cancel
Showing results for 
Search instead for 
Did you mean: 

Broadband Firewall - Coming Soon!

Community Gaffer
Community Gaffer
Posts: 12,808
Thanks: 636
Fixes: 62
Registered: 04-04-2007

Broadband Firewall - Coming Soon!

Morning all,

Just thought I'd provide a heads up about a new piece of development work that's due to be rolled out to customers later this week.

As of Thursday all Broadband Customers will have access to a new server-side Broadband Firewall tool.



This new security feature will help to protect your computer from hackers and online criminals, reducing the threat of your personal information being stolen, or your computer being infected by spyware, viruses or other malicious software.

In addition to the increased security, it also minimises the impact of virulent traffic across the network and should hopefully help reduce the number of port scan, virus and spam complaints our abuse team handle each day.

It should also free ADSL sessions during peak times which will help eliminate some of the recent problems as reported in Service Status here.

There will be two sets of controls: 'Basic' and 'Advanced' (Please note that Personal Firewall was a working name and will be rebranded Broadband Firewall before launch)...



Each setting will block traffic across certain vunerable ports. The ports that will be blocked for each settings are detailed in the tables below.

Basic Settings:-



Advanced Settings:-



We're planning on sending everyone an email containing more details about the new service on the day it's launched. By default Broadband Plus customers will have the firewall switched on whereas, Premier and PAYG customers will need to activate it themselves via the portal. Broadband Plus Customers will be able to turn the Firewall off if they need to although we strongly recommend this is left at the default setting of 'High'.

Feedback welcomed as always.

Kind Rgds,

Bob Pullen
Plusnet Products Team
If I've been helpful then please give thanks ⤵

95 REPLIES
Firejack
Grafter
Posts: 921
Registered: 26-06-2007

Broadband Firewall - Coming Soon!

Good idea.

Whats the thinking of only enabling the Firewall for BB+ customers? Surely enabling it for everyone is the wise route to take. Unless you enable the Firewall 50% (higher?) will just ignore the E-mail announcement as they aren't sure what it means. These are the people who aren't running Firewalls too and need to be protected.

Can't see the harm in Plus.net taking the cautious approach and enabling it for everyone.
carrot63
Grafter
Posts: 599
Registered: 12-07-2007

Broadband Firewall - Coming Soon!

My router is set to block all incoming traffic in any case. Is there any advantage/disadvantage to me using this in addition?
N/A

Broadband Firewall - Coming Soon!

Only vaguely, useage to your router still counts as bandwidth used by you, so cutting down the amount getting to your router, will mean you use less bandwidth.

Servicewide, this will free up some bandwidth for those actively browsing.

It'll also mean that your router is more likely to terminate a idle session, meaning a reduction in problems where too few sessions are available for those trying to initiate a new session.

Re-connecting each time we want to use the service will assist in the loadbalancing of sessions across the gateways too.

No good reason really for not using it, so long as it works to specification.
carrot63
Grafter
Posts: 599
Registered: 12-07-2007

Broadband Firewall - Coming Soon!

Since LLU I'm roll out phobic, and as I see very little incoming traffic in any case, I'll probably take the view that the glass is half empty till I see evidence otherwise.

I'm not sure I get the session thing. My router is on usually 24/7 and not set to disconnect. So am I hogging sessions or not? Or is a session different from a connection.
Community Gaffer
Community Gaffer
Posts: 12,808
Thanks: 636
Fixes: 62
Registered: 04-04-2007

Broadband Firewall - Coming Soon!

Quote

I'm not sure I get the session thing. My router is on usually 24/7 and not set to disconnect. So am I hogging sessions or not? Or is a session different from a connection.


No a session is a connection as you correctly assume.

Rgds,

Bob Pullen
Plusnet Products Team
If I've been helpful then please give thanks ⤵

Community Gaffer
Community Gaffer
Posts: 12,808
Thanks: 636
Fixes: 62
Registered: 04-04-2007

Broadband Firewall - Coming Soon!

Quote
Good idea.

Whats the thinking of only enabling the Firewall for BB+ customers?


BB+ customers are assigned a dynamic IP address. This means that they are far less likely to be running any local services like a mail or web server.

There's the potential for some services not to work if certain ports aren't open and we wouldn't want to break for anyone running their own servers etc.

The email does suggest that these customers turn the Firewall on.

Kind Rgds,

Bob Pullen
Plusnet Products Team
If I've been helpful then please give thanks ⤵

N/A

Broadband Firewall - Coming Soon!

Nope, a session is basically the same thing.

Trouble is, once you start a session, you remain on the same gateway until you next disconnect and re-connect to start a new session. Its only at connection time that loadbalancing of sessions across the pipes/gateways can happen, so you *could* end up on a busier gateway by never re-connecting.

Quote
(Its an inexact science though, the gateway with the least sessions connected, *could* have a disproportionate number of heavy downloaders on it at any one time, so the best based on sessions, *could* be the worst based upon bandwidth - another reason for ISP's needing traffic management - the heavy users are the ones who are perhaps more savvy than the rest, and hence more likely to go gateway hopping to try and get the best speed - so they *could* end up on the same gateway)

As far as hogging sessions goes, ADSL has always been sold as an 'always on' type of net connection, so there's nothing theoretically wrong with being constantly connected. Historically a larger proportion of folks used USB devices to connect though, thus there was a lower number of available sessions required, as not everybody was online at the same time.

I guess really, that since ADSL is so flaky and dependant upon so many things, we'd all be better not bothering. :lol:
avalon
Grafter
Posts: 361
Registered: 05-04-2007

Broadband Firewall - Coming Soon!

Perhaps an explanation of what effect the settings would have on various things people use would help people.

How will Teamspeak/gaming/video conferencing/p2p/etc be affected by the different settings. A few extra lines in the e-mail explaining this might save a few calls/tickets to CS as these are the sorts of questions ordinary punters will undoubtedly ask.
Community Veteran
Posts: 26,357
Thanks: 607
Fixes: 8
Registered: 10-04-2007

Broadband Firewall - Coming Soon!

How will this affect people running P2P? Does it mean that with the firewall on other P2P users will not be able to connect to them?
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£13/month)
Mobile: iD mobile (£4/month)
N/A

Broadband Firewall - Coming Soon!

Hopefully

/my bad Shockedops:
Community Veteran
Posts: 26,357
Thanks: 607
Fixes: 8
Registered: 10-04-2007

Broadband Firewall - Coming Soon!

Question 2. There doesn't seem to be a setting to allow pings only - is there a way to configure it to do that?
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£13/month)
Mobile: iD mobile (£4/month)
N/A

Broadband Firewall - Coming Soon!

Would be handy to have fully configurable rules, I would say.

There's no point in us having it if we have to use a lower setting than we would want, purely because of how the rules are grouped.
avalon
Grafter
Posts: 361
Registered: 05-04-2007

Broadband Firewall - Coming Soon!

Quote
How will this affect people running P2P? Does it mean that with the firewall on other P2P users will not be able to connect to them?


Not necessarily. Wink My firewalls at present don't accept incoming connections.
Liam
Grafter
Posts: 2,083
Registered: 04-04-2007

Broadband Firewall - Coming Soon!

Quote
Question 2. There doesn't seem to be a setting to allow pings only - is there a way to configure it to do that?


Hi Jelv,

The 'High' setting will still allow pings (and only pings) to get through to your connection.