Windows Servers 2008 outbound traffic
Managing outbound traffic has become very crucial in determining computer infections. Malware infects computers and then tries to send out stolen data to perpetrators. Viruses seek to replicate themselves by attempting to send packets to infect other computers. Users might use unapproved applications which may result in the transmission of confidential data. Therefore, it is appropriate to review your Windows Servers 2008 firewall rules as these do not filter outbound traffic by default. This means that Windows Servers allow all outbound traffic.
On the other hand, Windows Servers 2008 include outbound filters for core networking services, which will give you a hand when enabling outbound filtering. The default outbound rules for the basic network functionality are for DHCP traffic, DNS traffic, Group Policies, IGMP and IPv6. But take note that many other built-in Windows features fail when you enable outbound filtering. For instance, Windows Updates will no longer be able to retrieve updates and you need to create a specific outbound rule for Windows Updates. There might be other third-party applications that stop communicating with the network and it is recommended to test the environment before pushing these adjustments to your production machines.