Firewall question...

[AJLoehr]

This is a very generic question about firewalls, I'm sorry I don't have a lot of the specifics. I use an oracle based reports program to pull data from a server. The program I use is called Discoverer. Recently the server administrators updated the software and now I cannot log into the program anymore. Their excuse is they are having firewall issues. Now my only real techie experience is not in hardware, but software. I code in VBA and make usefull databases, so understanding the finer points of firewalls is not my forte. But I'm not stupid and I can understand things when they are explained to me. I've been told in the past that firewalls whether hardware or software are basically gateways separating the user from the resource. They basically check for header packets on incoming data requests and/or data sent and validate with the prescribed exceptions list as to if the request or data sent is authorized to pass the firewall. If not, it's rejected. If that is the case and if the software was just updated with new features, I don't see how the firewall is the problem. And I really don't see how if it is the problem, how after 4 days they still can't seem to figure out the fix.

Am I wrong here. Can things be that complicated with simple software upgrades that hardware/software (not sure which) firewalls would be the reason that thousands of users (not just me) cannot access our resources we've been accessing for years.

 

[DrB0b]

Depending on what port the Program operates to allow login/data transfer, if the update changed that to one that was previously blocked by the firewall, it is possible but you would think the update would have explained that specifically.

Not sure how big a company we are talking about but if it was in mine, very small business, I would temp open the firewall or route around it to see if it was the culprit.(if a medium to large company, this might not be possible)

"You don't know what you got, till its gone..
80's hair band Cinderella or ode to data backups???

 

[vacunita]

There can be many reasons it could be the firewall.

It could potentially be caused because the updated application now has a different identifier than the old one, and the firewall does not recognize the traffic to/from it as traffic it can let through.

It could also be totally unrelated to the upgrade and simply some issue with the firewall they haven't resolved yet that coincidentally popped up at about the same time.

It could also be an issue with the user list in the application, in that it was not transferred correctly to the upgraded application and thus is not authenticating correctly.

But of course this is all merely speculation, and educated guesses, without any more info on how the application works or what else may have happened in the server to cause this there's no real way to actually determine whether it is really the firewall or something else.



----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Web & Tech

 

[AJLoehr]

I appreciate the quick responses. Ok, I'll concede there could be issues with the firewall. But seriously 4 days and they can't figure it out. As to the size of the company, it doesn't reflect the number of users. There are probably 400-500k employees, but only 5-10k users of this service. I think 4 days with no service is unacceptable. After 2 days and no ETIC I would have reverted back to the last working copy and went back to testing. They said they did rounds of testing and did not encounter the same problems as they did going live. My thoughts are: Einstein said that the definition of insane is doing the same thing over and over and expecting a different outcome. I would think that if that statement is true, then how do they expect me to believe they tested this software in the exact same environment without problems and now they have them.

 

[DrB0b]

Software upgrades on that scale make it impossible to run a test environment that will cover all possibilities. Their test environment might have been 100 VMs all acting fine but when you deploy, its a whole new ballgame.

"You don't know what you got, till its gone..
80's hair band Cinderella or ode to data backups???

 

[AJLoehr]

Did I mention I'm just talking about logging on. I'm not talking about using the software. I understand a couple, 10 or even 100 testers can't possibly replicate the 1000's of users possible problems. I'm talking about accessing a website and logging on. Am I still being unreasonable for not understanding their excuse?

 

[FredWagner]

Suggest you contact the vendor support for your Discoverer program - there's a good possibility that some of their other customers have encountered the same problem. And then have their Support People talk to your Server Admin / Network Support people to work it out.
If the Discoverer program has 5K or 10K (or even 5 or 10!) users in your company, you should have a Help Desk item number assigned to it, with appropriate priority and urgency. But you can make a few calls to ensure that the Vendor Support is talking to your corporate tech staff.

Fred Wagner

 

[AJLoehr]

Everyone and their mothers are involved at this point. I'm not really trying to diagnose the problem. They've said it's a firewall issue. I'm just curious if it really can be a firewall issue or are they just feeding me a line. NOBODY can use the program right now. Not me, not any of the 5-10k users. We go to the website that we've been using for years and it takes about 2-3 minutes to load and when it does, many of the images do not load. It's as if the pics library was moved and the paths are now brokens. The fields are there for Username/Password and when the image placeholder is there for the login button. When you put in your Username/Password and click where the "Go" button would be, it cycles as if it's processing the onclick event and nothing happens. They are saying it's a Firewall issue. But it's been 4 days and I can't fathom it being a firewall issue if all they did was update some capabilities to the software. They didn't add new software, they didn't change the authentication protocol, it's still the same login procedures so I don't see how it would have affected the firewall in anyway. And if it did, I don't see how it would take a professional team 4 days to figure it out. I sent them an email asking them if they tested the changes before they deployed them and they said they tested them. I asked if the tested them in the same environment or a different one, they said the same. I don't see then how it would not work correctly if they tested it under the same conditions and they claim it's a firewall issue. I'm just talking about loggin in, not using functions of the website. Am I missing something?

 

[FredWagner]

Is the Discoverer app accessed through a browser interface ? If so, there might have been enterprise-wide security setting changes in your browser that caused the issues you're experiencing. Has your browser been upgraded to a new version ?

Similarly, desktop-user rights settings might have been changed by Group Policy, with the unforseen results in operation of the Discoverer app client. Could it be that the folks with unrestricted rights on the network, and full admin privileges on their desktop PCs don't experience the problem - but those who are 'restricted' for their own protection do ?

Fred Wagner