We are looking to use the firewall and compliance blade of Harmony Endpoint to block smb connections to computers from non-IT machines as IT machines Can be on multiple different vlans ( IT, AOVPN, other areas when a tech is posted in an area that is currently having issues) I was hoping to set two rules.
one that allows smb traffic from an AD security group or checkpoint virtual group, followed by one that blocks all smb traffic, however when I have tried to do this I seem unable to set an AD group or virtual group as a source. there is an option to set a domain group as source, but I am unable to find anywhere that says how you define what a domain group is.
Any suggestions?