Open John-Holt-Tessella opened 5 years ago
The firewall has a slightly complicated deployment path. The most profitable is to ensure it is deployed as a local group policy to instrument machines (on build for W10). The firewall can be built automatically via a script on an existing base clone and then the complete profile saved in a policy.wfw file which can be imported in a single step by the group policy stage of the machine installation. This has the advantage that the .wfw file also can be applied manually and updated in one step remotely if necessary. For "instrument" machines in the domain, the policy can also be applied similarly although from the domain (just a single command ps-remote command for the whole profile).
this is a useful reference to the steps in deploying via group policy. https://www.rootusers.com/configure-firewall-rules-for-multiple-profiles-using-group-policy/
As a supported I want the firewall to be configured for all applications in ibex when I install it using the upgrade/install script so that I don't have to remember to do it and it can be the same on all machines.
Acceptance Criteria