The Windows Firewall control panel applet provides the easiest and safest access to the firewall controls. These controls are usually sufficient for most server administrators, unless the system has special requirements or you are working with custom server applications.
When you open the Windows Firewall window from the control panel, as shown in Figure 6-20, you see the following information:
-Whether the computer is connected to a domain, private, or public network
-Whether the Windows Firewall service is turned on or off
-Whether inbound and outbound connections are blocked
-The name of the currently active network
-Whether users are notified when a program is blocked

Windows Firewall control panel applet

FIGURE 6-20 The Windows Firewall control panel
On the left side of the window is a series of links, which provide the following functions:

Allow An App Or Feature Through Windows Firewall Opens the Allowed Apps dialog box, in which you can select the applications that can send traffic through the firewall
Change Notification Settings Opens the Customize Settings dialog box, in which you can adjust the notification settings for each of the three profiles
Turn Windows Firewall On Or Off Opens the Customize Settings dialog box, in which you can toggle the state of the firewall in each of the three profiles
Restore Defaults Returns all firewall settings to their installation defaults
Advanced Settings Launches the Windows Firewall With Advanced Security console
Troubleshoot My Network Launches the Network and Internet troubleshooter

Customizing settings
Several of the links in the Windows Firewall window point to the same place: a Customize Settings dialog box that contains controls for some of the most basic firewall functions.
The Customize Settings dialog box, shown in Figure 6-21, is organized according to three areas, corresponding to the three profiles on a Windows computer. Windows Firewall uses these profiles to represent the type of network to which the server is connected. The profiles are as follows:
Public The public (or guest) profile is intended for servers that are accessible to unauthenticated or temporary users, such as computers in an open lab or kiosk.
Private The private profile is intended for servers on an internal network that are not accessible by unauthorized users.
Domain The domain profile is applied to servers that are members of an AD DS domain in which all users are identified and authenticated.

Windows Firewall control panel applet

FIGURE 6-21 The Customize Settings dialog box for Windows Firewall
In Windows Firewall, the three profiles are essentially separate sets of rules that apply only to computers connected to the designated network type. Administrators can control the environment for each type of network by configuring separate rules and settings for each profile.
The Customize Settings dialog box has the following controls for each of the three network profiles:

Turn On/Off Windows Firewall Toggles the Windows Firewall on and off for the selected profile
Block All Incoming Connections, Including Those In The List Of Allowed Apps
Enables you to increase the security of your system by blocking all unsolicited attempts to connect to your computer
Notify Me When Windows Firewall Blocks A New App Causes the system to notify the user when an application’s attempt to send traffic through the firewall fails

Allowing applications
There are times when administrators might be required to modify the firewall settings in other ways, typically because a specific application requires access to a port not anticipated by the firewall’s default rules.
To do this, you can use the Allowed Apps dialog box in the Windows Firewall control panel, as shown in Figure 6-22.

Windows Firewall control panel applet

FIGURE 6-22 The Allowed Apps dialog box for Windows Firewall

Opening up a port in a server’s firewall is an inherently dangerous activity. The more open doors you put in a wall, the greater the likelihood that intruders will get in. Windows Firewall provides two basic methods for opening a hole in your firewall: opening a port and allowing an application. Both are risky, but the latter is less so. This is because when you open a port by creating a rule in the Windows Firewall With Advanced Security console, the port stays open permanently. When you allow an application through the firewall by using the control panel, the specified port is open only while the program is running. When you terminate the program, the firewall closes the port.

——————-

Note:Previous versions of Windows refer to allowed applications as exceptions, meaning that they are exceptions to the general firewall rules closing off all the computer’s ports against intrusion. Exam candidates should be prepared to see questions containing either term.

——————-

The applications listed in the Allowed Apps dialog box are based on the roles and features installed on the server. Each listed application corresponds to one or more firewall rules, which the control panel activates and deactivates as needed.
Unlike earlier versions, the Windows Server 2012 R2 version of the Windows Firewall control panel does not provide direct access to port numbers. For more precise control over the firewall, you must use the Windows Firewall With Advanced Security console, which you can access by clicking Advanced Settings in the Windows Firewall control panel or by selecting it from the Tools menu in Server Manager.

This article is a part of 70-410 Installing and Configuring Windows Server 2012 Prep course, more articles in this course are :

article

Using AppLocker

Software restriction policies can be a powerful tool, but they can also require a great deal of administrative overhead. If ...
Read More
article

Understanding Windows Firewall settings

Windows Server 2012 R2 includes a firewall program called Windows Firewall, which is activated by default on all systems. In ...
Read More
article

Working with Windows Firewall

Windows Firewall is a single program with one set of rules, but there are two distinct interfaces you can use ...
Read More
article

Using Windows Firewall control panel applet

The Windows Firewall control panel applet provides the easiest and safest access to the firewall controls. These controls are usually ...
Read More
article

Windows Firewall With Advanced Security console

Using Windows Firewall With Advanced Security console The Windows Firewall control panel is designed to enable administrators and advanced users ...
Read More

70-410 Installing and Configuring Windows Server 2012 Prep course includes following practice tests:

No posts found.