SP2 manageability in AD environment

G

Guest

I guess that the subject explains my question, but here it is in a detailed form:

The scenario is pretty standard, as I have different Win2000 and Win2003 servers running in their native AD mode (of course, in different LANs), with XP Pro clients.

I am using SUS (with SP1) for managing critical updates in domains, so XP SP2 will be downloaded automaticaly (although not installed as I don't like installation aproval before doing few weeks long testing phase on few chosen machines).

So, when XP SP2 becomes finished, will there be any Administrative template(s) available for download to integrate at least major features of XP SP2 into Active Directory Group Policy?

I'm actualy worried about manageability of SP2 features in domain environments, and don't know if I'll have to create my own .adm file, run from one PC to another configuring SP2 features, or something else?

I'm worried about things like how Windows Firewall will (if) affect ISA Server clients (and servers)? Do I actually need Windows Firewall if the LAN is already protected by ISA Server? If I don't need it, will I be able to configure/disable it through GPO in AD Users and Computers (Server 2000)/Group Policy Management (Server 2003) or I'll have to do that manualy on every single machine?

Thank you in advance for any help on this subject!
 
C

Carey Frisch [MVP]

Windows XP Service Pack 2
http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnwxp/html/securityinxpsp2.asp

Guide for Installing and Deploying the Beta Version of Service Pack 2 for
Microsoft Windows XP Home Edition and Windows XP Professional (SPDeploy)
http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/spdeploy.mspx

Windows XP SP2 Resources for IT Professionals
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx

Welcome to Windows XP SP2 Technical Preview Newsgroups
http://communities.microsoft.com/newsgroups/default.asp?icp=xpsp2&slcid=us

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/

--------------------------------------------------------------------------------------------------------------


|I guess that the subject explains my question, but here it is in a detailed form:
|
| The scenario is pretty standard, as I have different Win2000 and Win2003 servers running in their native AD
mode (of course, in different LANs), with XP Pro clients.
|
| I am using SUS (with SP1) for managing critical updates in domains, so XP SP2 will be downloaded
automaticaly (although not installed as I don't like installation aproval before doing few weeks long testing
phase on few chosen machines).
|
| So, when XP SP2 becomes finished, will there be any Administrative template(s) available for download to
integrate at least major features of XP SP2 into Active Directory Group Policy?
|
| I'm actualy worried about manageability of SP2 features in domain environments, and don't know if I'll have
to create my own .adm file, run from one PC to another configuring SP2 features, or something else?
|
| I'm worried about things like how Windows Firewall will (if) affect ISA Server clients (and servers)? Do I
actually need Windows Firewall if the LAN is already protected by ISA Server? If I don't need it, will I be
able to configure/disable it through GPO in AD Users and Computers (Server 2000)/Group Policy Management
(Server 2003) or I'll have to do that manualy on every single machine?
|
| Thank you in advance for any help on this subject!
 
S

Steve Riley [MSFT]

These are good links. To address one concern: in the old days, it was
customary to use a GPO to disable ICF in a corporate environment because you
really couldn't remotely manage a computer with it turned on.

This is completely different with the new firewall. Yes, you still need it
internally even if your network is protected with an ISA Server: if a
computer gets infected with something while it's remote, then comes back to
your network, an edge firewall is powerless to help the other internal
computers avoid getting infected. This is why host-based firewalls are,
IMHO, now a critical part of any security infrastructure.

Use appropriate GPOs to construct a corporate policy for Windows Firewall
that will allow you to manage the client appropriately yet still keep it
protected.

--
Steve
(e-mail address removed)
 
T

Torgeir Bakken \(MVP\)

Damir said:
I guess that the subject explains my question, but here it is in a detailed form:
(snip)
Click to expand...
Hi

Some additional links to the ones posted by Carey:


Changes to Functionality in Microsoft Windows XP Service Pack 2
http://www.microsoft.com/downloads/...d7-b791-40b6-8364-685b84158c78&DisplayLang=en

Note: WinXPSP2_Documentation.zip contains all the other .doc downloads...


For information on how to deploy FW settings, take a
look at WF_XPSP2.doc.

WF_XPSP2.doc ("Deploying Windows Firewall Settings for Microsoft
Windows XP with Service Pack 2") can be downloaded from here:

http://www.microsoft.com/downloads/details.aspx?familyid=4454e0e1-61fa-447a-bdcd-499f73a637d1
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Will my WinXP SP2 firewall GP affect my Windows 2003 SP1 firewall 1
GP not applied to XP SP2 Clients 3
Firewall settings & group policy not working 1
SP2-Auto install corp. environment, how to disable FW 2
How to "push" SP2 to XP pro clients using WIN2000 Server? 1
Should Messenger Service Be Disabled in Network Environment? 4
Windows Defender: Bypassing Group Policy software update settings 4
XP SP2 with Microsoft outlook 1

Top