I would personally go the GPO route rather than local simply because of the 
likelihood of any local rules getting missed during a replacement, migration, 
etc.  Then again, I'd probably create a security group for each of those to 
control it so that if I had another machine that needed the same rule set it 
can just be dropped into the group.
That said, I'm a big fan of making a GPO do one thing, or a group of related 
things, so I have visibility and granular control if needed.

--
There are 10 kinds of people in the world...
         those who understand binary and those who don't.

From: listsadmin@lists.myitforum.com [mailto:listsadmin@lists.myitforum.com] On 
Behalf Of Corkill, Daniel
Sent: Thursday, May 5, 2016 6:38 PM
To: ntsys...@lists.myitforum.com
Subject: [NTSysADM] RE: Default rule set for Windows Firewall

So I ended up creating a GPO that will apply to all servers and be our default 
rule set. For servers requiring specific rules, I can either create separate 
GPOs or apply the rules locally on the server. I'm leaning towards the latter 
because I'd like to avoid creating a lot of GPOs that may contain only one or 
two rules and that are linked to a single server. Just curious how others 
handle this.

Daniel.

From: listsadmin@lists.myitforum.com<mailto:listsadmin@lists.myitforum.com> 
[mailto:listsadmin@lists.myitforum.com] On Behalf Of Corkill, Daniel
Sent: Friday, 22 April 2016 2:00 PM
To: ntsys...@lists.myitforum.com<mailto:ntsys...@lists.myitforum.com>
Subject: [NTSysADM] Default rule set for Windows Firewall

Just designing a default ruleset for Windows Firewall that can be applied to 
all our servers via Group Policy. Anyone have any suggestions or examples 
they'd be willing to share?

Daniel.




*********************************************************************

This email, including any attachment, is confidential to the intended 
recipient.  It may also be privileged and may be subject to copyright.  If you 
have received this email in error, please notify the sender immediately and 
delete all copies of the email.  Any confidentiality or privilege is not 
waived.  Neither the Council nor the sender warrant that this email does not 
contain any viruses or other unsolicited items.



This email is an informal Council communication.  The Council only accepts 
responsibility for information sent under official letterhead and duly signed 
by, or on behalf of, the Chief Executive Officer.



Privacy Collection Notice

Logan City Council may collect your personal information, e.g. name, 
residential address, phone number etc, in order to conduct its business and/or 
meet its statutory obligations. The information will only be accessed by 
employees and/or Councillors of Logan City Council for Council business related 
activities only. If your personal information will be passed onto a third 
party, Council will advise you of this disclosure, the purpose of the 
disclosure and reason why. Your information will not be given to any other 
person or agency unless you have given us permission or we are required by law.







*********************************************************************

This email, including any attachment, is confidential to the intended 
recipient.  It may also be privileged and may be subject to copyright.  If you 
have received this email in error, please notify the sender immediately and 
delete all copies of the email.  Any confidentiality or privilege is not 
waived.  Neither the Council nor the sender warrant that this email does not 
contain any viruses or other unsolicited items.



This email is an informal Council communication.  The Council only accepts 
responsibility for information sent under official letterhead and duly signed 
by, or on behalf of, the Chief Executive Officer.



Privacy Collection Notice

Logan City Council may collect your personal information, e.g. name, 
residential address, phone number etc, in order to conduct its business and/or 
meet its statutory obligations. The information will only be accessed by 
employees and/or Councillors of Logan City Council for Council business related 
activities only. If your personal information will be passed onto a third 
party, Council will advise you of this disclosure, the purpose of the 
disclosure and reason why. Your information will not be given to any other 
person or agency unless you have given us permission or we are required by law.




Reply via email to