karsayor 8 Posted September 5 Share Posted September 5 We are trying to achieve a "zero trust" firewall configuration on clients. Even when connect to the domain, nothing except what defined by custom rule should be open. Until recent changes in ESET Policies / Firewall, we used to only remove everything from trusted networks list and set the option "Consider every network as public" so that we were sure that Endpoint were never reachable through SMB, RDP, ... Now with new policies this is much more complicated. The default network connection profiles which cannot be removed nor edited are related to the Windows Firewall which detects the Domain and set the firewall to automatically trust the whole subnet it's connected to. First I think it's not a very good security practice to automatically open ports between endpoints, even though I understand it was made not to impact many customers that used the default trusted network configuration before. But this should be removable, I do not want my computers to trust and allow the whole network by default ! == How should I proceed to change this behaviour ? Add a new Profile with Greater Priority, remove the Trusted Connection option and set Any as activator ? Is this a good way or not recommended ? Quote Link to comment Share on other sites More sharing options...
karsayor 8 Posted September 7 Author Share Posted September 7 Anyone ? Quote Link to comment Share on other sites More sharing options...
ESET Staff Posolsvetla 15 Posted September 20 ESET Staff Share Posted September 20 On 9/5/2023 at 2:54 PM, karsayor said: Add a new Profile with Greater Priority, remove the Trusted Connection option and set Any as activator ? Yes. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.