It is now also fully integrated
with Internet Protocol Security (IPSec). Beyond regular IP traffic-filtering rules,
the Windows Firewall is also responsible for Windows Service Hardening, is network
location aware, has the ability to create authenticated bypasses, offers tight integration
with Active Directory users, features computers and groups, and offers IPv6 support.
The Windows Firewall is by far no replacement for a true dedicated firewall to segment
your network, but a host-based firewall such as this can be used as an additional layer
of security for your server.
Figure 3-16. Completed Conditions tab
78 Microsoft Windows Server 2008 Administration
Figure 3-17. Completed Settings tab
Figure 3-18. Message displayed after unlocking the session
79 Chapter 3: Server Manager
The features of the Windows Firewall with Advanced Security are as follows:
Windows Service Hardening These rules define what a service can or can??™t do in
relation to the local system. For example, you can
restrict a service from writing to the file system or
registry.
Inbound/Outbound Filtering You can define very granular rules regarding both
inbound and outbound connections. You have the
option to block all inbound or outbound connections
outright or define specifically what kind of traffic is
allowed to come into or out of the server. This includes
support for filtering by protocol and also by application.
Pages:
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119