Wirt after Chuck:

>> You are also assuming that every user will have an
>> internet connection and that the corporate firewall
>> will allow your application to connect to the licensing
>> server.
>
> Yes, we are assuming for the period of establishing a
> legal license, the PC would have access to our licensing
> server. That shouldn't be a problem in any organization,
> regardless of how tight their corporate security is. If
> the software were important to the prospective
> organization, they could certainly find an easy way to
> make it work, the simplest being of course that access
> to the software's licensing server's specific IP address
> would be allowed.

As an employee of a "large Federal Government organization"
this is one area where while what Wirt is proposing is
TECHNICALLY possible, as a practical matter for any
significant number of PCs it would be a real pain for us
(especially for me, since I would have to progress the
paperwork) i.e. (especially in the post 9-11 environment):

Our corporate firewall by default denies a whole bunch of
standard services.  I'm not at liberty for obvious
reasons to list what IS allowed under what circumstances,
but I can say that external incoming TELNET, FTP, TFTP,
and a bunch of etc. are by always by default DISallowed
for everybody outside the firewall.  As Wirt notes,
temporary openings through the firewall for specific IP
addresses are one option that can be used...  BUT:  The
requires formal approval by "higher authority" for EACH
case;  that lists the IP address at BOTH ENDS for each
case, the date / time that the temporary tunnel will be
in effect, contact names at both ends, justification..
You get the picture:  This is the Government, and we
sometimes find it difficult not only to help "you", we
make it difficult to even help ourselves...   :->  ...
or is that  :-{

Anyway, doing above once for my PC is not a big deal...
Doing it over a period of time and in "small increments"
for 25 PCs in our Division would be significantly more of
an irritation...  Doing it for the several hundred PCs in
our Department...  I would have to say it makes me tired
just thinking about what a struggle that would be...  to
the point that I'm afraid if each and every PC would have
to be able to be accessible outside the firewall even ONE
time for a short period of time, the hassle and large
amount of expensive resources in short supply (i.e.:  My
time) that would take would be a real hard sell to my
management.


Wirt, any chance you could come up with a scheme that
would update one internal corporate server with, say, a
system that would record that we bought, say, 200 copies
of your software...  And then have the internal PCs have
to query that internal server and "decrement" our license
count every time a new PC was brought up ??..  As per
above, in return for getting the benefit of very low-cost,
high-quality software it would be easy to justify getting
approval to temporarily open the firewall once (or once in
a fairly great while) to update a multiple-license count
on one (or maybe a couple) internal servers.  But to do
that for EVERY end-user PC...  well, you have to know
something about our internal network procedures (that are
mostly if not totally out of my control) to appreciate how
tough it would be to sell making every end-user PC even
momentarily visible to the internet..  You might say our
screwed-up internal bureaucracy is OUR problem...:  And
you're right:  It is...  But it's a problem I can't make
go away...

Ken Sletten

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *