Re: Firewall Setting
Because on a LAN it gets in the way of everything. I absolutely will not
allow it to run on our LAN and have the same GPO you see. I already protect
the LAN with a firewall,...I don't need one running on each local machine
screwing things up.
I know, I know,..."But Phil! You have to protect the machines from threats
within!". I don't need a host-based firewall running at Layers3&4 to do
that. "Firewalls" are not the only means of security and protection that
exists. We all survived just fine on our LANs before XP came along. If
someone's LAN needs hosts based firewalls to survive then the over-all LAN
security scheme/policy already stinks to begin with and they are already in
trouble.
I do allow the traveling Laptops to enable the Firewall when they are not on
the LAN. The GPO for the Windows Firewall has the ability to know the
difference and adjust automatically according to if the machine is on or off
the LAN. It determines that by whether or not the Domain Controller is
detected during startup or not.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
"Sanjay Mehta" <SanjayMehta@discussions.microsoft.com> wrote in message
news:27F61B8F-F66C-40E9-8FBF-B3E60E73F371@microsoft.com...
> Hi,
>
> I have a GPO in a windows 2003 domain consisting on win xp2 pc's.
>
> The GPO is has the following settings:
>
> Windows Firewall: Protect all network connections - Disabled
>
>
>
> I am not sure why the previous guy configure it as such. Anybody have any
> ideas why its a good idea to disable the Windows Firewall
>
>
> Thanks