In the aftermath of last week's malware attacks, many administrators are trying to figure out how their enterprise networks could have been infected. A common factor in many of the infections was the mobility of enterprise laptops. Do you know where your users take corporate laptops when they leave the office? And, do you know what they are bringing back into the office?
It reminds me of Alien. In the movie, the spaceship dispatches someone to the unknown planet. Upon his return to the ship, that someone unknowingly brings something sinister back with him and the survivors are left to deal with the problem. Actually, that basic plot could refer to any number of sci-fi cinemas -- The Thing comes to mind as well.
So how do the space explorers keep from becoming infected (other than not taking a closer look at the pulsating pod)? They outfit themselves in better protective suits.
The protective suit for the corporate laptop is a personal firewall.
Then again, installing and configuring a personal firewall on all corporate laptops can be quite a task -- depending on which firewall you choose.
Windows XP SP2 does come with a personal firewall but, as demonstrated by this latest exploit against Windows 2000, that does not provide much solace for the administrators dealing with the latest infection. Plus, though many consider the Windows XP firewall better than nothing, it is far from highly recommended. Among the chief complaints: It does not block outgoing ports.
The following links go to content examining the pluses and minuses of the Windows XP SP2 firewall:
- Our site expert Kevin Beaver takes a minute to address some of the issues with the Windows XP SP2 firewall and how it stacks up against third-party offerings in his tip Windows Firewall: Love it or hate it.
- In an ITKnowledge Exchange thread a user asks whether or not Windows XP's native firewall will be adequate to protect a remote home user and, if not, which personal firewalls would be best. A few users chimed in with their preferences in personal firewalls and reasons for choosing them. Among them, user pedwards17 who said:
I'm by no means a Microsoft-basher, but I would prefer to use a 3rd party firewall. I'd rather not trust Microsoft to protect me from vulnerabilities that they may have created.
I've used both Norton's and Trend Micro's personal firewalls, and I prefer Trend's. I also tried ZoneAlarm's firewall a few years ago (both the free and the pro versions), and I found them to be buggy. Zone's tech support was awful, too.
This tip originally appeared on SearchWindowsSecurity.com
This was first published in August 2005