Essentially six different types of rules can be defined for the Windows
Firewall:
Windows Service Hardening Restrict specific services from establishing
connections.
Connection Security Rules Define how and when a computer authenticates
using IPSec.
Authenticated Bypass Rules Allow connections from particular computers
that are authenticated via IPSec. These
connections are allowed regardless of any
block rule preventing access.
Block Rules Explicitly prevent a type of inbound or
outbound traffic.
Allow Rules Explicitly allow a type of inbound or outbound
traffic.
Default Rules The general catch-all rule if nothing else
applies. By default, inbound connections are
blocked and outbound connections are allowed.
These rule types are processed in the specific order shown in the table and in
Figure 3-19. It??™s important that you understand this sequence, since you will undoubtedly
need it to troubleshoot connectivity problems. It??™s tempting to disable the firewall,
especially in a relatively enclosed and secure environment, but it really is a good idea to
leave it on and create rules to allow exceptions rather than flat-out disable it and leave
your server wide open. It might be more aggravating to set up Windows Firewall initially,
but in the long run, the added layer of security can help mitigate certain risks.
You can manage the Windows Firewall using the Windows Firewall with Advanced
Security MMC snap-in, which is incorporated into Server Manager, or you can use
netsh as you did with the Server Core installation in Chapter 2.
Pages:
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121