[THIN] Re: OT: Desktop Firewall

My issue with most of the "desktop firewall" products is that they are
too aggressive. Generating lots of false positives with users.  This
seems to condition the user to ignore or allow everything out of sheer
reflex. This neuters the effectiveness of a firewall.   This seems to
get much more prevalent with a firewall that monitors both directions
vs just inbound.  If the laptop is sitting behind a "real" firewall at
work the extra security afforded by the bi-directional and/or stateful
inspection firewalls isn't worth the trouble IMO. Vista corrects this
gap in it's firewall and is much easy to manage thru AD.
-matt

On Tue, May 13, 2008 at 9:44 AM, Evan Mann <emann@xxxxxxxxxxxxxx> wrote:
> XP Firewall won't provide outbound control, which IMO, is a huge part of
> deploying firewall at the desktop level.  If you're going to go through
> the desktop firewall process, you should get control and reporting both
> inbound and outbound. Then there's the whole reporting to have to deal
> with.  But, if your A/V product provides basic outbound port blocking,
> you can use that to augment the fact that XP doesn't have outbound
> control, which isn't half bad.
>
> If you're looking to get a little more assistance with HIPS and not have
> to go to McAfee support, subscribe to the yahoo group "tvdug".  It's
> primarily McAfee users on that list, and even a couple Level II/III
> McAfee support professionals frequent the list and reply to it.
>
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
>
> Behalf Of Minero, Hector B CIV NSWCDD, K55
> Sent: Tuesday, May 13, 2008 9:36 AM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: OT: Desktop Firewall
>
> Yes, we are using HIPS and we're having problems with it.  Some
> computers are not updating their policies.  As I said, the management
> console does not appear to be easy to configure either.
> I guess we are also considering the Windows XP firewall, but my boss
> wants me to explore other options first.  I guess she does not think the
> XP firewall is good enough.
>
> _________________________
> Hector Minero
>
>
>
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
> Behalf Of Evan Mann
> Sent: Tuesday, May 13, 2008 9:28 AM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: OT: Desktop Firewall
>
>
> Are you using the newest release version of HIPS from McAfee, or an
> older version/product (like Entercept or Desktop Firewall).  Huge
> improvements in the newer releases of HIPS.  I've only done minimal
> testing with it but found it to be pretty stable and managable.
>
> On Tue, May 13, 2008 at 8:52 AM, Minero, Hector B CIV NSWCDD, K55
> <hector.minero@xxxxxxxx> wrote:
> >
> >
> >
> > What desktop firewall products are you using for Windows XP laptops?
> > We're looking to buy several laptops and would like to buy a tool that
>
> > is easily deployed and managed over the network.
> > We've been trying the MacAfee Firewall and we have lots of problems
> > pushing updates and managing it.  Sometimes it completely blocks
> everything.
> >
> > The management tool is really bad!
> >
> > Any recommendations?
> > _________________________
> > Hector Minero
> ************************************************
> For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation
> mode use the below link: http://www.freelists.org/list/thin
> ************************************************
> ************************************************
> For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation
> mode use the below link:
> http://www.freelists.org/list/thin
> ************************************************
> ************************************************
> For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation
> mode use the below link:
> http://www.freelists.org/list/thin
> ************************************************
> ************************************************
> For Archives, RSS, to Unsubscribe, Subscribe or
> set Digest or Vacation mode use the below link:
> http://www.freelists.org/list/thin
> ************************************************
>
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://www.freelists.org/list/thin
************************************************

Other related posts: