The Forefront Client Security Team writes:
Today we published another Security State Assessment (SSA) definition update on Microsoft Update!
Included in this release is a new check that will provide visibility into end-user configuration of the Windows Firewall. When used with Group Policy, this new functionality aids in firewall management.
The Windows Firewall check reports on:
· Firewall status (on/off)
· User-defined exceptions
· Applicability to each network interface
Determining firewall status:
· If Windows Firewall is disabled on any network interface, the score is “High”
· If Windows Firewall is configured by Group Policy, the score is “Informational
Visibility into firewall exceptions:
· Enumerates each port and application exception
· Any exception not configured via Group Policy, the score is “Medium”
· If configured by Group Policy, the score is “Informational”