You are viewing a single comment's thread.

view the rest of the comments →

0
4

[–] lbruiser 0 points 4 points (+4|-0) ago  (edited ago)

making connections out either

Firewall rules. As far as Enterprise, WSUS and you manually check updates first. However I am not working in a Win10 environment (yet) so I might be wrong. Currently we are blocking telemetry updates, the sites that do call out (from telemetry) just in case, and are going through each update (we always did anyways) that gets pushed from our servers.

E: it seems like I may have been a little unclear. I mean a physical firewall. Not the software one Microsoft bundles their OS with.

0
3

[–] SeraCharm 0 points 3 points (+3|-0) ago 

Some IPs cannot be blocked on Windows, this is a 'feature' to get around malware blocking access to windows update and other stuff. You have to block these Microsoft domains on network level.

0
1

[–] lbruiser 0 points 1 points (+1|-0) ago 

Sorry, I meant my physical firewall. Not Microsoft's firewall within the OS.

0
2

[–] OhBlindOne 0 points 2 points (+2|-0) ago 

You cannot block any of Microsoft's telemetry gathering IP's from within the OS. You'd have to block it all outside of the OS, such as through your router.

0
1

[–] lbruiser 0 points 1 points (+1|-0) ago 

Sorry, I meant my physical firewall. Not Microsoft's firewall within the OS.