This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall setup

Hello all,

I've got a number of laptops that staff use on and offsite on a regular basis. They're trusted users so can install software they see fit and the software on them updates regulary, such as Flash, Google stuff etc.

They have a policy set on the server, and firewall is set to block by default, this is so all new apps are flagged up and I can add them to the global policy and make sure they're not using anything too risky, rather than them being able to have an interactive policy that gets overwritten every time they update!

My question is thus:

When I get something appear in the event viewer, I "create rule" and "allow all activity" for the application for the shear simplicity of it.

Does this pose a security threat? Should I be creating a specific rule for each application to only let it access the internet in a certain manner? And would this potentially allow all inbound activity too for a possibly corrupt/infected application from an outside source?

Thanks,

Ben

This thread was automatically locked due to age.

Parents

0 bdb_25 over 14 years ago

Thanks for the advice.
Yes I do use checksums as it means I can have better control on just what they're up to. I'll have a trawl through my firewall configuration and try and create some specific rules for each application to cut down on the risk a little more.
Ben
:5714
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 bdb_25 over 14 years ago

Thanks for the advice.
Yes I do use checksums as it means I can have better control on just what they're up to. I'll have a trawl through my firewall configuration and try and create some specific rules for each application to cut down on the risk a little more.
Ben
:5714
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data