Join Martin Guidry for an in-depth discussion in this video Using Control Panel to manage Windows Firewall, part of Windows 10 Administration.
- View Offline
- In this section we're going to look at using the control panel to manage the Windows Firewall. Off the Start menu, I'll just type in "Firewall" and I'll see two options: Windows Firewall and Windows Firewall with Advanced Security. You can accomplish a lot of the same things with either tool; I usually use Windows Firewall with Advanced Security. Remember, Windows Firewall maintains multiple profiles: domain profile, private profile, and publuc profile.
Each of your network adaptors can be labelled as either domain, private, or public, and then have a different set of firewall rules applied to it. Obviously, on your domain profile you might be willing to loosen some of the firewall rules, under the assumption that the other machines on the domain are not going to be attacking you. Whereas on the public profile you would probably want the strictest set of rules because any sort of public network, we have to assume, could be dangerous.
Creating new rules is fairly straightforward. In the menu all the way to the left, I'll go to Inbound Rules, and that'll show me a list of all of my existing inbound rules. And then all the way to the right I'll click on New Rule. That'll open up a wizard called the New Inbound Rule Wizard. I've lots of choices here, this is a fairly robust firewall interface. On the first tab I can choose either Program, Port, Predefined or a Custom rule.
A custom rule will allow me to set Program, and Port, and Predefined. For this demo I'm going to do a port rule. When I think of a firewall I usually think of blocking or allowing a specific port that is the most common thing that firewalls do. So I'll select the radio button for Port and then click Next. It is then asking me which port, and at the top I have TCP or UDP. Notice it is an either-or, I cannot create one rule that does both TCP and UDP in this interface.
If you need to block traffic on both a TCP port and a UDP port, you have to create two rules. For my rule I'm just going to do TCP port 80. I'll hit Next. Then I can either choose to allow or block the connection, I'm going to stick with Allow, and I can say where this applies. It can apply to the domain, the private, or the public, or any combination. And I'll apply it to all three.
I'll then need to give it a name. Typically, you would want to give it a descriptive name like "This rule allows traffic on port 80", and then hit Finish. I now see my new rule at the top of the list. I can right-click on it, go to Properties, and there're some additional things I can set. I could change things. This was an allow connection, I could change it to a block. I could limit it to only certain programs and services utilising this rule.
So here on the Remote Computers tab I have the option to allow or deny specific computers. However, if I click on this, I'll get a warning saying this only works when the action is Allow only secure connections. In order to do that, I'll go back to the General tab and change this radio setting from Allow the connection to Allow the connection if it is secure. Then I can go back to Remoter Computers, hit the checkbox Only allow connections from these computers, hit Add, and then I can type in the name of a specific computer.
So now I've created a firewall rule that will only allow a connection from one particular computer. Similarly, on the Remote Users tab I could say Only allow connections from certain users and I could add a particular user. So now I've created a very limiting rule, one that only allows a certain user coming from a certain computer to access port 80. So using this interface we can create some very granular rules, or some very broad rules if you choose to.
You have a lot of power at your fingertips here. I'll hit Apply here, and Okay. We can look at the outbound rule interface. Over on the left-hand menu I'll click on Outbound Rules, and we'll see a very similar interface. If I go to the right and click New Rule, we see almost the exact same interface from creating an inbound rule. Again I'll choose a port, we'll say port 80, and I have the same options: Allow the connection, Allow if it is secure, or Block.
Again same options here: Domain, Private, or all of the above. And I'll give it a name. Using the interface for Windows Firewall with Advanced Security, we can quickly and easily create some very powerful firewall rules.
Martin first reviews the various editions of both the desktop and mobile versions of Windows 10. This section covers the special features included with the Enterprise edition, and the hardware requirements for some of the new Windows 10 features. Martin also explains installing and updating drivers and configuring and optimizing the OS, including system properties and power options. Then it's a deep dive into Group Policy, including working with local groups, configuring preferences, and troubleshooting Group Policy. Martin also looks at Windows security—authentication and encryption—as well as the boot process, and concludes the course with a brief look at virtualization, networking, and backup and recovery.
- Understanding the different versions of Windows 10
- Installing and updating drivers
- Administering multitasking
- Working with Windows Group Policy
- Adding domain users and accounts to a Windows 10 PC
- Administering BitLocker and EFS
- Understanding the boot process
- Installing Client Hyper-V for Windows virtualization
- Managing Windows Firewall
- Backing up and restoring Windows 10
- Troubleshooting Windows 10