Have a look here
Happy New Year!
As it's an InSeT day, and I've had two weeks of blue sky thinking time, I've got a quick question - someone HAS to have done it, surely?!
Following a nasty virus outbreak last term, I'd like to run with firewalls up on the workstations to help prevent future problems, or at least make them easier to manage if we get one; security in layers and all that.
Cutting to the chase, what do I need to set firewall exception wise in Group Policy to allow Sophos management console to work through the firewalls? anyone?
BatchFile (4th January 2010)
To specify the GPO exceptions, it would read something like this:
And for the port:Code:%programfiles%\Sophos\Remote Management System\RouterNT.exe:”*”:enabled:Sophos
Not trying to change the topic much here but when trying to block against zero day threats you should get HIPS enabled properly and not as much to do with the firewall. This would have given you a 100% level of protection for the registry of your windows systems.
By default HIPS has three boxes checked to allow you the ability to slowly see what HIPS has seen then you use the authorization selection two selections below the HIPS selection and you can then decide what to authenticate.
After doing this you will de-select or Un-check Alert Only in the HIPS selection leaving the other two checked. This setting blocks newly launched processes (Even good ones ) from making changes to your registries without you first authorizing them.
Even if it is a Brand New virus that Nobody is detecting for!
There are currently 1 users browsing this thread. (0 members and 1 guests)