General discussion


No Virus Protection on a walled-off PC?

By WhyDoMath ·
About a year ago I had to switch from diskless workstations connecting to a Linux server for Point of Sale (POS) stations to Windows PCs with XP Pro. Our business application vendor decided to buy a Windows based credit card processing system to meet the new (mandatory July 1, 2009) IRS payment processing standards for Flexible Spending Account cards.

Rather than buy and maintain virus protection for these 2 PCs and allow them Internet access, I bought a Netgear FVS 338 and made a subnet for the 2 POS machines. The FVS 338 blocks all communications except for the Linux server and the proprietary domain "like" the card processing server on the primary POS machine has encrypted communication with. I don't even allow Windows updates. The FVS 338 does port translation to pass startup requests from the Linux server to the card processing clients on the POS machines. In my way of thinking, the PC's behave about like dumb terminals once they boot up and a telnet session is established to the POS application on the server.

Does this seem like a safe practice, i.e. highly restricted Internet access and no virus protection?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums