This content has been marked as final. Show 4 replies
Depending on where this is in the config, you may also find with that configuration, no new logons can be authenticated and as such, only cached credentials can get on.
This is a very dangerous configuration and could negatively impact a device.
Good point! would probably be a really bad idea to use this as a device rule for example.
This was utilised for a local "guest" account used by visiting users.
It has not been tested for a domain account without an associated white list for specific subnets ports.
However if your aim is to block all network traffic it does exactly what it says on the tin.
As long as you ensure that the "Ignore restrictions during logon" is enabled, then in theory, you should be fine. Of course, this would need to be tested.
That Setup is possible.
We got this setup on some servers in live production.
We just removed the Port Range, so everything is blocked.
After we logged on with logging enabled, and repeatet the log process several time.
Then we enabled all the necessary domain services to be allowed for the specific executables.
You do not got any single access denied popup but everything is blocked from network,
Its just a matter of time, but possible!