Talk:Meetinghouse firewall training

As I have interacted with the meetinghouse firewalls, here are some issues that have come up. Some of them might be good to address in some training, and others would simply be addressed in documentation.

  1. Filtering
    • What are the differences between the three filtering levels?
    • How can an STS reasonably check to make sure that the filtering is indeed happening, and that the correct sites are being filtered for the configured filtering level?
    • How can a stake request a change in categorization of a site, or which categories or other rules lead to a site being allowed or disallowed?
    • If the stake president wants custom changes to the filtering, can the GSD accomodate this?
  2. Configuring the firewall
    • Our stake recently changed ISPs, and when the new modem was connected to the firewall, there were no DNS entries in the firewall. The GSD had to rescript the firewall to add back the DNS servers. Perhaps a topic covering changing ISPs would be helpful.
    • Is it appropriate for the STS to do any configuration of the firewall, or is that to be done exclusively by the GSD?
  3. Firewall operation
    • What should the status lights show during startup? What clues do the status lights give about correct operation vs. some sort of error state?
    • What is the appropriate procedure for getting the network up and running again after an ISP outage? Does the firewall need to be restarted?
  4. Physical security
    • Locking up the firewall
    • Options for mounting the unit.
    • What is appropriate protection for a firewall? Specs for a surge protector? UPS?
  5. IP addresses
    • Can it be appropriate to have devices with static IP addresses connected to the firewall? If so, what IP addresses are appropriate?
    • How many dynamic IP addresses can be issued by the firewall's DHCP server? What is their range?

Those are some of my thoughts to get the discussion going. -- Aebrown 20:00, 9 September 2010 (UTC). Bold added by Paulscherbel 17:30, 13 September 2010 (UTC) for emphasis.

Great feedback, Allen! Thank you very much! I will send you an email addressing your thoughts. I hope other people will also share their opinions on this. For now, I'm going to make some of your thoughts bold that I'd like to see addressed better even in the wiki as soon as possible. Paulscherbel 17:18, 13 September 2010 (UTC)
