The Windows Firewall control panel applet provides the easiest and safest access to the firewall controls. These controls are usually sufficient for most server administrators, unless the system has special requirements or you are working with custom server applications.
When you open the Windows Firewall window from the control panel, as shown in Figure 6-20, you see the following information:
-Whether the computer is connected to a domain, private, or public network
-Whether the Windows Firewall service is turned on or off
-Whether inbound and outbound connections are blocked
-The name of the currently active network
-Whether users are notified when a program is blocked

Windows Firewall control panel applet

FIGURE 6-20 The Windows Firewall control panel
On the left side of the window is a series of links, which provide the following functions:

Allow An App Or Feature Through Windows Firewall Opens the Allowed Apps dialog box, in which you can select the applications that can send traffic through the firewall
Change Notification Settings Opens the Customize Settings dialog box, in which you can adjust the notification settings for each of the three profiles
Turn Windows Firewall On Or Off Opens the Customize Settings dialog box, in which you can toggle the state of the firewall in each of the three profiles
Restore Defaults Returns all firewall settings to their installation defaults
Advanced Settings Launches the Windows Firewall With Advanced Security console
Troubleshoot My Network Launches the Network and Internet troubleshooter

Customizing settings
Several of the links in the Windows Firewall window point to the same place: a Customize Settings dialog box that contains controls for some of the most basic firewall functions.
The Customize Settings dialog box, shown in Figure 6-21, is organized according to three areas, corresponding to the three profiles on a Windows computer. Windows Firewall uses these profiles to represent the type of network to which the server is connected. The profiles are as follows:
Public The public (or guest) profile is intended for servers that are accessible to unauthenticated or temporary users, such as computers in an open lab or kiosk.
Private The private profile is intended for servers on an internal network that are not accessible by unauthorized users.
Domain The domain profile is applied to servers that are members of an AD DS domain in which all users are identified and authenticated.

Windows Firewall control panel applet

FIGURE 6-21 The Customize Settings dialog box for Windows Firewall
In Windows Firewall, the three profiles are essentially separate sets of rules that apply only to computers connected to the designated network type. Administrators can control the environment for each type of network by configuring separate rules and settings for each profile.
The Customize Settings dialog box has the following controls for each of the three network profiles:

Turn On/Off Windows Firewall Toggles the Windows Firewall on and off for the selected profile
Block All Incoming Connections, Including Those In The List Of Allowed Apps
Enables you to increase the security of your system by blocking all unsolicited attempts to connect to your computer
Notify Me When Windows Firewall Blocks A New App Causes the system to notify the user when an application’s attempt to send traffic through the firewall fails

Allowing applications
There are times when administrators might be required to modify the firewall settings in other ways, typically because a specific application requires access to a port not anticipated by the firewall’s default rules.
To do this, you can use the Allowed Apps dialog box in the Windows Firewall control panel, as shown in Figure 6-22.

Windows Firewall control panel applet

FIGURE 6-22 The Allowed Apps dialog box for Windows Firewall

Opening up a port in a server’s firewall is an inherently dangerous activity. The more open doors you put in a wall, the greater the likelihood that intruders will get in. Windows Firewall provides two basic methods for opening a hole in your firewall: opening a port and allowing an application. Both are risky, but the latter is less so. This is because when you open a port by creating a rule in the Windows Firewall With Advanced Security console, the port stays open permanently. When you allow an application through the firewall by using the control panel, the specified port is open only while the program is running. When you terminate the program, the firewall closes the port.

——————-

Note:Previous versions of Windows refer to allowed applications as exceptions, meaning that they are exceptions to the general firewall rules closing off all the computer’s ports against intrusion. Exam candidates should be prepared to see questions containing either term.

——————-

The applications listed in the Allowed Apps dialog box are based on the roles and features installed on the server. Each listed application corresponds to one or more firewall rules, which the control panel activates and deactivates as needed.
Unlike earlier versions, the Windows Server 2012 R2 version of the Windows Firewall control panel does not provide direct access to port numbers. For more precise control over the firewall, you must use the Windows Firewall With Advanced Security console, which you can access by clicking Advanced Settings in the Windows Firewall control panel or by selecting it from the Tools menu in Server Manager.

This article is a part of 70-410 Installing and Configuring Windows Server 2012 Prep course, more articles in this course are :

article

Configuring services

Most Windows Server roles and many of the features include services, which are programs that run continuously in the background, ...
Read More
article

Delegating server administration

As networks grow, so does the number of administrative tasks there are to perform on a regular basis, and so ...
Read More
article

Using Windows PowerShell Desired State Configuration (DSC)

Desired State Configuration (DSC) is the next phase in the development of Windows Power-Shell, a process that began over a ...
Read More
article

Planning server storage

A Windows server can conceivably perform its tasks using the same type of storage as a workstation; that is, one ...
Read More
article

Windows disk settings

Windows Disk Settings Overview When you install Windows Server 2012 R2 on a computer, the setup program automatically performs all ...
Read More
article

Working with disks

Windows Server 2012 R2 includes tools that enable you to manage disks graphically or from the command prompt. All Windows ...
Read More
article

Creating folder shares

Sharing folders makes them accessible to network users. After you have configured the disks on a file server, you must ...
Read More
article

Assigning permissions

Using Windows Server 2012 R2, you can control access to a file server to provide network users the access they ...
Read More
article

Configuring Volume Shadow Copies

Volume Shadow Copies is a Windows Server 2012 R2 feature that enables you to maintain previous versions of files on ...
Read More
article

Configuring NTFS quotas

Managing disk space is a constant concern for server administrators, and one way to prevent users from monopolizing storage is ...
Read More

70-410 Installing and Configuring Windows Server 2012 Prep course includes following practice tests:

No posts found.