I am about to try out FMPA when people talk of securing filemaker pro by ip address.
Are you talking about the ip address of the machine itself or the ip address given to the machine by the router / hub?
Sorry may I expand on this query.
I am building a filemaker database, and we have 2 locations (offices) and i want to make sure that only one office machine can link into the other office machine and make changes to the database.
I am thinking of getting a BT Secure Services managed system (UK) to make sure only that computer can connect over a BT VPN.
Or can I drill down in Filemaker Pro Advanced and use MAC filtering as well. It will be extremly important that we have very secure connections as we are an alarm systems company and the data that we hold needs to be updated via our engineer(s) daily.
Advice and Guidance would be welcome...George
If you elect to use a FileMaker script (does not require advanced), you could use Get ( SystemNICAddress ) to identify the hardware of the specific machine linking to your database as the client. Make this test in a script that is set in File Options to run when the file is opened and your script can log pertinant info about the computer, username and account name being used to attempt access before using Quit Application to kick them back out. (Allow user abort can be used to keep them from aborting this script during start up.)
Because what you are saying is a bit over my head with scripting at the moment I used copy and paste the "Get ( SystemNICAddress ) " into google and there seems to be a discussion going on about this very topic the link is http://fmforums.com/forum/topic/79031-defeating-getsystemnicaddress/
It is a shame that Filemaker cannot just add an extra facility of MAC filtering.
I will come back to your guidance and advice when i know more about writing a script....many thanks George
I think you'll need to acquire a basic knowledge of scripting if you are serious about creating your own database here.
The link you shared connects to a very good discussion of the issue with some major industry experts weighing in on the subject. A lot depends on how much "security" you really need in this area. The key detail I parsed out of this is that VM ware can be used to "spoof" an NIC address so it is at least theoretically possible to get around this security measure--but you'd have to know that NIC address before such "spoofing" would accomplish anything.
How likely/easy it might be for someone to get account name, password, and NIC address in order to gain unauthorized access to your file is a call you'll have to make. To me, it doesn't seem very likely when you include it as part of your overall "layered defenses" that you'll want to put in place for such a system.
Have i by accident found a solution.... the link below is talking about setting up a table of MAC address filtering that the Filemaker database will allow. Where I think that in this case I obtain the MAC address of all the computers that I want to allow and enter them into a table and then use the script in the article below.
How do I prevent a solution from being installed on more then one Ipad.
If anyone can provide a confirmation (someone more expereinced than myself) of this it may worth reposting this answer as A lot of people have been talking around this idea but with Instant Web Publising (perhaps instead of using a server)
That's exactly the post I was remembering when I responded to your post. Not having tried it for myself, I waited to see if someone who had would respond first. (That thread may be found in the FM Go section of this forum and is the context behind its question.)
I don't know enough to offer an opinion on what will be easier for you. That's very much something determined by what skills and experience you already have and in what areas. You'll have to decide that for yourself.
If I were you, even if I decide not to use this scripted security enhancement, I would not embark on this project until I understood and had a basic competency with FileMaker scripts. It's just way too valuable a tool to use in producing a solution that works for you not to learn how to use it.
@Phil's last post - Extremely well said!
A tool for creating a database that does all you want in a way that works well for all users. Not using scripting in the design of a FileMaker database is like pedaling a bike with only one bike pedal.
Depends on what you mean by "anyone".
PHP is a tool you can use to design a web page so that it can access a FileMaker database only if you configure Filemaker to publish the database to the web with custom web publishing. Your initial post described a very limited access configuration that does not require publishing FileMaker to the web at all.
Retrieving data ...