Removing Windows Firewall from SP2 Configuration to reduce footprint

Hello All,

Are you looking for low footprint SP2 Image? Here is one way to reduce the footprint, if you don't need "Windows Firewall" in your configuration (Note: In general keeping windows firewall in runtime is recommended):

1. Create a new SP2 configuration and import PMQ for your system.
2. Add any other components that you want in your configuration with the following exceptions:
    A) If you add "Retail Point of Sale Terminal" macro, go to settings of this component and uncheck "Windows Firewall/Internet Connection Sharing (ICS)".
    B) If you add "Home Gateway" macro, go to settings of this component and uncheck "Windows Firewall/Internet Connection Sharing (ICS)".
    C) If you add "Networking Application Compatibility" macro, go to settings of this component and uncheck following:
 "Windows Firewall/Internet Connection Sharing (ICS)"
 "Windows Firewall Control Panel"
 "Core Networking"
 "Connection Manager Runtime"
    D) If you add any of the following components manually in your runtime, Windows Firewall will be brought in your runtime:
 Connection Manager Runtime
 Security Center
 Windows Firewall Control Panel
 Windows .Net Messenger
3. Manually add "Core Networking" component in your configuration. Go to settings of this component and uncheck "Windows Firewall/Internet Connection Sharing (ICS)".
4. Run dependency check and build image.

Comments

• Anonymous
  October 12, 2004
  The comment has been removed

• Anonymous
  October 15, 2004
  The comment has been removed

• Anonymous
  October 28, 2004
  The comment has been removed

• Anonymous
  October 28, 2004
  If you have windows firewall in the configuration, you can specify this in "windows firewall/ICS" settings - you can specify authorized apps/opened ports with the scope (local subnet only). What do you mean by bounding services to "localhost" only? Do you mean local subnet/network? If you are looking for low footprint - try sygate security agent (http://www.sygate.com/solutions/xpe-solutions.php)- the footprint hit is about 4MB with it.
  
  If you don't have any kind of firewall on your XPE devices, you can use NAT firewall solution and put all your XPE devices on private network - this way you can still be able to bound ports/apps. If you give me more details on your scenario (and footprint numbers), I can probably suggest some specific solution.

• Anonymous
  January 21, 2009
  PingBack from http://www.keyongtech.com/3244700-updating-from-sp1-to-sp2

• Anonymous
  May 29, 2009
  PingBack from http://paidsurveyshub.info/story.php?title=harsh-shah-s-eblog-removing-windows-firewall-from-sp2-configuration

• Anonymous
  June 15, 2009
  PingBack from http://einternetmarketingtools.info/story.php?id=11822