O'Reilly logo

Windows Vista Security: Praxisorientierte Sicherheit für Profis by Marcus Nasarek

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Working with the Windows Firewall
|
545
this will also disable any custom exceptions you have created, possibly causing cer-
tain programs to function incorrectly. This is especially true for games, so you will
need to reenable your custom settings after verifying that your network connections
work correctly after resetting the default configuration. If you continue to have prob-
lems with connections, refer to the “Troubleshooting Advanced Firewall Problems”
section, later in this chapter, for more information.
Configuring Advanced Firewall Security
In addition to the basic Windows Firewall, Windows Vista includes Windows Fire-
wall with Advanced Security. At home, you probably won’t work much with this fea-
ture. At the office, however, especially if you work in a medium-size to large
organization, you may find it critical to know how the advanced firewall works.
Windows Firewall with Advanced Security allows you to open a custom manage-
ment console for use in managing advanced firewall features. As Figure 15-16 shows,
this console gives you direct control over inbound, outbound, and connection secu-
rity rules for the firewall’s domain profile, private profile, and public profile. To open
the new management console, follow these steps:
1. Click Start and then click Control Panel.
2. In the Control Panel, click System and Maintenance. Scroll down and then click
Administrative Tools.
3. In Administrative Tools, double-click Windows Firewall with Advanced Security.
Figure 15-16. Configuring advanced firewall settings using Windows Firewall with Advanced
Security
546
|
Chapter 15: Protecting Your Computer with Windows Defender and Windows Firewall
Windows Firewall with Advanced Security gives you a host of new features and man-
agement options versus previous versions of Windows Firewall. You have object
classes on the left side of the window, and their associated properties on the right
side of the window. This follows the classic design of Microsoft products, making
management very intuitive. To configure specific settings, simply click the desired
object from the left and manage it from the right. You also have right-click context
menus available on the objects selected. Table 15-4 provides the specific listings and
their associated properties from the Windows Firewall with Advanced Security man-
agement console.
Windows Firewall with Advanced Security maintains a separate firewall profile for
each type of network to which you can connect. For each profile, you can manage
settings for the firewall state, inbound connections, outbound connections, notifica-
tion, unicast response, and logging. As Table 15-5 shows, the default configuration
for each setting is the same for each profile.
Table 15-4. Windows Firewall with Advanced Security features
Feature Associated properties
Windows Firewall with Advanced Security Provides an overviewof thefirewall profilesassociated withthe local computer
as well as Getting Started options.
Inbound Rules Provides an at-a-glance listing of the inbound packet filtering rules. Lists the
associated inbound rules created on the computer according to the rule name,
associated program group, profile, enabled status, action, and more.
Outbound Rules Provides an at-a-glance listing of the outbound packet filtering rules. Lists the
associated outbound rules created on the computer according to the rule
name, associated program group, profile, enabled status, action, and more.
Connection Security Rules Provides an at-a-glance listing of the IPSec rules. Lists the associated connec-
tion rules created on the computer according to the rule name, enabled status,
endpoints, authentication mode, authentication method, and associated pro-
gram group.
Monitoring Provides a detailed summary of the firewalls domain profile, private profile,
and public profile according to the firewall state, general settings, and logging
settings.
Monitoring\Firewall Lists the standard inbound and outbound connection settings and their associ-
ated status, giving you one place to look for monitoring the currently active
inbound and outbound rules.
Monitoring\Connection Security Rules Lists the status of connection security rules.
Monitoring\Security Associations Lists the security associations for Main Mode and Quick Mode as well as their
status.
Table 15-5. Default configuration for Windows Firewall with Advanced Security
Setting Domain profile Private profile Public profile
Firewall State On On On
Inbound Connections Block Block Block
Working with the Windows Firewall
|
547
You can configure the settings for the domain, public, and private profiles by com-
pleting these steps:
1. In Windows Firewall with Advanced Security, select the Windows Firewall with
Advanced Security node.
2. In the main pane, click the Windows Firewall Properties link. You’ll find this
link in the Overview section below the profile status listings. This opens the
management dialog box, shown in Figure 15-17.
3. Select the tab for the profile type you want to manage.
4. Use the “Firewall state” list to turn the firewall on or off for the selected profile.
Outbound Connections Allow Allow Allow
Notification Yes Yes Yes
Unicast Response Yes Yes Yes
Log Dropped Packets No No No
Log Successful Connections No No No
Figure 15-17. Managing the settings for each firewall profile
Table 15-5. Default configuration for Windows Firewall with Advanced Security (continued)
Setting Domain profile Private profile Public profile

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required