On Wednesday night, Microsoft posted Windows XP Service Pack 2 (SP2) beta to its Betaplace Web site. The new service pack promises to enhance the security of the OS in several key ways, one of which is with enhancements to the Internet Connection Firewall (ICF). To supplement the beta, Microsoft also published a new whitepaper, “Deploying Internet Connection Firewall Settings for Microsoft Windows XP with Service Pack 2,” which helps explain how to deploy ICF in a network environment.
By default, ICF in SP2 will affect communication for protocols and services such as SNMP, Routing Information Protocol (RIP), Windows Management Interface, some Microsoft Management (MMC) snap-ins, Systems Management Server, Microsoft IIS, file and printer sharing, and Universal Plug and Play (UPnP). The whitepaper can help administrators configure ICF in a way that protects the desktop while allowing reasonable network communication by using Group Policy to configure ICF. You can download the 41-page whitepaper (623KB Word doc) from Microsoft's Web site.