I would like to have your input about what are you allowing your mobile users to access on public internet.
We were trying to harden the firewall rules so that very limited traffic is allowed while our laptops are connected to public internet.
Basically the idea was to allow basic networking (DHCP, DNS, ...), web browsing to standard ports 80 and 443 and the VPN connection to our corporate network.
It looks like we need to still either open lots of ports for wireless authentication to work in e.g. hotels because it seems that those are using quite random ports :-(
So have others tried to limit the iexplore.exe outbound traffic? ... and still managed to keep their firewall rules simple and secure.