G
Glen Heaysman
Hi all,
We have a site with 350 desktops running Windows XP.
While we're behind a corporate firewall and have desktop
anti-virus software, we're still exposed.
If a user opens email from a web-based provider, the
message is only checked by the desktop scanner. It
doesn't pass through our corporate firewall checks.
If the desktop anti-virus scanner is not working (for
whatever reason) then we have an exposure.
We currently use Group Policy quite heavily. Users
cannot see the C:\ drive; they cannot install apps; they
cannot write to c:\windows; they cannot write to the
registry, etc, etc.
Then along comes a virus like Netsky and brings its own
SMTP engine with it. This engine runs under Windows XP
despite our best efforts to stop this kind of thing from
occurring.
I guess my question is - short of installing a personal
firewall on each desktop - how can we lock down XP to not
allow the desktop PC to run its own SMTP engine?
Any thoughts greatly appreciated.
Regards,
Glen
We have a site with 350 desktops running Windows XP.
While we're behind a corporate firewall and have desktop
anti-virus software, we're still exposed.
If a user opens email from a web-based provider, the
message is only checked by the desktop scanner. It
doesn't pass through our corporate firewall checks.
If the desktop anti-virus scanner is not working (for
whatever reason) then we have an exposure.
We currently use Group Policy quite heavily. Users
cannot see the C:\ drive; they cannot install apps; they
cannot write to c:\windows; they cannot write to the
registry, etc, etc.
Then along comes a virus like Netsky and brings its own
SMTP engine with it. This engine runs under Windows XP
despite our best efforts to stop this kind of thing from
occurring.
I guess my question is - short of installing a personal
firewall on each desktop - how can we lock down XP to not
allow the desktop PC to run its own SMTP engine?
Any thoughts greatly appreciated.
Regards,
Glen