Q

Microsoft Firewall settings for remote users

If you feel like your remote users would be best protected by Microsoft Firewall but your network is not set up for this, Windows networking security expert has the answer to your troubles.

By default, all AD users in our domain have Windows Firewall disabled. However, for those that have laptops, it would be nice to be able to enable it when they are not logged into the domain (i.e., traveling, home, etc.). Is there any way to test for the domain or use of a cached login to conditionally activate the firewall?
You could potentially use Group Policy and shutdown scripts to enable the Windows firewall when a computer is shutdown, but I think that you may find this to be an imperfect solution. What I would recommend is to configure a firewall policy that is appropriate for all systems on your network. A good method of doing this might be to create an OU for desktops and an OU for laptops with an appropriate firewall policy for each. This will ensure that your systems are protected regardless of whether they are connected to your network or not.


Active Directory, Group Policy and Windows Firewall extras:

  • Fast guide: Active Directory security
    This guide offers plenty of must-know tips on maintaining a secure AD environment, starting with the basics and moving on to more advanced practices.

  • Protecting against anonymous connections using GPOs
    How to use Group Policy Objects to protect your Windows computers from insecure anonymous connections.

  • Yes or no on Microsoft Firewall and other Windows hardening advice
    Find out how to disable Microsoft Firewall, set permissions for shared Excel files and how to avoid re-installing Windows XP when moving to a new hard disk.
  • This was first published in September 2006

    Dig deeper on Network intrusion detection and prevention and malware removal

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchVirtualDesktop

    SearchWindowsServer

    SearchExchange

    Close