karsayor 8 Posted September 5, 2023 Share Posted September 5, 2023 We are trying to achieve a "zero trust" firewall configuration on clients. Even when connect to the domain, nothing except what defined by custom rule should be open. Until recent changes in ESET Policies / Firewall, we used to only remove everything from trusted networks list and set the option "Consider every network as public" so that we were sure that Endpoint were never reachable through SMB, RDP, ... Now with new policies this is much more complicated. The default network connection profiles which cannot be removed nor edited are related to the Windows Firewall which detects the Domain and set the firewall to automatically trust the whole subnet it's connected to. First I think it's not a very good security practice to automatically open ports between endpoints, even though I understand it was made not to impact many customers that used the default trusted network configuration before. But this should be removable, I do not want my computers to trust and allow the whole network by default ! == How should I proceed to change this behaviour ? Add a new Profile with Greater Priority, remove the Trusted Connection option and set Any as activator ? Is this a good way or not recommended ? Link to comment Share on other sites More sharing options...
karsayor 8 Posted September 7, 2023 Author Share Posted September 7, 2023 Anyone ? Link to comment Share on other sites More sharing options...
ESET Staff Posolsvetla 15 Posted September 20, 2023 ESET Staff Share Posted September 20, 2023 On 9/5/2023 at 2:54 PM, karsayor said: Add a new Profile with Greater Priority, remove the Trusted Connection option and set Any as activator ? Yes. Link to comment Share on other sites More sharing options...
Recommended Posts