Ask the Expert

Microsoft Firewall settings for remote users

By default, all AD users in our domain have Windows Firewall disabled. However, for those that have laptops, it would be nice to be able to enable it when they are not logged into the domain (i.e., traveling, home, etc.). Is there any way to test for the domain or use of a cached login to conditionally activate the firewall?
You could potentially use Group Policy and shutdown scripts to enable the Windows firewall when a computer is shutdown, but I think that you may find this to be an imperfect solution. What I would recommend is to configure a firewall policy that is appropriate for all systems on your network. A good method of doing this might be to create an OU for desktops and an OU for laptops with an appropriate firewall policy for each. This will ensure that your systems are protected regardless of whether they are connected to your network or not.


Active Directory, Group Policy and Windows Firewall extras:

  • Fast guide: Active Directory security
    This guide offers plenty of must-know tips on maintaining a secure AD environment, starting with the basics and moving on to more advanced practices.

  • Protecting against anonymous connections using GPOs
    How to use Group Policy Objects to protect your Windows computers from insecure anonymous connections.

  • Yes or no on Microsoft Firewall and other Windows hardening advice
    Find out how to disable Microsoft Firewall, set permissions for shared Excel files and how to avoid re-installing Windows XP when moving to a new hard disk.
  • This was first published in September 2006

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: