This is correct; if the machine has any issues contacting the domain
and/or applying group policy, the non-domain profile is used. And just
to pick nits, there's nothing that says the non-domain profile has to be
stronger than the domain profile. :)
-Z-
-----Original Message-----
From: Jeff Shawgo [mailto:jeff.shawgo.b@bayer.com]
Sent: Wednesday, March 23, 2005 8:26 AM
To: focus-ms@securityfocus.com
Subject: Re: Windows firewall scopes for notebook users ex office...
I believe the "domain" settings are only used when the machine can
actually contact the domain. Otherwise, the stronger settings are used.
Murad Talukdar <talukdar_m@subway.com>
03/22/2005 02:32 AM
To: focus-ms@securityfocus.com
cc:
Subject: Windows firewall scopes for notebook users ex
office...
Hi List,
When users with SP2 firewall enabled are out of the office, I understand
there is a difference between the domain settings and non domain
settings
but how does the firewall 'recognise' the boundaries of the scope?
What if scope is subnet and they simply connect to an identical
subnet?(Not
sure how likely that is) I think this would mean they are open on those
ports that I have set exceptions for.
Kind Regards
Murad Talukdar
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
---------------------------------------------------------------------------
