This is correct; if the machine has any issues contacting the domain
and/or applying group policy, the non-domain profile is used. And just
to pick nits, there's nothing that says the non-domain profile has to be
stronger than the domain profile. :)
-Z-
-----Original Message-----
From: Jeff Shawgo [mailto:jeff.shawgo.b (at) bayer (dot) com [email concealed]]
Sent: Wednesday, March 23, 2005 8:26 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: Windows firewall scopes for notebook users ex office...
I believe the "domain" settings are only used when the machine can
actually contact the domain. Otherwise, the stronger settings are used.
Murad Talukdar <talukdar_m (at) subway (dot) com [email concealed]>
03/22/2005 02:32 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
cc:
Subject: Windows firewall scopes for notebook users ex
office...
Hi List,
When users with SP2 firewall enabled are out of the office, I understand
there is a difference between the domain settings and non domain
settings
but how does the firewall 'recognise' the boundaries of the scope?
What if scope is subnet and they simply connect to an identical
subnet?(Not
sure how likely that is) I think this would mean they are open on those
ports that I have set exceptions for.
and/or applying group policy, the non-domain profile is used. And just
to pick nits, there's nothing that says the non-domain profile has to be
stronger than the domain profile. :)
-Z-
-----Original Message-----
From: Jeff Shawgo [mailto:jeff.shawgo.b (at) bayer (dot) com [email concealed]]
Sent: Wednesday, March 23, 2005 8:26 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: Windows firewall scopes for notebook users ex office...
I believe the "domain" settings are only used when the machine can
actually contact the domain. Otherwise, the stronger settings are used.
Murad Talukdar <talukdar_m (at) subway (dot) com [email concealed]>
03/22/2005 02:32 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
cc:
Subject: Windows firewall scopes for notebook users ex
office...
Hi List,
When users with SP2 firewall enabled are out of the office, I understand
there is a difference between the domain settings and non domain
settings
but how does the firewall 'recognise' the boundaries of the scope?
What if scope is subnet and they simply connect to an identical
subnet?(Not
sure how likely that is) I think this would mean they are open on those
ports that I have set exceptions for.
Kind Regards
Murad Talukdar
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]