Solved

Do I need Windows Firewall ?

Posted on 2008-10-24
3
300 Views
Last Modified: 2008-10-27
I have a network of about 300 computers running symantec enterprise all within a Cisco ASA 5510.  I cannot ping computers, remote connect or anything. I figured it is windows firewall as it is on, on most computers - take it off, I can ping and remote.  Do I really need it or can I just turn it off on all computers in my network?
0
Comment
Question by:dennisjameshoward
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 8

Expert Comment

by:DenverRick
ID: 22799020
In your client settings for your Symantec Enterprise if you are using the Firewall, then the Windows Firewall should be turned off.  
0
 
LVL 12

Expert Comment

by:techExtreme
ID: 22799128
There's really no need of multiple firewalls. Moreover, you should only allow applications you consider safe to access your network, you can set it in preferences of the software/firewall you use.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 22799944
Well, until yesterdays out of cycle very critical patch, I would of agreed...
http://www.microsoft.com/technet/security/Bulletin/ms08-067.mspx
But nonetheless most of the time, PC's behind a internet firewall already, do not need a firewall, and it can make administration a little tougher if they are set to deny all. If you allow ports 135-139 and 445, your still vulnerable to that particular issue. Important computers, such as mail servers, backup servers etc... should be as protected as possible, be it with a DMZ, restrictive access lists, and or Vlan seperation.
Your lan is typically a safe place, but it can also become an instant breeding ground of virii if you do not follow best practices (even then, your still affected by 08-067)
http://xinn.org/win_bestpractices.html
And that's only if a virus get's in, be it a visitor, a hacker, or a user clicking something they shouldn't of. We actually don't have AV on our PC's anymore, they get scanned remotely, thanks to best practices(not running as admins), ClamAV+SafeSquid and Snort.
-rich
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question