You can experiment with the free/trial version as I believe it lets you install up to two endpoints for testing. You can look at the Sophos options for end-point configurations if you absolutely need that, but I think to make it work as expected with settings managed from a central system you would also need to incorporate a Sophos UTM. It's not the Mac's fault, it's bad administration seemingly as usual due to a lack of required Mac knowledge. Unless these third party products are really rubbish and consumer level instead of enterprise ready. Your users shouldn't be admins of their own machines and if they aren't admins of their own machines they can't make these changes. If we are talking banking sector here and the information is that important there those specific systems should be on their own VLAN and not even able to connect to others.įurther to that logic would be WHY are there Macs in a banking environment? IT Tables are not ideal either. (And yes, a HIPS is also necessary to meet requirements%uFEFF.)īulliTt, haven't looked into Smoothwall, just read about it though and it looks like it's worth a try. If you have a method of preventing users from messing with a third party firewall, please tell me your specific solution.
And while users are prohibited from changing the native firewall settings, when we push out a third party firewall they have more privileges than we would 's not bad IT administration, it is just the Mac environment. We do have a centrally managed firewall at the network layer, but it will not protect laptops when they are taken off premises. Shaun9736 if you think the native firewall is enough security, can you provide details as to why? In banking environments there are stringent requirements that must be met and from our research the native firewall is not heavy enough for us.
0 kommentar(er)
