Advanced Security in Windows FirewallNot every user knows that Windows Firewall can operate in two modes: normal and advanced security. In principle, the first thing and the second are the same. The only difference is in the possibilities they provide. For example, the standard Firewall is very limited in its ability to customize rules, but this will be enough for ordinary users. The second one was developed for users who need more flexible settings.
Opening Firewall with Advanced SecurityEnhanced firewall security is activated in three ways:
Enter the name of the instrument from the search string.Go to the Control Panel, where open the "System and Security" section, then open Windows Firewall, and then click on the "Advanced Settings" button.
Launch a special MMC console, add the required tool and launch the Firewall.Features Enhanced Windows Firewall Provides
Configure rules for both inbound and outbound traffic.Create rules based on protocols and ports.Determine how data will be exchanged between services and the network.Set to allow only authorized traffic to pass.Security or firewall settings may be blocking the connection.How to create rules for inbound and outbound connectionsFirst, you need to select on the left side of Windows Firewall which rule we will create: for incoming or outgoing connections. Then right-click on the desired option and select "Create Rule".
A special wizard for creating rules will be launched. They are of different types:
For a specific application;For the port;Customizable;Predefined.
Let's create a rule using Windows firewall, for example for Google Chrome. Select the item "For the program" and click on. Then you need to indicate where this program is located.
Then you need to choose: allow the application to access the network, allow only secure access to the network, block the Internet connection. Let's select the last item and click "Next".
Then you need to choose which network profile to apply this rule to, and then set a name and description for it.
Create a port ruleThe process practically does not differ from the previous one, except that you should select the "For port" item. Thanks to this, it is possible to block the operation of any port for the TCP or UDP protocols. That is, you will need to select the protocol, as well as the port for which the rule is created.
Activating pre-existing Firewall rulesIn the operating system itself, there are already some rules that can be used by both the user and Windows. To activate them, select the "Predefined" item. They are needed if you need to perform any action, such as creating a homegroup or using BranchCache technology.
ConclusionNow you have a little understanding of what Windows Firewall with Advanced Security is, what it is for, and how the firewall is configured.
Windows Firewall with Advanced Security Deployment Guide Applies to: Windows Server 2012
You can use the Windows Firewall with Advanced Security MMC snap-in in Windows 8, Windows 7, Windows Vista, Windows Server 2012, Windows Server 2008, and Windows Server 2008 R2 to protect computers and data for sharing over a network.
Windows Firewall can be used to control access to a computer from the network. You can create rules, allow or block network traffic in any direction, depending on the requirements of the enterprise. You can also create IPsec connections with security rules to protect data as it travels over a network from a single computer.
This guide is intended for system administrators and system engineers. It provides detailed instructions for deploying Windows Firewall with Advanced Security by a designer of your choice or a system infrastructure architect or specialist in your organization.
Start by reviewing the information in Planning a Windows Firewall Advanced Security Deployment.
If you have not already selected a design, it is recommended that you defer to follow the instructions in this guide until after reviewing the layout options in Windows Firewall with Advanced Security Design Guide and choosing the one that best suits your organization.
After you select a layout and gather operating system information for zones (isolation, boundaries, and encryption), support, and other information, you can then use this guide to deploy your Windows Firewall with Advanced Security development to a production environment. In this guide, the steps for deploying any of the following basic layout are described in the development guide:
To determine how to best use the instructions in this deployment guide for a specific topology, use the checklists in Implementing a Windows Firewall Advanced Security Design Plan.
AttentionMicrosoft recommends that you use the techniques described in this guide only for GPOs that should be deployed to most computers in your organization, and only if the OU hierarchy in your Active Directory domain does not meet the deployment requirements for those GPOs. These characteristics are typical server GPOs and domain isolation scenarios, but are not typical of most other GPOs. When the OU hierarchy supports it, you deploy the GPO by linking it to a lower level that contains all the accounts to which the OU GPO applies.
For more information about: firewall network security