I always leave the firewall on and make exceptions. The only time I turn it off is to troubleshoot issues.
John W. Cook Director of Network Operations Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, Security + VSP4, VTSP4 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Kennedy, Jim Sent: Monday, May 19, 2014 11:16 AM To: [email protected] Subject: RE: [NTSysADM] Do you run Windows firewall on your internal servers? He needs to think about what is called pivoting. Where a box is compromised and they use it to pivot to the next box. Your external firewall won't see that happening. Windows Firewall might. The firewall on 2008 and up is pretty hassle free as far as I have experienced. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Dave Lum Sent: Monday, May 19, 2014 11:11 AM To: [email protected] Subject: [NTSysADM] Do you run Windows firewall on your internal servers? All y'all leave Windows Firewall on on your servers right? I heard a comment recently that "Win 2008 R2 and later have so many services off by default nowadays, running with it off saves headaches vs. the value it adds for servers that are behind our firewall". I leave it on and spend the time to make exceptions as necessary - sometimes it's frustrating and does take a lot of time, but still it seems like the prudent way to go. Seems odd to not run it, but I'm willing to change my thinking if I can hear reasonable arguments, but they'd have to be pretty convincing... Dave ________________________________ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to.
