Results 1 to 9 of 9

Thread: Complete newbie here, Want to know if ZA is the program i'm looking for

  1. #1
    tomfor Guest

    Default Complete newbie here, Want to know if ZA is the program i'm looking for

    I have 4 restaurants that use PC's as a cash register. I will be adding DSL for credit card transactions monday and I want to block EVERYTHING except the CC transactions. Can Zone Alarm do that for me?

  2. #2
    watcher Guest

    Default Re: Complete newbie here, Want to know if ZA is the program i'm looking for

    Dear tomfor:

    It could, if the 4 restaurants were operating stand-alone computers. If they are networked together, you are better off using an enterprise firewall, software or hardware or both. Enterprise firewalls feature a central management console to simplify administration. Using a host-based firewall like ZA with an enterprise firewall is useful in some situations as well, depending upon the network topology and desired protection level.

    I would recommend that you hire a IT consultant to help you perform a needs analysis based on your network infrastructure. While I appreciate you wanting to keep costs down by obtaining free advice, you will need a dedicated IT person onsite(probably part-time only) for when your network goes down or, worse, if it is attacked successfully. Also, since you are a business handling credit card transactions, you may fall under GLBA regulations concerning protection of that information.

    Hope this helps.

    WATCHER

  3. #3
    zaswing Guest

    Default Re: Complete newbie here, Want to know if ZA is the program i'm looking for

    Probably can be done.
    Can you give more details about those transactions? There are Gurus here who are experts at this sort of thing, so chances are you'll get help, but not without some detailed information.

    Clearly, if these are secure transactions, there will be one application and one or two ports to communicate on. You could, in the paid versions of ZA (free version of ZA does not have that level of control), block all applications and all communication ports except those necessary to function. What they are depends on the applications running the register.

    Isn't it easier, by the way, to have a dedicated cash register? Just asking


    WATCHER, I was contemplating and writing this and then I saw your answer. But I decided to post mine anyway. I don't mean to step on your toes. I didn't think of the implications you wrote about. Interesting

  4. #4
    tomfor Guest

    Default Re: Complete newbie here, Want to know if ZA is the program i'm looking for

    the 4 stores are not networked. They're miles apart. The transactions are secure via the POS system installed on the computer I just want to block all traffic except for the CC transaction and keep the employees from downloading MP3's, porn and everything else unproductive.

  5. #5
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Complete newbie here, Want to know if ZA is the program i'm looking for

    You may consider something like a VPN or some tunneling networking for all of these PC.
    The internet access of each PC would be limited to accessing the providers dns and dhcp and then limited to only be networked to each other. The advantages would be a secure and private connection, with no eavesdropping from the internet snoops and of course a limited connection restricted to only the allowed PCs.

    WATCHER suggested getting professional help and hardware firewalling. This is very good advice. Asking is usually free or has very little cost involved. You may even be advised to setup a proper server for the private network.

    Another source would be your internet provider. They may have resources to establish private networks, without any true internet connections to the wide world of internet.

    I would suggest to contact those credit card companies and see what they have to offer. They may have some specialized devices or special software or hardware for you needs. There maybe devices/hardware or software that is available for all of your credit card transactions.

    What you are attempting can be done with software firewalls, but the software firewall and it's network connections can be easily worked around- any employee or internet hacker could "hack" the setup and do what ever they want. The tunneling or VPN setup would be a better choice- it would then be a VPN or nothing when it came to internet access.
    But attempting to use desktop software to secure the entire network is a poor choice. The network has to be secured by the network itself and not the desktops. This attempt to use desktop software only would leave the network vulnerable and very risky at best, no matter how hard you tried to lock it down.

    Once the expert arrives, I am sure he will suggest specialized hardware strictly for financial transactions/small businesses for your needs.
    It will involve upfront costs, but final cost of lost/stolen of income/funds/sales or the credit loss/threats of the customers (and your responsibility for their lost credit information) would probably cost a lot more then getting the proper network setup and running. And in the end, a lot less worries, headaches, financial costs and paper-work.

    Oldsod

    Message Edited by Oldsod on 12-09-2007 05:53 AM
    Best regards.
    oldsod

  6. #6
    tomfor Guest

    Default Re: Complete newbie here, Want to know if ZA is the program i'm looking for

    I don't want to network them. I just want to shut down internet access on each computer individually. The PC's have no need nor reason to communicate with each other.

  7. #7
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Complete newbie here, Want to know if ZA is the program i'm looking for

    If dening any kind of internet connection is wanted, then do not connect the internet to the PCs. That simple.

    If dening internet in general to the PCs and having only access for themselves, then a proper network will have to be established.

    If the PC are never to access the internet and should never have any changes - ie new software, then remove any media access and any networking. This would mean removing the networking cards, plugging the network ports, cementing all the USB ports, removing the media card reader and pulling any CD/DVD media drives, removing any networking drivers, media drive drivers, and USB drivers and so forth. Then run the PCs only in the Limited User Account. have the BIOS password protected and all of the Administrator Accounts password protected. That should lock up the isolated PCs.
    Also the TCP/IP would be set and locked to a default IP.
    It would be a very stripped down and lonely PC.
    Any decent PC repair shop could do this for you.

    Oldsod

    Message Edited by Oldsod on 12-09-2007 10:11 AM
    Best regards.
    oldsod

  8. #8
    watcher Guest

    Default Re: Complete newbie here, Want to know if ZA is the program i'm looking for

    Dear zasuiteuser:

    I think you and I discussed this before. I don't have a problem with anyone contributing their ideas to a thread that I have responded to. I believe multiple responses benefit the forum member who started the thread and help give a more complete answer to the question posed. Based on your request, tomfor started a new thread(above this one)which gives more details re his computer setup. I'm not sure why tomfor did this as Oldsod's responses were, in my opinion, comprehensive enough in scope, detailing issues to be considered and following up with him.

    WATCHER

  9. #9
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Complete newbie here, Want to know if ZA is the program i'm looking for

    Me too! I agree.

    I like additional responses to a posting. It can make the thread a lot richer or more educational while at the same time more interesting.

    Many times the different ideas, approaches, knowledge, education and experiences from the other posters makes a much better response for the OP.
    Sometimes the responses are basically the same answer, but at least the original poster has now confidence that the initial reply was correct.
    Sometimes the correct reply was not the answer and the "off" solution did the trick.
    Sometimes the correct answer was given, but it was difficult for the OP to understand - those extra posters did help explain things properly.

    Just remember gurus are people too, and can make mistakes or do not always have the answers- just the same as everybody else.

    Cheers, Oldsod
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •