Windows 2k3 SP1
 

Has anyone installed this and configured the software firewall with it? I'm worried I am going to suddenly lock out all my exchange clients or something by messing up the configuration.

Anyone messed with this yet?

Thanks

I have no desire to install this on anything but my test network until the results come in that it's safe.

I know you can set group firewall policy settings with the new SP1, but I don't see the need to with a PIX guarding the entrance to my network, followed by a Linux server setup behind it just for extra protection.

I have the same thoughts - and I also have a PIX guarding the entrance to the network in question.

I just had the guy from that office call me (I do some work on the side helping him out with his very small office setup) and he had already downloaded and installed SP1 and was pretty gung ho about getting the software firewall in place. I kept telling him to just wait until the word was out that it wasn't going to break something. Couple weeks can make all the difference in this case I thought.

I had visions of XP sp2 going off in the back of my head!

Oh and Bendsley - that's a great avatar!

I think the security of SP1 is a good idea. Perimeter firewalls are useless if there is an attack from the internal network. Locking down servers is a good thing. The Security Configuration tool makes it pretty easy. You tell it what the servers roles are etc. and it will leave the appropriate ports open.

Bendsley - you install SP1 yet?

I have on the test network I have up here. It's just, well, running in limbo at the moment, not doing anything. First thing I'm going to do is install Citrix and Terminal Server Licensing on one of the machines and test it out, because TS licensing can be confusing as hell.

Also, I'm handing out temp. tokens instead of the 20 legitimate ones we do have, so I need to test that too.

All in all, I haven't really done anything that SP1 offers except install it.

By the way, to fluster above talking about internal network attacks. I have Layer 3 switches across the network, and for those "tech savvy" people out there, you know they can do packet routing too. Certain failsafes are in place on those switches and the PIX to gaurd against internal attack, should it ever occur. However, I don't think anyone in here would really know what to do.

I've gone ahead and installed at the one location (not my full time job) but I didn't apply any of the lockdown crap after the install. It hasn't caused any issue but that shop is so small and they are basically only running exchange and simple file and print services.

I haven't put it on at my normal job yet.