Solved

Do I need Windows Firewall ?

Posted on 2008-10-24
3
289 Views
Last Modified: 2008-10-27
I have a network of about 300 computers running symantec enterprise all within a Cisco ASA 5510.  I cannot ping computers, remote connect or anything. I figured it is windows firewall as it is on, on most computers - take it off, I can ping and remote.  Do I really need it or can I just turn it off on all computers in my network?
0
Comment
Question by:dennisjameshoward
3 Comments
 
LVL 8

Expert Comment

by:DenverRick
ID: 22799020
In your client settings for your Symantec Enterprise if you are using the Firewall, then the Windows Firewall should be turned off.  
0
 
LVL 12

Expert Comment

by:techExtreme
ID: 22799128
There's really no need of multiple firewalls. Moreover, you should only allow applications you consider safe to access your network, you can set it in preferences of the software/firewall you use.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 22799944
Well, until yesterdays out of cycle very critical patch, I would of agreed...
http://www.microsoft.com/technet/security/Bulletin/ms08-067.mspx
But nonetheless most of the time, PC's behind a internet firewall already, do not need a firewall, and it can make administration a little tougher if they are set to deny all. If you allow ports 135-139 and 445, your still vulnerable to that particular issue. Important computers, such as mail servers, backup servers etc... should be as protected as possible, be it with a DMZ, restrictive access lists, and or Vlan seperation.
Your lan is typically a safe place, but it can also become an instant breeding ground of virii if you do not follow best practices (even then, your still affected by 08-067)
http://xinn.org/win_bestpractices.html
And that's only if a virus get's in, be it a visitor, a hacker, or a user clicking something they shouldn't of. We actually don't have AV on our PC's anymore, they get scanned remotely, thanks to best practices(not running as admins), ClamAV+SafeSquid and Snort.
-rich
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question