Windows XP Pro, Internet Connection Firewall & Group Policy

R

Research Services

Is there anyway to force the Internet Connection Firewall to On _AND_
specify the Advanced Settings (i.e., Services to allow through such as RDP,
File Sharing, etc.) with Group Policies and Active Directory?
It seems like the ICF is only useful for home users, but what about
corporate users on a Windows network/LAN? We don't have the $$$ to purchase
and install a hardware firewall solution at the Internet interface, nor
purchase and install 3rd party software for every client machine.
It seems that if we could control the behavior and advanced settings of the
ICF through Group Policy for a Windows Domain environment, we'd be set.
Any comments or suggestions? Thanks!
 
A

Andrew E

Try going to microsoft.com search,type:Manageability Kit
The have a manageability solutions cd thats designed for
that,its a trial issue but would cerainly give alot of
ideas for less than 10.00 for 120 days
the url might be.www.microsoft.com/windowsserver2003/
technologies/management/default.mspx
 
R

Research Services

Thanks for the link. It looks like the "toolkit" contains trial versions of
MS software - we own and are licensed for much of what is included.
Are there additional tools on the CDs that aid in what we are trying to do?
It seems like you should be able to download the whitepapers and tools
somewhere...?
Do you happen to know which solution or document addresses central
management of the Windows XP ICF through GPOs?
Thanks again for your help!
 
B

Bruce Chambers

Greetings --

The built-in firewall is not designed to be used on internal LAN
connections. The only connection on which you should have ICF enabled
is the connection to the Internet.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
R

Research Services

We have heard that the ICF was originally intended for home users. But with
the recent announcement of the heightened security enhancements in SP2 for
Windows XP it really sounds like Microsoft is changing that to include those
on a LAN.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwxp/html/securityinxpsp2.asp

If they are turning ICF ON by default with SP2 that certainly applies to the
thousands of XP machines we have on our LAN so we expect a way to configure
the advanced settings of ICF with Group Policies.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Internet Connection Firewall- unknown services 4
Windows Firewall Group Policy 1
Windows XP Firewall & LAN/Domain Configuration 1
Firewall and Group Policy 1
Windows Firewall and Group Policy 1
Internet Connection Sharing, Windows Firewall 4
Group Policy / Firewall 2
group policy disables firewall - virus result 9

Top