Planning and Design Considerations

Because Windows Firewall rules have the potential to prevent legitimate users from connecting to critical network resources or allow attackers to connect to resources they might abuse, you must carefully plan Windows Firewall rules. Specifically, you should create packet filtering policies for every server application that allows traffic only from networks used by legitimate users. When creating IPsec policies, you must identify hosts that can and cannot support IPsec and design an isolation strategy that maximizes security but takes advantage of exemptions to allow connectivity for all clients.

Note

Note

For information ...

Get Windows Server® 2008 Networking and Network Access Protection (NAP) now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.