Re: SP2 manageability in AD environment
From: Steve Riley [MSFT] (steriley_at_microsoft.com)
Date: 06/09/04
- Next message: Lilla: "Re: Automatic Updates"
- Previous message: Steve Riley [MSFT]: "Re: Unable to Setup VPN Network Connection in Windows XP Pro"
- In reply to: Carey Frisch [MVP]: "Re: SP2 manageability in AD environment"
- Next in thread: Torgeir Bakken \(MVP\): "Re: SP2 manageability in AD environment"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 9 Jun 2004 10:44:56 -0700
These are good links. To address one concern: in the old days, it was
customary to use a GPO to disable ICF in a corporate environment because you
really couldn't remotely manage a computer with it turned on.
This is completely different with the new firewall. Yes, you still need it
internally even if your network is protected with an ISA Server: if a
computer gets infected with something while it's remote, then comes back to
your network, an edge firewall is powerless to help the other internal
computers avoid getting infected. This is why host-based firewalls are,
IMHO, now a critical part of any security infrastructure.
Use appropriate GPOs to construct a corporate policy for Windows Firewall
that will allow you to manage the client appropriately yet still keep it
protected.
-- Steve steriley@microsoft.com "Carey Frisch [MVP]" <mrxp2004@nospamyahoo.com> wrote in message news:%23Q9JHUkTEHA.2944@tk2msftngp13.phx.gbl... > Windows XP Service Pack 2 > http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnwxp/html/securityinxpsp2.asp > > Guide for Installing and Deploying the Beta Version of Service Pack 2 for > Microsoft Windows XP Home Edition and Windows XP Professional (SPDeploy) > http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/spdeploy.mspx > > Windows XP SP2 Resources for IT Professionals > http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx > > Welcome to Windows XP SP2 Technical Preview Newsgroups > http://communities.microsoft.com/newsgroups/default.asp?icp=xpsp2&slcid=us > > -- > Carey Frisch > Microsoft MVP > Windows XP - Shell/User > > Be Smart! Protect your PC! > http://www.microsoft.com/security/protect/ > > -------------------------------------------------------------------------------------------------------------- > > "Damir, HR" <Damir, HR@discussions.microsoft.com> wrote in message: > news:9229209F-E797-4624-BF5D-A1AC51D95470@microsoft.com... > > |I guess that the subject explains my question, but here it is in a > detailed form: > | > | The scenario is pretty standard, as I have different Win2000 and Win2003 > servers running in their native AD > mode (of course, in different LANs), with XP Pro clients. > | > | I am using SUS (with SP1) for managing critical updates in domains, so > XP SP2 will be downloaded > automaticaly (although not installed as I don't like installation aproval > before doing few weeks long testing > phase on few chosen machines). > | > | So, when XP SP2 becomes finished, will there be any Administrative > template(s) available for download to > integrate at least major features of XP SP2 into Active Directory Group > Policy? > | > | I'm actualy worried about manageability of SP2 features in domain > environments, and don't know if I'll have > to create my own .adm file, run from one PC to another configuring SP2 > features, or something else? > | > | I'm worried about things like how Windows Firewall will (if) affect ISA > Server clients (and servers)? Do I > actually need Windows Firewall if the LAN is already protected by ISA > Server? If I don't need it, will I be > able to configure/disable it through GPO in AD Users and Computers (Server > 2000)/Group Policy Management > (Server 2003) or I'll have to do that manualy on every single machine? > | > | Thank you in advance for any help on this subject! >
- Next message: Lilla: "Re: Automatic Updates"
- Previous message: Steve Riley [MSFT]: "Re: Unable to Setup VPN Network Connection in Windows XP Pro"
- In reply to: Carey Frisch [MVP]: "Re: SP2 manageability in AD environment"
- Next in thread: Torgeir Bakken \(MVP\): "Re: SP2 manageability in AD environment"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
