cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
d46j48fx
Contributor I

Endpoint Firewall rules

Hi colleagues,

 

Are there any frameworked recommendations for endpoint (host-based) firewall rules for end-user workstations?  I understand my request may result in varying opinions...and that's ok. 🙂

I also know that I will need to review the existing buisness-sanctioned connections to ensure I don't break anything that the bsuiness needs to operate.  Thanks in advance for any advice, links to frameworks that provide specific guidance etc.

3 Replies
tmekelburg1
Community Champion
d46j48fx
Contributor I

Apologies for the late response!

 

Yes, Windows.  However, the client will be using SentinelOne,  not Windows Defender.

tmekelburg1
Community Champion

The standard for Windows is to not change any settings on the firewall because Microsoft defaults it to the most secure setting. For SentinelOne, leave it in monitor/audit mode for a few days to view and tailor the alerts for their specific environment. Once you're confident it won't bring their network to a screeching halt, then make it active.