03-02-2015 03:31 PM
I am trying to update our Aruba Controller firewall policies. I have a set of Windows PC's on an Active Directory domain.
My predecessor configured a set of 22 rules but things like WMI do not work when remotely checking a laptop. So I thought I would revisit the rules and see if they are set appropriately. Our existing rules are in the attached image.
I found this link that makes sense conceptually (most specific first, most general last) but I cannot find any actual recommended settings for windows PC's.
I'm struggling to figure out how you could lock down anything for Windows anyway, this Microsoft Page shows things like RDP is randomly assigned a port from 1000-5000 and 49152 - 65535. How am I supposed to create rules that lock anything down when I have to leave open tens of thousands of ports?
Does anyone have some recommended settings?
03-03-2015 04:53 AM
My opinion is that this list is too long to manage effectively if you do not have enough time and manpower to do it. If a problem comes up and you have to hastily allow everything, you effectively end up undoing your objective.
If you have time and manpower, keep working on it :)
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base