The Windows Firewall control panel applet provides the easiest and safest access to the firewall controls. These controls are usually sufficient for most server administrators, unless the system has special requirements or you are working with custom server applications.
When you open the Windows Firewall window from the control panel, as shown in Figure 6-20, you see the following information:
-Whether the computer is connected to a domain, private, or public network
-Whether the Windows Firewall service is turned on or off
-Whether inbound and outbound connections are blocked
-The name of the currently active network
-Whether users are notified when a program is blocked

Windows Firewall control panel applet

FIGURE 6-20 The Windows Firewall control panel
On the left side of the window is a series of links, which provide the following functions:

Allow An App Or Feature Through Windows Firewall Opens the Allowed Apps dialog box, in which you can select the applications that can send traffic through the firewall
Change Notification Settings Opens the Customize Settings dialog box, in which you can adjust the notification settings for each of the three profiles
Turn Windows Firewall On Or Off Opens the Customize Settings dialog box, in which you can toggle the state of the firewall in each of the three profiles
Restore Defaults Returns all firewall settings to their installation defaults
Advanced Settings Launches the Windows Firewall With Advanced Security console
Troubleshoot My Network Launches the Network and Internet troubleshooter

Customizing settings
Several of the links in the Windows Firewall window point to the same place: a Customize Settings dialog box that contains controls for some of the most basic firewall functions.
The Customize Settings dialog box, shown in Figure 6-21, is organized according to three areas, corresponding to the three profiles on a Windows computer. Windows Firewall uses these profiles to represent the type of network to which the server is connected. The profiles are as follows:
Public The public (or guest) profile is intended for servers that are accessible to unauthenticated or temporary users, such as computers in an open lab or kiosk.
Private The private profile is intended for servers on an internal network that are not accessible by unauthorized users.
Domain The domain profile is applied to servers that are members of an AD DS domain in which all users are identified and authenticated.

Windows Firewall control panel applet

FIGURE 6-21 The Customize Settings dialog box for Windows Firewall
In Windows Firewall, the three profiles are essentially separate sets of rules that apply only to computers connected to the designated network type. Administrators can control the environment for each type of network by configuring separate rules and settings for each profile.
The Customize Settings dialog box has the following controls for each of the three network profiles:

Turn On/Off Windows Firewall Toggles the Windows Firewall on and off for the selected profile
Block All Incoming Connections, Including Those In The List Of Allowed Apps
Enables you to increase the security of your system by blocking all unsolicited attempts to connect to your computer
Notify Me When Windows Firewall Blocks A New App Causes the system to notify the user when an application’s attempt to send traffic through the firewall fails

Allowing applications
There are times when administrators might be required to modify the firewall settings in other ways, typically because a specific application requires access to a port not anticipated by the firewall’s default rules.
To do this, you can use the Allowed Apps dialog box in the Windows Firewall control panel, as shown in Figure 6-22.

Windows Firewall control panel applet

FIGURE 6-22 The Allowed Apps dialog box for Windows Firewall

Opening up a port in a server’s firewall is an inherently dangerous activity. The more open doors you put in a wall, the greater the likelihood that intruders will get in. Windows Firewall provides two basic methods for opening a hole in your firewall: opening a port and allowing an application. Both are risky, but the latter is less so. This is because when you open a port by creating a rule in the Windows Firewall With Advanced Security console, the port stays open permanently. When you allow an application through the firewall by using the control panel, the specified port is open only while the program is running. When you terminate the program, the firewall closes the port.

——————-

Note:Previous versions of Windows refer to allowed applications as exceptions, meaning that they are exceptions to the general firewall rules closing off all the computer’s ports against intrusion. Exam candidates should be prepared to see questions containing either term.

——————-

The applications listed in the Allowed Apps dialog box are based on the roles and features installed on the server. Each listed application corresponds to one or more firewall rules, which the control panel activates and deactivates as needed.
Unlike earlier versions, the Windows Server 2012 R2 version of the Windows Firewall control panel does not provide direct access to port numbers. For more precise control over the firewall, you must use the Windows Firewall With Advanced Security console, which you can access by clicking Advanced Settings in the Windows Firewall control panel or by selecting it from the Tools menu in Server Manager.

This article is a part of 70-410 Installing and Configuring Windows Server 2012 Prep course, more articles in this course are :

Understanding Active Directory

Active Directory and its Features: Active Directory is the name given to a collection of services created by Microsoft that ...
Read More

Active Directory GUI Installation

Before we get to the installation, there are a few things to check to make sure the server is ready ...
Read More

Understanding DNS Server

Introduction: DNS is a name resolution service. Public DNS services help users access internet resources such as web servers, and ...
Read More

Maintaining and configuring DNS Forwarding

The act of DNS forwarding refers to the relaying of a DNS request from one server to another one when ...
Read More

Planning for a server installation

In versions of Windows Server prior to Windows Server 2008 R2, installation planning could be a complex task. You had ...
Read More

Choosing installation options

Many enterprise networks today use servers that are dedicated to a particular role. When a server is performing a single ...
Read More

Upgrading servers

An in-place upgrade is the most complicated form of Windows Server 2012 R2 installation. It is also the lengthiest and ...
Read More

Migrating roles

Migration is the preferred method of replacing an existing server with one running Windows Server 2012 R2. Unlike an in-place ...
Read More

Completing postinstallation tasks

As part of the new emphasis on cloud-based services in Windows networking, Windows Server 2012 R2 contains a variety of ...
Read More

Using Server Manager

The Server Manager tool in Windows Server 2012 R2 is an application that is the most obvious evidence of a ...
Read More
Loading...

70-410 Installing and Configuring Windows Server 2012 Prep course includes following practice tests:

Exam 70-410 Installing and Configuring Windows Server 2012 Practice Test 1

Instructions for Exam 70-410 Installing and Configuring Windows Server 2012 Practice Test 1 This page shows the instructions for Exam ...
Read More

Exam 70-410 Installing and Configuring Windows Server 2012 Practice Test 2

Instructions for Exam 70-410 Installing and Configuring Windows Server 2012 Practice Test 2 This page shows the instructions for Exam ...
Read More

Exam 70-410 Installing and Configuring Windows Server 2012 Practice Test 3

Instructions for Exam 70-410 Installing and Configuring Windows Server 2012 Practice Test 3 This page shows the instructions for Exam ...
Read More

Exam 70-410 Installing and Configuring Windows Server 2012 Practice Test 4

Instructions for Exam 70-410 Installing and Configuring Windows Server 2012 Practice Test 4 This page shows the instructions for Exam ...
Read More

Exam 70-410 Installing and Configuring Windows Server 2012 Practice Test 5

Instructions for Exam 70-410 Installing and Configuring Windows Server 2012 Practice Test 5 This page shows the instructions for Exam ...
Read More