
Ask HN: Little Snitch but with centralized rules? - dcf_freak
We use little snitch in a small (10 people) company and everybody is running macbooks. I love little snitch, but for the non-technical persons in our company its near to impossible to identify &quot;good&quot; from &quot;bad&quot; connections.<p>Question: Does anybody know something like little snitch (application firewall) but with centralized rules support (something we can &quot;push&quot; to every macbook?).
======
sd8dgf8ds8g8dsg
Now, what would a non-technical user even benefit from Little Snitch?

Also, what are you trying to protect against using Little Snitch in this way?
Are you a paranoid group of journalist dissidents who are suspecting targeted
spyware, or are you just frustrated that installed apps "call home" to check
for updates and whatnot?

Perhaps you should better invest in setting up a traditional firewall on the
lan for central configuration. Then you also have the option for other IDS
systems, such as [https://www.snort.org/](https://www.snort.org/)

~~~
dcf_freak
Non-technical people benefit from the application-level firewall just as well
as technical users. Indeed the calling-home and also as an extra layer of
protection against generic nastyness.

Of-course we also have a "traditional" firewall on the LAN. But this is not on
the _application_ level but on the network level.

~~~
sd8dgf8ds8g8dsg
> Non-technical people benefit from the application-level firewall just as
> well as technical users.

This can't be right, as you yourself originally stated `for the non-technical
persons in our company its near to impossible to identify "good" from "bad"
connections.`.

