Re: SCS 3.1 FW woes

From: Allison Henry <akhenry_at_berkeley.edu>
Date: Thu Jun 22 2006 - 13:49:11 PDT

The desktop client download from http://software.berkeley.edu has a nice
ruleset you can use as a starting point. Here's what I've done:

1) Download and install the preconfigured desktop client to a test machine.

2) Install the Symantec Client Firewall Administrator on the test client

3) Use the "import rules from active client" feature to grab the ruleset

4) Edit the ruleset to add your remote desktop rules and whatever else
you need

5) Use the "export rules to active client" feature and test on the client

6) After that, you can a) save the rules as a policy file and push out
with the Symantec maanger, or b) use the Settings Manager in the
Symantec Client Firewall software to save the settings as an XML file
that can be imported into unmanaged clients.

Hope that helps,

Allison Henry
System and Network Security
University of California, Berkeley
http://security.berkeley.edu

jay sparks wrote:
> Hi,
> I'm making some progress on the new rollout.
> My next hurdle involves making a FW ruleset, which will be a first.
> (Unless a standard one already exists, I want to be able to run
> live-update from the
> client...currently it's locked out. And, I like to use remote desktop
> from the server, also blocked.
> And allow access from the SNS scanners.)
> Is a plug and play ruleset available?
>
> Jay
>
>
> ------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> For information about Micronet, including subscribing to
> or unsubscribing from its mailing list and finding out
> about upcoming meetings, please visit the Micronet Web site:
> <http://micronet.berkeley.edu/>.

------------------------------------------------------------------------
The following was automatically added to this message by the list server:

For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Thu Jun 22 13:52:02 2006

This archive was generated by hypermail 2.1.8 : Thu Jun 22 2006 - 13:52:03 PDT