I think it might depend somewhat on the client software that you are running as well as the threat potential. We lock down the workstations so that the networking tools are unavailable to student users. We currently don't run the Windows client so it is difficult for other workstations to see each other, therefore less need for local firewalls. At elementary schools there is less of an internal threat so it may be a bit safer to not run a workstation firewall. On the other hand the high schools have some students capable of sophisticated prying that the local firewall may help defend against. At this point, we don't run the firewall on workstations. Jack W. Barnes, CNE Head Network Administrator CCSU [log in to unmask] Office 802-857-7000 Ext. 1039 Cell 802-318-0976 Fax 802-879-8197 >>> Susan Briere <[log in to unmask]> 05/04/09 3:24 PM >>> Hello out there, We are having a discussion about whether or not it's necessary to run Windows Firewall on workstations inside a LAN that has a properly configured firewall at the perimeter. It adds a layer of complexity for doing things like remote administration of software installed on the clients. Is the protection provided by WF at the workstation-level critical enough to warrant the custom configurations required to make it play well? We would love to hear thoughts and opinions from all sides of the equation. Thanks much, Susan Briere Technical Support, RNESU CONFIDENTIAL COMMUNICATION. THIS MESSAGE MAY NOT BE FORWARDED. The information contained in this communication, including any attachments, is confidential,constitutes privileged communication, and is intended only for the use of the addressee. This message may not be forwarded without prior consent from the sender. The information in this e-mail is also protected by the rights afforded under Family Educational Rights and Privacy Act (FERPA) and school district policies. Any unauthorized use, forwarding, distribution,disclosure, printing or copying is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately at 802-879-8192 or return e-mail,and delete any copies of this message immediately. Any inadvertent disclosure of this communication shall not compromise the confidential nature of the communication.