we need to provide assurance that all our windows firewalls (windows 7 enterprise) have the firewall enabled. Aside from getting them in and manually checking, what other ways would there be to gain assurances on which devices have the firewall enabled and which don't? how would an IT department make sure all devices are firewall protected? this is in a managed AD environment (group policy?).
Also - on windows 7 what permissions are required to disable/amend the windows firewall settings?
what types of firewall exceptions would be configured on windows laptops joined to a network, i.e. what kind of valid rules may you need to apply?
Is windows 7 firewall enabled by default?