Examine desktop firewall configuration settings to verify they are secured from unauthorized access |
Configuring the firewall rules properly is not enough when unauthorized users can modify its rules or even completely disable it. This query will display endpoints that don’t have protection enabled against unauthorized modifications by end users, such as access permissions set to allow access by regular users or there’s an ability for regular users to add or modify the existing firewall rules to allow new types of inbound or outbound traffic from the endpoints located in CDE.
Sign-up for Action1 Free Edition to streamline compliance efforts for your network of endpoints. Such as you can simplify assessments of 1.2.2.a: Protect Configuration from Unauthorized Access for your internal or external auditors, create instant or regular compliance reports that prove your compliance while reducing the costs. Action1 Endpoint Security Platform is entirely SaaS, with online web interface (no management tools to install) and it has zero cost for basic functionality. Running in the Cloud, Action1 discovers all of your endpoints within seconds and allows you to pass compliance audits and maintain continuous compliance with ease.
Respond to Threatsin Real-Time
Ask questions in plain English such as "list of installed software" or "all running processes".
Get answers instantly from live systems or subscribe to real-time alerts.
Related Alerts and Reports:
1.2.1.b: Traffic Limited to Necessary
Examine firewall configuration rules for inbound and outbound connections to verify that it’s limited to which is necessary
1.2.1.c: Deny All Other Traffic
Examine all "deny" rules to verify that all other inbound and outbound traffic is explicitly denied
1.2.2.b: Configurations are Synchronized
Examine desktop firewall configurations to verify they are synchronized
Keywords: Examine desktop firewall configuration settings to verify they are secured from unauthorized access,Action1 1.2.2.a: Protect Configuration from Unauthorized Access.
Find more information on 1.2.2.a: Protect Configuration from Unauthorized Access at Microsoft TechNet.