IN THIS CHAPTER

Understanding the Basics of the Windows Defender Firewall

Configuring and Managing the Windows Defender Firewall in Windows Server 2019

There are few things more basic to security than the principle of keeping bad things out and letting good things in. You may choose to block or restrict inbound traffic from risky protocols or port numbers. You might even lock down outbound traffic to only approved protocols and port numbers. Defining the acceptable forms of inbound and outbound traffic is typically accomplished with the Windows Defender Firewall.

In this chapter, I introduce you to the Windows Defender Firewall, including the configuration and usage tasks that every System Administrator should know.

Firewall Basics

The Windows Defender Firewall is a stateful firewall. This means that you can create a rule to allow inbound traffic, and established traffic will automatically be let back out. If you create an outbound rule, traffic going out will automatically be allowed back in. It can inspect all traffic passing through it and track the state of the connection. This is a great improvement over the older, traditional firewalls, referred to as stateless firewalls, for which you had to create a rule to allow traffic in both directions ...