Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all articles
Browse latest Browse all 10484

Isolating XP Machines before April 8th - How To?

$
0
0
I need a solution

SEPM Version:  12.1.4023.4080
Client Version:  12.1.4013.4013

Can you suggest how we can isolate XP machines that run critical applications that will not meet the April deadline for Win7 upgrade by utilizing the following SEPM Policies.

Custom Intrusion Prevention
System Lockdown
Network Application Monitoring
Firewall
Intrusion Prevention
SEP Harding Application and Device Control

A new Group would be created for the XP machines.

For example, we have an XP box that runs an application that sends data via FTP to another box on the same network. I would like to lock it down as much as possible, allowing only essential services like DNS, Remote Management, and the FTP client. Access to the Internet is not needed.

I never worked with firewall policies in their most restrictive state and then allowing services/applications in or out. I would imagine logging on the client side will aid in isolating items that need to be allowed or blocked.

I know this is asking a lot, but with time ticking down, I think this might become a popular request.  Perhaps some sample polices that establish a baseline.


Viewing all articles
Browse latest Browse all 10484

Trending Articles