Windows Firewall with Advanced Security

The primary purpose of this security chapter is to get our hands dirty with implementing some real-life scenario settings that you can turn around and use in your own networks today. What better way to begin our lessons than with manipulating the Windows Firewall? Or more specifically, what we are modifying via Group Policy is the advanced portion of the firewall, appropriately called the Windows Firewall with Advanced Security (WFAS).

In the latest versions of Windows 10, this console has been renamed to be Windows Defender Firewall with Advanced Security. This change reflects the increase in capabilities of Windows Defender and all of the ways that it ties in with the operating system. Fear not, it is the same console with a new name. Throughout this chapter you will hear me reference Windows Firewall, Windows Firewall with Advanced Security (most commonly shortened to WFAS), and Windows Defender Firewall with Advanced Security. They all mean the same thing.

I use Group Policy for many things, but I would bet that my most-often-visited location inside GPMC is the WFAS configuration section. Unfortunately, the Windows Firewall has a bad reputation hanging around from years ago. It used to be fairly true that Windows Firewall was difficult to manage, unreliable, and altogether fairly low in value. So what did all of us IT folks do with Windows Firewall? Disable it. I find many companies where that is still the mentality today. Create a policy to disable everything about Windows Firewall, and call it a day.

While we will be actually covering the information you would need to disable the firewall, because sometimes there is a legitimate need to do so, what I am here to argue is that WFAS is now an incredibly capable and secure platform. As a general rule, it should be enabled on all of your workstations and servers! WFAS really is an enterprise-ready firewall tool that you can trust to keep your machines safe.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.226.200.16