Windows 7 Pro is contacting sites in China, Ukraine, Poland and other Eastern Bloc countries.
Posted on 2016-11-02
We have a few Windows 7 Pro laptops that are configured to auto-start the VMware Horizion client.
The Windows 7 Pro PC firewall is disabled, since the users do not access the OS. They only have the option to connect to the VMware Horizon connection server for their Virtual Desktop, which is accessed over a Verizon VPN.
Recently we have noticed, on our domain firewall, that a few of these systems are attempting to connect to IP's in China, Poland, Ukraine and other Eastern Bloc countries.
Since there is no direct user activity on the Windows 7 Pro laptops and we are connecting to our Horizon View desktops through the VPN we would like to find a way to block all IP address except the local network and one External IP.