http://www.microsoft.com/downloads/details.aspx?familyid=2d3e25bc-f434-4cc6-a5a7-09a8a229f118&displaylang=en
<http://www.microsoft.com/downloads/details.aspx?familyid=2d3e25bc-f434-4cc6-a5a7-09a8a229f118&displaylang=en>
The Windows XP Security Guide provides several levels of security
guidance for customers who are interested in hardening deployments of
Windows XP for desktop and laptop clients in their environments.
BTW that's the security guide that has the new info on XP sp2 settings.
Jeff Salisbury wrote:
We use the Cisco VPN Client for remote connections. Evidently the Cisco
Systems VPN Adapter is not considered a PPP or SLIP-based connection in
this regards since my notebook uses the domain profile while connected
by VPN.
I suspect the native XP VPN connection behaves exactly as described in
the link. I believe you can "trick" the machine to use domain mode by
modifying a connection's domain name to match your corporate network's
domain name.
Jeff
-----Original Message-----
From: Darren Mar-Elia [mailto:[EMAIL PROTECTED]
Sent: Friday, October 28, 2005 8:34 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Group Policy Object for Windows Firewall
Just an FYI on this. "On the Domain" can be tricky here. For example. If
your user is connected to the corporate network via VPN, they will be
considered "off the domain" and will use the standard profile. The
determination process is documented pretty well in the following
article:
http://www.microsoft.com/technet/community/columns/cableguy/cg0504.mspx
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley,
CPA aka Ebitz - SBS Rocks [MVP]
Sent: Friday, October 28, 2005 7:44 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Group Policy Object for Windows Firewall
www.sbslinks.com/group.htm [that's SBS's group policy settings for the
XP sp2 firewall]
Domain is when you are 'on' the domain
Standard is when the device is unattached.
Also grab the XP sp2 security documents that were just released on the
web a few days ago.
Todd Hofert wrote:
I am implementing Windows Firewall settings via an Active Directory
Group Policy. I see there are two sets of settings; Domain Profile and
Standard Profile with no explanation of how these settings differ. Can
anyone explain which circumstances dictate which profile to use? I am
assuming it relates to roaming profiles vs. local profiles but I am
not certain. I also do not want to create both profile settings if it
is not necessary.
Thanks
Todd Hofert
IT Director
Spartan Graphics, Inc.
This e-mail and any attachments may contain confidential and
privileged information. If you are not the intended recipient, please
notify the sender immediately by return e-mail, delete this e-mail and
destroy any copies. Any dissemination or use of this information by a
person other than the intended recipient is unauthorized and may be
illegal.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
Confidential
This e-mail and any files transmitted with it are the property
of Belkin Corporation and/or its affiliates, are confidential,
and are intended solely for the use of the individual or
entity to whom this e-mail is addressed. If you are not one
of the named recipients or otherwise have reason to believe
that you have received this e-mail in error, please notify the
sender and delete this message immediately from your computer.
Any other use, retention, dissemination, forwarding, printing
or copying of this e-mail is strictly prohibited.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
