Security Basics mailing list archives
Re: Client End Firewalls
From: Ken S <ken.securitylist () gmail com>
Date: Wed, 6 Oct 2004 16:42:53 -0500
I've found the Symantec Client Security (SCS) 2.0 product to be very robust, although I'm still looking for a good solution to do reporting. That's one of Symantec's biggest weaknesses. However, the Symantec System Center console does provide a good view of your users and good data on Symantec AntiVirus (SAV) and Symantec Client Firewall (SCF) issues. We're requiring SCS on all remote / mobile machines and have over 1500 of 5000 installed to date. As for management, I'm doing all the admin work myself, and this is just one of my projects. There was quite a lot of work up front, but I haven't had any issues come up in the last month. I created a policy that's being used company-wide, although I've had to modify it to create rules for a few applications that didn't functional properly without it. We took the approach of locking down the SCF completely, so users cannot make any decisions about what's allowed. For most 99% of users, this is working fine. I have wondered if we're doing users a disservice by not training them and requiring them to learn more about security. That's a topic for another discussion, however. We decided to create trusted zones for our LAN, to avoid the necessity of creating rules for every application. This means the utility of the SCF is nill if there's an outbreak inside the company, but at least we feel better protected from our biggest risk: our VPN users. I put an unpatched laptop on a DSL line with my policy and hammered it with several tools. The SCF stealthed the machine very well, as the tools did not return a live host. This is comforting, since more and more people want to connect to public wireless access points. All in all, I think everyone at my company is pleased with it. Now, if I could just get better reporting. I'll save the discussion of 'Symantec's SESA product for another time as well. Good luck. Ken
Current thread:
- Re: Client End Firewalls, (continued)
- Re: Client End Firewalls Dell (Oct 04)
- Re: Client End Firewalls GuidoZ (Oct 05)
- Re: Client End Firewalls xyberpix (Oct 07)
- Re: Client End Firewalls Ken S (Oct 07)
- Re: Client End Firewalls GuidoZ (Oct 08)
- RE: Client End Firewalls Grant . Orchard (Oct 05)
- Message not available
- RE: Client End Firewalls Bryan S. Sampsel (Oct 06)
- Message not available
- Re: Client End Firewalls Dell (Oct 04)
- Re: Client End Firewalls Liran Cohen (Oct 05)
- RE: Client End Firewalls Ehab Abu Al -Khair (Oct 06)
- Re: Client End Firewalls Josh Mills (Oct 07)
- Re: Client End Firewalls Ken S (Oct 07)
- Re: Client End Firewalls Brandon Foley (Oct 08)