Hopefully, the appliances (e.g. MS Windows) will get better over time, but in the meanwhile, how do we limit the damage? The end-user wants email and web access, and we give him raw IP access and watch the fireworks...
If user education is the answer, then let the user get educated enough to figure out he's NAT'ed and proxied, and then ask to have the raw IP service.
"(MS Windows) will get better over time", but in the meanwhile, with regard to the "Swiss cheese"OS ; no offense to Swiss, OS of Windows . I and many others are spending our weekends installing Opera and disabling MSIE on workstations and converting mail accounts as well. I remember when 3.1's file manager could poke right through a firewall. MS 3.1 is gone or is it? And have they (MS) become better or will they continue to bring half baked pies to the market just to call them fresh, when it reality they are just unfinished pies. With the brewing of Windows "Longhorn" I don't see this any hope of that they will get better over time. Users and employees are like sheep as many employers already know. They perform the same repetitive task without questions and they will continue to click those free coupon installers, despite being terminated for doing so. So do we license the network admins as the MVA or do we issue handicapped tags for the morons? -Peter