using a firewall on clinet inside network

  • Thread starter Thread starter signit
  • Start date Start date
S

signit

I have a few users that travel with there laptops and go to hotels and
airports with highspeed. I have installed zone alarm and have allowed all
inbound from my internal subnett to that client. All other traffic gets
firewalled.

Is that good enough to still have these laptops participate in active dir as
well as other lan traffic.

Here is a nmap of the laptop in the lan with the firewall enabled..all open

Anyone recomend a good sofftware firewall for this

135
139
444
1025
 
It is not good security practice to leave those ports open to the
internet. Right now there is a massive assault on port 135 that has slowed my
high speed connection to a crawl and my firewall log shows large amounts of port
135 packets being dropped by it. A vpn would be a much better solution. You
could enable pptp vpn on one of your W2K servers and have the laptops use built
in vpn client to access. Or you could install a vpn ipsec internet device and
install vpn ipsec clients on those computers. Ipsec client software may cost you
$100 or so per copy. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;300434
http://support.microsoft.com/default.aspx?scid=kb;en-us;308208
http://www.netgear.com/products/prod_details.asp?prodID=129&view=sb
 
I think you misundersttod my questinon

allowed all
Means that when not on my internal network everythign gets blocked. When in
the internal network it should act like a normal PC since it has inbound my
subnet to laptop.

this has nothing to do with outside inbound traffic
 
I'm not fond of ZA - BlackICE is a lot better. Sygate is pretty good, too.

Are you experiencing any problems working on the LAN with the firewall
enabled?
 
Back
Top