Quote:
so, it's totally useless to use firewall in domain network. imho.
Plus, in any but very small networks its nearly impossible to administrate.
I just had a conversation with a friend of mine who works as an admin in a small to middle sized company (500+ clients). They thought about implementing firewalls for every client. After a week of research they realized that in order to lock down the workstations as much as needed to get a better security, whithout hampering all the special apps running on the pc's, they would have at least 50 or 60 different firewall configurations. They dropped the whole thing.
Imho, if you have a tight security on your servers, good local antivirus, no vital data stored on local workstations and a proper firewall/antivirus for all incoming, local FW's would just increase complexity, not security.
_________________________
Eternity is a long time, especially towards the end. - W.Allan
