Windows Firewall is a single program with one set of rules, but there are two distinct interfaces you can use to manage and monitor it. The Windows Firewall control panel applet provides a simplified interface that enables administrators to avoid the details of rules and port numbers. If you just want to turn the firewall on or off (typically for testing or troubleshooting purposes) or work with the firewall settings for a specific Windows role or feature, you can do so by using just the control panel. For full access to firewall rules and more sophisticated functions, you must use the Windows Firewall With Advanced Security console.
In many cases, administrators never have to work directly with Windows Firewall. Many of the roles and features included in Windows Server 2012 R2 automatically open the appropriate firewall ports when you install them. In other situations, the system warns you of firewall issues.

For example, the first time you open File Explorer and try to access the network, a warning appears, informing you that Network Discovery and File Sharing are turned off, preventing you from browsing the network.
Network Discovery is just a set of firewall rules that regulate the ports Windows uses for network browsing, specifically ports 137, 138, 1900, 2869, 3702, 5355, 5357, and 5358. By default, Windows Server 2012 R2 disables the inbound rules associated with these ports, so the ports are closed, blocking all traffic through them. When you click the warning banner and choose Turn On Network Discovery And File Sharing from the shortcut menu, you are in effect activating these firewall rules, thereby opening the ports associated with them.
In addition to the menu commands accessible through the warning banner, you can control the Network Discovery and File Sharing rules in other ways. The Network and Sharing Center control panel, through its Advanced Sharing Settings page, provides options that you can use to turn Network Discovery, File Sharing, and other basic networking functions on and off.
The Windows Firewall control panel has an Allow An App Or Feature Through Windows Firewall link, which opens the Allowed Apps dialog box. The Network Discovery check box in this dialog box enables you to control the same set of rules as the Network Discovery control panel in the Network And Sharing Center.
Finally, you can access the individual Network Discovery rules directly by using the Windows Firewall With Advanced Security console. When you select the Inbound Rules node and scroll down in the list, you can see nine Network Discovery rules.
As you can see by examining the rules in the console, Network Discovery is a complex Windows function that would be difficult to control if you had to determine by trial and error which ports it uses. This is why Windows Firewall includes a large collection of rules that regulate the ports that the applications and services included with the operating system need to operate.

This article is a part of 70-410 Installing and Configuring Windows Server 2012 Prep course, more articles in this course are :

article

Configuring Work Folders

Work Folders is a Windows Server 2012 R2 feature that enables administrators to provide their users with synchronized access to ...
Read More
article

Deploying print server

Installing, sharing, monitoring, and managing a single network print device is relatively simple, but when you are responsible for dozens ...
Read More
article

Sharing printer

Using Windows Server 2012 R2 as a print server can be simple or complex, depending on how many clients the ...
Read More
article

Managing documents in print queue

Managing documents refers to pausing, resuming, restarting, and canceling documents that are currently waiting in a print queue. By default, ...
Read More
article

Managing printers

Users with the Allow Manage This Printer permission can go beyond manipulating queued documents; they can reconfigure the printer itself ...
Read More
article

Using Print and Document Services role

All the printer sharing and management capabilities discussed in the previous sections are available on any Windows Server 2012 R2 ...
Read More
article

Using Server Manager for remote management

Server Manager has been the primary server administration tool for Windows Server ever since Windows Server 2003. The most obvious ...
Read More
article

Using Remote Server Administration Tools

You can manage remote servers from any computer running Windows Server 2012 R2; all the required tools are installed by ...
Read More
article

Working with remote servers

Once you have added remote servers to Server Manager, you can access them using a variety of remote administration tools ...
Read More
article

Virtualization architectures

Virtualization products can use several different architectures to share a computer’s hardware resources among VMs. The earlier type of virtualization ...
Read More

70-410 Installing and Configuring Windows Server 2012 Prep course includes following practice tests:

No posts found.