• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

How to completely dissable the SP2 firewall?

E

elkinm

Platinum Member
At work we have problems with software firewalls as they interfere with network traffic which causes big problems. We have good external firewalls so nothing else is needed or wanted.

New PCs have SP2 and some upgrade to SP2 with the firewall disabled, and some settings or security fixes reactivate the firewall.

The question is how can I completely disable the firewall on these systems so it cannot be automatically enabled?

In case anybody is wondering, the software used generally requires local administrative privileges so that is not an option.

Also, it is easy, how can I disable Automatic updates, but still allow Microsoft Updates to work, and not give Microsoft Updates the ability to reactivate Automatic updates.

Thanks
elkinm
 
We have a decent firewall set up for our external connection as well(library system), but we've chosen to keep the Windows firewall enabled on our Staff machines, with exceptions for certain applications that we need to use.

As others have mentioned, it's time to leverage the power of Group Policy. 😉

 
Wow, where to begin?

At work we have problems with software firewalls as they interfere with network traffic which causes big problems
Click to expand...
Yeah they tend to well, block things. Which is why you can configure them to well, not block things.

We have good external firewalls so nothing else is needed or wanted
Click to expand...
Good luck with that, especially since...

the software used generally requires local administrative privileges so that is not an option.
Click to expand...
Yikes.

how can I disable Automatic updates, but still allow Microsoft Updates to work, and not give Microsoft Updates the ability to reactivate Automatic updates.
Click to expand...
So you rely on your users to install security updates?

Time to do some studying up on GPOs, least-privilege and WSUS. Good luck.
 
Personally, I wouldn't turn off Windows SP2 firewall. It works well, is easily controllable with Group Policies, and keeping it turned on would have prevented those major worm infections that have rampaged several large companies (who didn't use individual PC firewalls because they "had a good external firewall").

If there's something that won't run because of the SP2 firewall, there's usually a fix available by calling the software maker. The same thing applies to software that requires Local Administrator rights to run. There's usually a known fix involving local registry rights that gets the software running without that troublesome Local Administrator permission.
 
Originally posted by: stash
Wow, where to begin?

At work we have problems with software firewalls as they interfere with network traffic which causes big problems
Click to expand...
Yeah they tend to well, block things. Which is why you can configure them to well, not block things.

We have good external firewalls so nothing else is needed or wanted
Click to expand...
Good luck with that, especially since...

the software used generally requires local administrative privileges so that is not an option.
Click to expand...
Yikes.

how can I disable Automatic updates, but still allow Microsoft Updates to work, and not give Microsoft Updates the ability to reactivate Automatic updates.
Click to expand...
So you rely on your users to install security updates?

Time to do some studying up on GPOs, least-privilege and WSUS. Good luck.
Click to expand...

First, I am unfortunately not a company administrator. I am just trying to help the tech guys to make things easier for me, them and everyone else. I can't count on them going to the servers. As if they make a mistake it could cost countless amounts of money. They won't even try it without a whole lot of overhead.

There are many systems with many different ports to different servers each. 20-30 if forwarded through a regular router. Forwarding system by system will take a long time and must be 100% error proof to avoid those countless loses. Too many things can go wrong.

Also the XP firewall is not that good. You would not expect mission critical apps to run through it. It is also slow, as it runs on the system. It may only be milliseconds but it is enough. Microsoft will not be offering millions upon millions of dollars of coverage if something goes wrong would they? Also, I am not sure it is even legal to connect through a third-party firewall/packet snuffer.
I don't know what kind of firewall we have, (Chicago board of trade+), but I just hope it is as good as it gets and better then anything I can get myself.

Our software is unfortunately crap, hence all the ports and problems but there is no other viable option right now.

We don't rely on users to do it but that may mean there will be no updates. It seems hard enough to have systems set-up with Automatic Updates turned off. Some users update themselves but don't know much else, hence the problems.

What I am looking is an easy setting or script to disable the firewall on a system, if possible permanently. That I can use or give the techs for easy access. Permanently is most important.
There is a registry setting to disable Automatic Updates. Maybe one to disable the firewall?
I know it is a strange scenario. I will try finding a solution and appreciate any help.

Thanks everyone.
 
Originally posted by: azev
Originally posted by: Brazen
There is a service called Windows Firewall. You could set it to 'disabled'
Click to expand...

IF you have a domain, this service can be disabled via GPO.
Click to expand...


I think your question has already been answered....


Sounds like your company needs some new 'tech guys' with a clue what they are doing.
 
What I am looking is an easy setting or script to disable the firewall on a system, if possible permanently. That I can use or give the techs for easy access. Permanently is most important.
There is a registry setting to disable Automatic Updates. Maybe one to disable the firewall?
Click to expand...
Putting aside the inaccuracies and FUD of the first part of your post, we have already given you the solution to this problem (both the firewall and AU): GPOs.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top