SP2 deployment using SUS

Guest · Mar 3, 2005

Hi....

I'm planning to deploy SP2 using SUS and control the firewall settings using
group policy. Because I need to have the ability to manage the client PCs,
I'm going to need to turn off the firewall. I understand that the firewall
will be turned on by default, but if I have a group policy to disable it,
will that disable it or will it be too late because SP2 is already installed
and the firewall is enabled?

If the above method doesn't work, how do I customize the installation so
that the firewall is disabled using SUS as the deployment method?

Thanks so much.

Oli Restorick [MVP] · Mar 3, 2005

Disabling it with a GPO will work just fine. Even with the firewall on,
Group Policy will still work (as the Windows Firewall doesn't block outbound
connections).

Better yet, I'd recommend leaving the standard profile as "on with no
exceptions" and the domain profile as "disabled". I don't know if you've
looked in to the firewall profiles feature, but it's worth using. When
configured that way, when a machine is connected to the company network, the
firewall will be disabled, but when that machine is disconnected from the
network, the firewall will automatically be turned on. This is worthwhile
for laptops, even if you believe that they are
never plugged in to other networks.

If you want to experiment with and test this feature, typing "netsh firewall
show state" from the PC's command line will show you the current firewall
state.

Hope this helps

Oli

Greg Burns · Mar 3, 2005

Do you have any links to "firewall profiles feature". This sounds like what
we need to be doing at my company.

Greg

Guest · Mar 4, 2005

Thanks. This is great help. Your suggestion on the firewall profile is
exactly what I planned on implementing. Thanks again!

Greg- Check out this article. It talks about the firewall profile.
http://www.microsoft.com/downloads/...e1-61fa-447a-bdcd-499f73a637d1&DisplayLang=en

Greg Burns · Mar 5, 2005

Thanks.

Helpme said:
Thanks. This is great help. Your suggestion on the firewall profile is
exactly what I planned on implementing. Thanks again!

Greg- Check out this article. It talks about the firewall profile.
http://www.microsoft.com/downloads/...e1-61fa-447a-bdcd-499f73a637d1&DisplayLang=en

XP SP2 deploying	1	Jun 10, 2005
SP2 Deployment questions	2	Aug 10, 2004
SP2 Upgrade, Remote Desktop, and DameWare	1	Feb 17, 2009
SUS Question	4	Apr 14, 2004
XP SP2 Firewall removed by nLite, broken after SP3 installed	4	Mar 6, 2009
IIS 5.1 FTP services XP Pro SP2 firewall problem	1	Feb 3, 2006
Groupt Policy Deployment	1	Apr 17, 2006
SP2 & Windows Firewall Configuration Methods	1	Sep 1, 2004

SP2 deployment using SUS

Guest

Oli Restorick [MVP]

Greg Burns

Guest

Greg Burns

Ask a Question

Similar Threads