Vista Forums - View Single Post - Microsoft limits Vista Firewall

05-05-2006

Puppy Breath wrote:
> The whole gist of that article is kinda dumb. What difference does it make
> what the default settings are? How do default settings "limit" a
> firewall? I think most commercial firewalls come with all the well-known
> ports open for incoming traffic, and all outgoing ports open as well. But
> what difference does it make? Everybody has to define their own ingress
> and egress filters for their own network. You couldn't come up with
> default settings that work for everyone.

They have set the defaults (no monitoring of outgoing traffic) based on
feedback from enterprise customers. This seems strange as it is the
enterprise customer that is most likely to have someone on staff who knows
how to properly configure this for their enterprise.

The typical home user (for whom some basic defaults could be defined well)
will not know how to configure this and will therefore never take advantage
of those parts of the firewall.

I suspect the "because our enterprise customers asked us to" reason is not
really valid and that the true reason is they found they don't have enough
time to make this friendly enough for the average home user, and therefore
went with the option that will allow them to meet their delivery dates.
--
Tom Porterfield

05-05-2006	#5 (permalink)
Tom Porterfield n/a posts	Re: Microsoft limits Vista Firewall - for their own good ? Puppy Breath wrote: > The whole gist of that article is kinda dumb. What difference does it make > what the default settings are? How do default settings "limit" a > firewall? I think most commercial firewalls come with all the well-known > ports open for incoming traffic, and all outgoing ports open as well. But > what difference does it make? Everybody has to define their own ingress > and egress filters for their own network. You couldn't come up with > default settings that work for everyone. They have set the defaults (no monitoring of outgoing traffic) based on feedback from enterprise customers. This seems strange as it is the enterprise customer that is most likely to have someone on staff who knows how to properly configure this for their enterprise. The typical home user (for whom some basic defaults could be defined well) will not know how to configure this and will therefore never take advantage of those parts of the firewall. I suspect the "because our enterprise customers asked us to" reason is not really valid and that the true reason is they found they don't have enough time to make this friendly enough for the average home user, and therefore went with the option that will allow them to meet their delivery dates. -- Tom Porterfield
My System Specs