GPO: Managing Windows Firewall Rules

Presentation

In this tutorial, we will see how to add rules to the Windows Firewall using Group Policy.

For information, the Windows Firewall has been implemented in the Windows operating system with service pack 2 (SP2) of Windows XP. It is now part of the system and some functionality like DirectAccess requires that it be enabled to work.

In many organizations, system administrators tend to disable the GPO firewall to prevent application blocking.

What I propose to see in this tutorial is to create a policy that will allow all traffic on the domain profile instead of disabling the firewall.

Configuring Group Policy (GPO)

From the Group Policy Management console, right-click at the location where the policy is to be applied and click Create GPO in this domain and link it here 1 .

Nommer la stratégie 1 et cliquer sur OK 2.
name the strategy

Right click on the 1 strategy and click on Edit 2 .
Edit strategy

In the Group Policy Editor, go to the following location: Computer Configuration / Policies / Windows Settings / Security Settings / Windows Firewall with Advanced Security Features.
Strategy editor

Right-click on Incoming Traffic Rule 1 then click on New rule 2 .
Add in rule

Choose the Custom rule type 1 and click Next 2 .
Select rule type

Select All Programs 1 then click Next 2 .
All programs

Protocol type, choose All 1 and click Next 2 .
Allow all protocol

Scope configuration, choose Any IP address 1 and click Next 2 .
Scope

Configure the action of the rule, choose Allow connection 1 then click on Next 2 .
Select action

Select the profile, here to limit the risks the rule will only be applied if the computer is connected to the domain of the company, choose Domain 1 and click Next 2 .
Choose profil

Name 1 the rule and click Finish 2 .
Name rule

The rule has been added to the policy.
firewall rule added

If necessary do the same for outgoing traffic. By default, outbound traffic is not blocked.

Go to a computer in the domain where the policy applies, if necessary make a gpupdate and check that the rule is present in the rules of incoming traffic.
Client rule

Conclusion

In an environment where an Active Directory domain, the Windows Firewall configuration can be done by group policies and making its administration easy.

Now that you know how to create a rule, I invite you to re-enable the firewall on computers to regain control.

If a day needs to block a port on the entire park a rule in a group policy and it’s done.


Related Posts


IPAM: Installing and Configuring IP Address Management on Windows
IP Address Manager (IPAM) is a feature built into Windows Server that allows you to set up an administrator tool and analyze DHCP scopes and have an IP address base within a computer network. In a server environment where multiple Windows DHCP server

Setting up a read-only domain controller – RODC
Introduction In this article, we are going to have how to set up a read-only domain controller (RODC). This type of controller, as the name suggests, is read-only, so it can not change user attributes or even add objects. There are several implementa

Windows Backup: installation and configuration
Presentation Windows Server includes a feature (Windows Backup) that allows you to perform full system backups or a portion of it. It can be used to back up virtual machines, SQL Server databases, file server ... It is recommended to use a hard disk

Leave a Comment