Microsoft Knowledge Base Article
This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved.
Terms
of Use |
Trademarks
Article ID: 925077 - Last Review: December 15, 2008 - Revision: 4.0
Best practices and security issues to consider when you use Windows Live Sync
This article describes some best practices and security issues to consider when you configure Windows Live Sync on a network.
Sync is a Windows Live service. If you use Sync incorrectly, you might unintentionally disclose information on a network.
Windows Live Sync is a free service that is designed to help you do the following:
- Synchronize files across all the computers that you use.
- Share files and photos with friends, coworkers, and family.
- Remotely access your files from any other computer that is connected to the Internet.
If you have more than one computer, you can create personal folders to synchronize files between them. You can also share files with friends or colleagues when you create a shared folder or connect your computer to a shared folder.
For more information about Sync, visit the following Web site:
The following best practices address the security considerations of system administrators who have Sync installed on their networks:
- If your organization has filtering enabled on a firewall, you can effectively block outgoing traffic to Sync. To permanently block the Sync satellite from running in a particular environment, block access to the following host name on port TCP/443:
connect.sync.live.net
- Block incoming and
outgoing connections at the network perimeter, such as at the firewall or at the proxy server. You can also enforce software restriction policies through the Active Directory directory service to prevent Sync from running.
For more information about software restriction policies, visit the following Microsoft TechNet Web site: - Use other security controls to deny outgoing network traffic from workstations. For example, a user must decide which folders to share. If a user does not
understand the implications of explicitly sharing information that might be sensitive, revisit your organization's user
education and security policies to raise user awareness.
- Make sure that your organization's user education and security policies are updated to explicitly warn users against installing unapproved peer-to-peer software.
| kbsecurity kbhowto kbinfo KB925077 |
Community Feedback System
Very often, it takes hours to solve a problem. Very often, you've looked high
and low, and have tried a lot of solutions. When you finally found it, chances
are, it was because someone else helped you. Here's your chance to give back.
Use our community feedback tool to let others know what worked for you and what
didn't.
Please also understand that the community feedback system is not warranted to be
correct, it's simply a system that we've built to let people try and help each
other. If something in a feedback response doesn't make sense to you, or you're
not comfortable making changes that the feedback talks about (like registry
edits), please consult a professional.
Thank you for using kbAlertz.com Feedback System.
-- Scott Cate