LDSTech

MLS requiring 881 firewalls

Discussions around using and interfacing with the Church MLS program.

Moderator: pricerd

MLS requiring 881 firewalls

#1Postby bowerm » Thu May 31, 2012 4:57 am

Hi, folks. If this has been discussed elsewhere, please let me know.

I was told a few weeks ago that an upcoming MLS release will require the newer Cisco 881 Firewalls.

I talked to Global Services last Friday and they didn't know anything about this. They then talked MLS technical support about it and the MLS folks didn't know anything about it either.

Can anyone here confirm or deny what I was told?

TIA

Michael Bower
mbower@bbunch.org
Ashburn Virginia Stake
bowerm
New Member
 
Posts: 2
Joined: Mon Nov 10, 2008 8:07 pm
Location: Ashburn, Virginia, USA

#2Postby johnshaw » Thu May 31, 2012 5:29 am

I might help to know who told you this information?
User avatar
johnshaw
Senior Member
 
Posts: 1384
Joined: Fri Jan 19, 2007 1:55 pm
Location: Kansas City (Liberty), Missouri

Re: MLS requiring 881 firewalls

#3Postby bowerm » Thu May 31, 2012 5:33 am

This was from my FMG:

"The FMs were told about MLS and the firewall at a regional meeting last month from the head of the IT department."

He has given me the new firewalls and I will install them. But if this is not required by MLS, then I have a bigger time window to get them installed.
bowerm
New Member
 
Posts: 2
Joined: Mon Nov 10, 2008 8:07 pm
Location: Ashburn, Virginia, USA

#4Postby aebrown » Thu May 31, 2012 8:25 am

bowerm wrote:But if this is not required by MLS, then I have a bigger time window to get them installed.


It's tough to believe that MLS would have a dependency on a particular firewall. In any case, the Meetinghouse Technology folks are a lot more relaxed about the upgrade to the 881w; they're saying it needs to happen, but not right away. In the Legacy meetinghouse firewalls article it says:
If you have an older meetinghouse firewall, you should contact your FM group to budget for and schedule their replacement with the current meetinghouse firewall offering during the latter half of 2012 or early 2013. Upgraded firewalls will support new local administration capabilities being deployed near the end of 2012.
So although "early 2013" is a bit vague, it sounds to me like we should have at least until then before there would be any problems using an older firewall. I suppose it's conceivable that these new administration capabilities might interact with MLS, but we have many months before that issue becomes at all urgent.
Many questions are already answered on the LDSTech wiki. Check it out!
User avatar
aebrown
Community Administrator
 
Posts: 12744
Joined: Tue Nov 27, 2007 8:48 pm
Location: Sandy, Utah

#5Postby russellhltn » Thu May 31, 2012 10:27 am

I wonder if what was actually communicated is that MLS must be on the church network to send/receive. The 881W simply being a shorthand for that.. I seem to remember that did come up in a conversation with a church employee. The idea being that anyone who bypassed their firewall (or tried to run MLS from home) wouldn't be able to work. I don't remember any timeline for the install.
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.
russellhltn
Community Administrator
 
Posts: 14120
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#6Postby johnshaw » Thu May 31, 2012 10:54 am

I've had 'conversations' also and the messages that seem to filter into FM are mixed. It is not getting transmitted the same, to the different regions. I read messages on this board that clearly indicate understanding is not the same everywhere, or else there is some disparity between the FM groups. I can imagine FM taking care of areas of the church that have had rapid growth over the last 5-10 years not needing to do as many high-dollar projects as an area like mine where there are large projects every year just to keep our old buildings and parking lots presentable to the general public.

It seems there should be some kind of actual Policy implemented, this information is understood differently by different groups, it is demonstrable on this board with a few clicks: Here is an example of the confusion:

  • Do I replace all meetinghouse firewalls with the new Cisco 881W
  • Do I implement a wireless network using the Cisco 1041N in all meetinghouses
  • Do I wire ethernet ports to all spots in the building with permanent computers or needs identified by ecclesiastical leaders

We have speculated in our stake that some FM see this as an 'unfunded mandate' I don't quite understand that if this is a direction we are going, why there isn't a $ value assigned to each meetinghouse that can be drawn from to implement these items, rather than identify a need, put it in a budget and get it a year or two later.

I sort-of see this like the lesson scheduler application that came out. The developers stated one of their goals was to implement it in such a manner that if individual wards wanted to roll it out, regardless of what the Stake is doing, they could. It seems to me that if a stake wants to roll out technology, their FM group shouldn't be the reason it isn't happening (for whatever reason FM isn't actively pursuing the meetinghouse 2011 'soft guidelines' (no budget funds is still a very big reason this isn't done, as far as I know FM can't go justify additional funds for a current year, only for the following year).

I saw the initial proposed budget in our stake for 2013. Not a firewall, or wireless access point in there, not a project to locate our firewall equipment from clerk offices to the attic or a more secure location, nothing about running Ethernet cables.
User avatar
johnshaw
Senior Member
 
Posts: 1384
Joined: Fri Jan 19, 2007 1:55 pm
Location: Kansas City (Liberty), Missouri

#7Postby giffordrb » Thu May 31, 2012 1:30 pm

MLS does not require a specific firewall, it only checks and reports if a firewall is present. This is not on any roadmap that I know of either.
Ryan Gifford
MLS
giffordrb
Member
 
Posts: 115
Joined: Tue Mar 01, 2011 8:24 am
Location: Eagle Mountain UT

#8Postby bfromm » Fri Jun 01, 2012 11:40 am

bowerm wrote:I was told a few weeks ago that an upcoming MLS release will require the newer Cisco 881 Firewalls.


FMs are encouraged to replace older firewalls with 881Ws as soon as possible, but no later than the end of 2013. MLS will continue to function with older, approved meetinghouse firewalls through at least 2013 (according to current plans). So go ahead and install your new 881Ws, but don't feel rushed. MLS is going to keep running just fine behind your current firewall for the foreseeablefuture!
bfromm
Church Employee
Church Employee
 
Posts: 59
Joined: Wed Jan 20, 2010 9:07 pm
Location: Lehi, UT, USA

#9Postby pete.arnett » Sat Jun 02, 2012 9:29 am

It appears that the message in the field may have been simplified

Cicso 881W firewalls need to be deployed, it appears that this has been requested to be completed very soon so that changes in LDSAccess and other network management can take place (etc.)and that older Cisco 501 Pix and ASA firewalls that fail are only being replaced with 881W

Clerk's MLS desktops - they need to be upgraded because it appears that some departments are planning to roll out new local unit computer software in 2013 and it is rumored that the new software will not run on computers manufactured prior to 2007

Listen to the broadcast by product manager Brian Fromm about Clerk computers on 01Jun2012, he mentions about upgrades
Thanks,
:cool:Your Fellow Member,
Pete Arnett
Sunny South Florida, USA
User avatar
pete.arnett
Member
 
Posts: 140
Joined: Thu Dec 23, 2010 7:33 am
Location: Sunny South Florida, USA


Return to MLS Support, Help, and Feedback

Who is online

Users browsing this forum: Google [Bot] and 0 guests