I have a general question regarding software deployment and whether or not the firewall on endpoints is generally turned off. I have used LANDesk and SCCM in the past and on both occasions I was advised by consultants to make sure that the firewall is off when deploying software. The reason that I’m asking is because on today our Director of Security stated that she wants to turn the firewall on all endpoints. Any advice is greatly appreciated.
Sounds like your consultants are trying to take the easy way out. I have a firewall turned on for all of my endpoints. You would need to create appropriate firewall rules to support whatever software you’re deploying.
For BigFix itself, you’ll need ICMP and tcp/52311 outbound from clients to Relays, and preferably udp/52311 inbound from Relays to Clients (for content update notifications and faster action responses)
Edit: added ICMP, which is used in Relay Selection