|
I think File and Print sharing should not be blocked in your trusted networks. Otherwise you cannot remote admin the computers. The trusted networks can be defined in the rule that allows File and Print sharing. In fact, everything should be blocked except the things you need (think about ports for AV, remote assistance, remote desktop, tftp server,...).
Maybe AV stuff can help to clean your computer from viruses and worms, but a firewall can help to avoid that one of these things ever enter the computer.
Why bet on one horse if you've got two?
| 
