Today we published another Security State Assessment (SSA) definition update on Microsoft Update!
Included in this release is a new check that will provide visibility into end-user configuration of the Windows Firewall. When used with Group Policy, this new functionality aids in firewall management.
The Windows Firewall check reports on:
· Firewall status (on/off)
· User-defined exceptions
· Applicability to each network interface
Determining firewall status:
· If Windows Firewall is disabled on any network interface, the score is “High”
· If Windows Firewall is configured by Group Policy, the score is “Informational
Visibility into firewall exceptions:
· Enumerates each port and application exception
· Any exception not configured via Group Policy, the score is “Medium”
· If configured by Group Policy, the score is “Informational”
Another update included in this release is a change to the Unapproved Updates check. In an earlier version, this check enumerated any updates that were available but not yet approved, to provide a complete view on overall vulnerability state. Based on customer feedback, we updated the check to report only on unapproved security updates with a Critical severity.
Please give your SSA summary report a look, and find out more about what these new checks are discovering in your organization!
Program Manager, Forefront Client Security