Tony Karrer's eLearning Blog on e-Learning Trends eLearning 2.0 Personal Learning Informal Learning eLearning Design Authoring Tools Rapid e-Learning Tools Blended e-Learning e-Learning Tools Learning Management Systems (LMS) e-Learning ROI and Metrics

Friday, June 27, 2008

Firewall Problems and Solutions

I would love to hear back from people on this as I received a question around firewall problems and solutions that I've not heard as much in the past couple of years. This blog reader provides eLearning content to a variety of customers from their hosted solution. Their solution uses a variety of technologies including: .wma files, JavaScript, Flash, HTML and downloadable PPT.

Their issue is that they are running into customers who are tightening their firewall settings and it causes some of their content to not work.

My sense is that the days when IT was doing things like stripping JavaScript, disallowing Flash, etc. are gone. So my first question is ...
Are you finding issues with firewalls these days? If so, what are you seeing?

Anyone having issues with Windows Media and firewalls? How about other media playback?
I couldn't tell from the message, but it could be the case that they are using some kind of custom player. My sense is that using a custom Player is still a really bad idea in most cases. Creating a Flash shell or a JavaScript based shell is fine. Anything else, especially ActiveX or Java is likely going to be a big problem. Even if you try to do everything over port 80, it's still an issue to get something down and run. But that's my bias. So my second question is ...
Are people still using custom players in anything other than Flash? If so, how do they avoid problems with firewalls and other security systems designed to strip out potentially malicious code? Do Flash players cause any problems with firewalls?
Finally, the reader asked about requesting clients to change their firewall settings. My experience is "good luck." There have been a couple of occasions when we could get changes made to the firewall. But unless you have a lot of influence, you should not be creating solutions that generally require changes. Thus, stick with standard ports, protocols, file formats, etc. Does anyone disagree?
What about getting changes made to firewall settings?


Anonymous said...

In corporate environments firewall setting are getting more "intelligent" which means also more "strict". Not only flash get's banned or at least the storing mechanism crippled ("super cookies") but also the secured mode of IE is common. Additionally is more than common to inhibit access to most "WEB2" sites like, flickr, youtube, ... Most of the companies restrict installation and - if installed - only one media player is installed (mostly WMP) - additional codex can not be installed.

Normally a change of these policies is not planned, neither do the users really know these policies or have the opportunity to get the set up.

Elinor said...

In my experience, Flash movies don't normally create firewall issues (although that might depend on the way the actionscript is made to access various data, etc.) and most companies today have the Flash plugin installed or will allow it to be installed by default if necessary.
Probably the most common 'issue' is running local Flash content on XP, which blocks the Flash movie.
Also, when using JS-AS communication locally, issues can appear which require Flash plugin configuration (which in turn requires administrative rights).
I may be completely wrong but in my view you shouldn't need to change firewall configuration, unless you are actually installing a (proprietary) application on a client server, in which case you would normally liaise with their IT department anyway, and organise any particular rules or settings.

Elinor said...

I forgot to add: using proprietary or java 'plugins' can get pretty dirty and in my experience is not normally worth the trouble esp. when virtually all computers are "Flash-enabled".

With the added security in today's more recent browsers it is becoming increasingly common to require some configuration steps before using the course (e.g. making sure javascript, cookies or popups are enabled, which are easy tests to implement).

Costas Johnson said...

We have recently launched a hosted SaaS which provides free access to SMEs to simply and rapidly author and publish their content. The product incorporates WMP and is written on .NET with Ajax. We have just launched our first global course for the call centre industry which you will appreciate are well protected with firewalls by IT managers who will not bend easily! For instance I am aware that BT (largest UK telco) call centres wanted to introduce a hosted e-learning system and took IT 7 minutes to make the necessary changes! To view what we are doing to ease the adoption of our product then go to where you can try the free demo and experience what we are doing for yourselves

Tony Karrer said...

Anon - I've run into a few situations like this. I wonder if there's research showing the percentages of banning of particular types of tools, technologies, sites?

Elinor - I agree that Flash is generally pretty safe. Certainly that's normally our recommendation for audio and video content that needs to play in many environments.

Costas - it's interesting that you can get them to make the change. It's normally not the amount of time to make the change, it's the willingness to do so. Many organizations are not willing to do so and it creates a barrier to selling your content into a broad set of clients.

Adam said...

Fortunately, as AICC has faded, most e-Learning course chatter happens across the SCORM API. We have some problems with Java support these days and many LMS vendors have SCORM implemented in an applet.

I think that vendors will be moving their SCORM applets to an AJAX implementation (even though to date I haven't seen one) since web-apps that depend on AJAX are so common now.

I can't even tell you when the last time I ran into a true firewall problem out in the wild was.