So, once you have the Windows Firewall with Advanced Security applet open and have clicked on Windows Firewall Properties, if you click on the "Customize" button in the Logging section of each of the three profiles mentioned in my previous blog entry, you will see that, as the image below shows, all logging is disabled.
Now this isn't very secure, Microsoft, is it? Not only is all outbound filtering disabled by default on a product that you spout as being a lot better than your previous inbound-only firewall, but all logging is also disabled by default. Where's the "secure by design" in that?
So, I'd strongly recommend that everyone enables the logging where appropriate - on domain-joined desktops and laptops, that would be in the "Domain" profile. On non-domain joined desktops and laptops, that would be the "Private" profile, and in addition to this, on all laptops you would also do this in the "Public" tab.
Regards,
The Outspoken Wookie
No comments:
Post a Comment