Jeff McNabney

I know how to set up the Trusted Zone, but do i configure it at the the default policy firewall settings via the management console and assign it to the windows group, or do i configure it at the client end for each pc? If i edit the default windows computer policy to change the trusted zone, and apply it, again will all the pc's lose the ability to add local unblocks? I'm still not clear on whether policies are being applied from the management console by default or not. Obviously out of the box many of my users, including myself had RDP blocked by default after upgrading from v7 to v8, so it was not open by default. If i enable ANY policy at the management console, will it block ALL the clients from adding local blocks for ports?

Endpoint 8.1 Firewall was blocking RDP requests on too many local PC's, so a single custom Policy with a single entry for RDP was added via ESET Protect and associated to the group with all the Windows installs of Endpoint 8.1. After that, no pc in that group would allow local unblocks ["unblocking error"] of any other port or service, which became another problem for wireless Remote displays. Is this correct behaviour? Does a single custom policy disable all other port unblocking features at the client end? Is there a better way around this? If the Endpoint firewall is disabled as a workaround, is the Windows Firewall still active, or has Endpoint assumed ALL control of firewall protection?