issue that my firewall had with its security license and fixed it! HOORAY!

Essentially, the vendor would get a request from my firewall about our specific company key and respond “no, thanks.” So, basically Moe bonked Larry on the head, while spinning around with a ladder to clock Curly, then Curly’s head slammed into the keyboard and hit the Enter key, allowing our company to be back in action.

Woo Woo Woo! Computers are fun!

Next up = continuing with a PC setup that has been languishing now for weeks because of this stupid issue.

Does it make it any better than I waste more time writing about these problems on this blog? Certainly a debatable point.

Maybe you are not using the same Internet I am using?

Last night, the continuing issues with firewall licenses had me working with ech support on the problem from my house. I VPN over the Internet to my workstation at the office and made changes as needed.

I also mentioned to staff that I was working on the firewall, so staff was not alarmed when the Internet went down and didn’t come back… until this morning when I got a sort of casual ‘hey, you gonna turn that back on?’ message…

Well, how would I know their Internet connection was down – I was connected to the office via VPN OVER THE FREAKIN INTERNET… so obviously we CAN connect. Mayhap our firewall needs a name. It is potentially more devious than even ByTor, and clearly not using the same Internet I am using. And I can clearly cannot choose the wine in front of me.

There is no One Computer

The One Computer is the concept that all Internet connected devices form a sort of collective, massive computing processor. At first, I was buying into this, but alas there is no One Computer. Why? Because we humans with our much smaller individual computers between our ears have nevertheless an endless capacity to muck things up. There are no universal standards, so the many elements of the One Computer either can’t understand each other, or can but don’t want to.

And I am glad. Because I am not the least bit convinced that even an individual node of this One Computer can make sense of itself, much less the larger picture. Case in point: my company firewall was upgraded to have new licenses for a security service. It now properly reports that these new licenses are installed on one screen, and immediately on another screen of the same interface says that an upgrade is required because there are no installed licenses.

Reminds me of when I was doing graphic design for a two-sided flyer and the client wanted to use up a lot of space to put the same information on both sides. My counter-argument: Why? In case the fibers of the paper become separated and somehow side B is no longer on the back of side A? While an accurate assessment of the reality of the situation, this response did not make friends.

Now, I am looking at exactly this scenario: Side B of the firewall admin site says ‘good to go.’ Side A says ‘no go.’ Of course, the magic of computers allows for this rift in the space time continuum without even breaking a sweat.

The Long and Winding Road

While these words conjur up the melancholy story of life as told by the Beatles, it also refers to how any simple task is accomplished in IT. Sadly.

For example, two of our staff got new PCs this week. In order to get those machines up and running and replace their current machines, each user needs to move any files they have to the network, as well any specialized software or settings. That’s the easy part.

Then, I need to connect the machine to our network and get any software installed. Again, easy.

But like the ad says, there’s Reality and then there’s Zumanity. Here’s the Zumanity version:

• Connect machine to network
• Install software
• Connect to Internet
• Oops, can’t connect because we need more Anti-Virus licenses
• Go buy more licenses
• Get supremely confused by types of licenses available (see previous post on Semantics)
• Put item in shopping cart
• Get weird shopping cart results
• Start over
• E-Store won’t ‘forget’ first item, wrestle with it
• Find correct item, finally remove all bad items
• Purchase
• Install the licenses on the firewall
• Oops, can’t because DNS isn’t working suddenly
• Check DNS, it is set externally
• Check external DNS and it doesn’t match up
• Run around in circles wondering what’s wrong, when all users and servers are fine, but not the firewall
• Pull in outside IT vendor for support
• Need a spare workstation, set that up
• Oh by the way, borrowed that spare workstation from a staff member who is trying to troubleshoot an urgent problem while on vacation – Aigh!
• Take care of urgent problem for that staff member so workstation can remain free for vendor
• Connect to IT vendor support network, wait…
• Did I mention Wait… ?
• After much wringing of hands, gnashing of teeth, and of course the requisite hourly fee, problem solved
• Update firewall
• Update all users’ Anti-Virus
• Get Anti-Virus on new PCs
• Go back and finish installing software
• Retire at age 75, never having accomplished any of my own work

Joy.

Semantics

Dear SonicWall,

I really like your network and security appliances. Really. But seriously, dudes. Get a grip on your security service names. What is the deal with all these options?

• Client/Server Anti-Virus Suite
• Comprehensive Gateway Security Suite
• Gateway AV/Anti-Spyware/Intrusion Prevention/Application Firewall
• Enforced Client Anti-Virus and Anti-Spyware

I think they should all be bundled into the “SonicWall Comprehensive Client/Server Gateway Enforced Security Anti-Virus/Anti-Spyware/Intrusion Prevention/Application Firewall Suite Excelsior Edition Deluxe.”

Or just “Deluxe.” That sounds nice.