Ask HN: Little Snitch but with centralized rules?

Y	Hacker News new \| ask \| show \| jobs

	Ask HN: Little Snitch but with centralized rules?
	2 points by dcf_freak 3200 days ago
	We use little snitch in a small (10 people) company and everybody is running macbooks. I love little snitch, but for the non-technical persons in our company its near to impossible to identify "good" from "bad" connections. Question: Does anybody know something like little snitch (application firewall) but with centralized rules support (something we can "push" to every macbook?).

1 comments

sd8dgf8ds8g8dsg 3200 days ago

Now, what would a non-technical user even benefit from Little Snitch?

Also, what are you trying to protect against using Little Snitch in this way? Are you a paranoid group of journalist dissidents who are suspecting targeted spyware, or are you just frustrated that installed apps "call home" to check for updates and whatnot?

Perhaps you should better invest in setting up a traditional firewall on the lan for central configuration. Then you also have the option for other IDS systems, such as https://www.snort.org/

link

dcf_freak 3200 days ago

Non-technical people benefit from the application-level firewall just as well as technical users. Indeed the calling-home and also as an extra layer of protection against generic nastyness.

Of-course we also have a "traditional" firewall on the LAN. But this is not on the application level but on the network level.

link

sd8dgf8ds8g8dsg 3199 days ago

> Non-technical people benefit from the application-level firewall just as well as technical users.

This can't be right, as you yourself originally stated `for the non-technical persons in our company its near to impossible to identify "good" from "bad" connections.`.

link