Google and Firewalls, round one

SonicWallNSA240-175x140My mailbox has been filling up with pleas for an end to confusion. Not globally, just in the tiny bit of the sum total of human achievement which concerns Google and their applications.

For ages, I have been telling everyone within reach to get themselves a hardware firewall. I hate the fact that “Firewall” has come to mean a whole lot of different things to different people – some say it’s software, others believe it’s a thing a router just does as if by magic; others still say “firewall” and mean “endpoint”… but that’s a digression.

It seems as though Google’s calendar web application wants to actually sniff around in your machine, to pick up re-publishable events in whatever local calendar program you’re using – and it does it from afar. This means, it doesn’t work unless your PC is naked to the web on the particular traffic port it wants to use – and opinions vary over what port that is. There’s a slew of sync utilities, many forum threads, and ominous mentions of Port Forwarding configurations for various chunks of hardware.

Port Forwarding is a pain in the neck in smaller businesses: OK for one or two servers but not so good once you have more than that. When users start demanding this feature, life becomes very painful – once, as the whole internet connection has to be rejigged and then again later, when their inadequately-protected PCs come under attack.

So far, not one of Google’s applications has fallen foul of this trap. Everything works by simply sending traffic out from the PC, which firewalls and routers are generally set to permit – the replies come back with the appropriate routing data and everyone’s happy. If my early experiments are correct then the right sync product for your particular calendar peccadillo sidesteps the need to open firewall ports – but to my mind, having this need present in the first place is an early sign of lazy, monopoly position thinking.

And to ram that point home: while dealing with one of my hardware-firewall using clients, I was obliged to drop into a remote-control session and work through the errors on a PC in the Statenkwartier, The Hague. To do this I encouraged the user to sign up for the free version of LogMeIn and then mail me their username & password. LogMeIn makes zero demands of a hardware firewall, and manages to completely remote control the machine – perhaps this kind of simplicity (and clear user assent to remote access) is something Google need to remind themselves about…

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.