I am trying to update our Aruba Controller firewall policies. I have a set of Windows PC's on an Active Directory domain.
My predecessor configured a set of 22 rules but things like WMI do not work when remotely checking a laptop. So I thought I would revisit the rules and see if they are set appropriately. Our existing rules are in the attached image.
I found this link that makes sense conceptually (most specific first, most general last) but I cannot find any actual recommended settings for windows PC's.
I'm struggling to figure out how you could lock down anything for Windows anyway, this Microsoft Page shows things like RDP is randomly assigned a port from 1000-5000 and 49152 - 65535. How am I supposed to create rules that lock anything down when I have to leave open tens of thousands of ports?
Does anyone have some recommended settings?
Mark