MDS Workstations have the Windows Firewall enabled, to increase security of the machine.
Users with admin rights are allowed to make exceptions at their own risk, when you first run a program that needs access you will be prompted to either block, allow or ignore the application through the firewall.
By default various exceptions have been set, these cannot be edited:
- Local File and Local Print Sharing - Disabled, CIS machines have access for admin purposes (users who wish to share their printer can request for this to be enabled but must understand this makes their machine more vulnerable than those who have it disabled, please contact the IT Service Desk to enable this). Any files/folders that need to be shared with other users should be located on the S: drive.
- Allow VNC from CIS machines only (Remote assistance)
- Allow EPO access (Automatic Sophos Updates)
- Allow Exceed (Unix/Linux remote sessions)
- Allow Windows Messenger
All MDS machines have the personal firewall enabled, this reduces the chances of your machine being attacked. Machines that have shared printers, although they still have firewall protection are more at risk. Sharing a printer requires a policy called File and Print sharing being enabled, a policy that is sometimes exploited by hackers. The recommended approach for print sharing is to have a true network printer, therefore disabling the File and Print option and making your machine more secure.
For more information on printing recommendations please visit the following: