Enterprise Level Software (Client-side) Firewall?

[dclive]

Originally posted by: Smilin

Originally posted by: dclive
Can you provide more detail on the potential problems, the frequency of the problems, and the conditions under which they're experienced? In all of my tests we've had 100% success, and it's been -faster- at detection then Checkpoint's Integrity product (no delay, vs. a 1-2 minute delay from the Checkpoint product). Quite impressive.

Any KBs written yet?

No KBs that I'm aware of. This may help..
http://www.microsoft.com/technet/community/columns/cableguy/cg0504.mspx

profile determination is also covered here:
http://www.microsoft.com/technet/prodte...b6af5-d960-4a8d-b12b-70692dc47bf4.mspx

There is no actual bug. It's just the detection algorithm is a bit simplistic. Basically it looks at the connection suffix and compares it to the connection suffix used the last time group policy was pulled down. If same, you're on domain, if not, you're not and it applies the appropriate policy. Dial up and VPN connections are ignored for this comparison. That's pretty much it. Works great in most cases but there are some specific circumstances where the wrong policy can be applied or the OS can be fooled into applying the wrong policy.

As a best practice, keep your domain firewall policy locked down enough so that should you inadvertently connect to a rogue wireless AP for instance that you're still safe.

Yep, I've read those. It works, I'm happy. 🙂

 

[spidey07]

I don't know if I mentioned it but we've been exptremely pleased with zone alarm's enterprise product.

It's installed on 50 some thousand machines.

 

[dclive]

Hmm...I'd thought theirs was the local product, not the enterprise product - when you click on "Enterprise" on their www site you're sent to Checkpoint Integrity's site. Can you detail that a bit more?