Now let's go through the steps for adding a new firewall rule to WFAS. The first thing you need to do is figure out what type of exception you want to make. With WFAS you can make exceptions based on port, program/service, or predefined rule. For this example, let's say we want to open up ports 80 (http) and 443 (https) for a third party Web server. Remember that if you were to just add the Internet Information Services (IIS) role to your server via Server Manager, Windows would automatically open up the appropriate incoming firewall exceptions.
Here are the steps to follow for our scenario:
- Open the WFAS interface by typing "firewall" into the search area on the Start menu and pressing Enter
- Right-click "Inbound Rules" and select "New Rule..."
- Select "Port" and click "Next"
- Type "80,443" into the "Specific local ports" input area, click Next
- The default selection is "Allow the connection" and this is what we want so click Next
- For a desktop machine you may want to adjust the profile settings, but assuming that this rule will be for a server we are going to leave all of the profiles checked and click Next
- Choose a name such as "Web Server" and click Finish
Take a look at figure 3 to see the "Protocols and Ports" tab of the new rule.
With many significant improvements over the previous version, WFAS should make your life much easier when it comes to host-based firewall management on your Windows machines. Now all you have to do is upgrade all of your systems to Windows Vista and Windows Server 2008.
Resources
- Technet: Windows Firewall with Advanced Security
- The Cable Guy: Network Determination Behavior for Network-Related Group Policy Settings
- http://www.windowsnetworking.com/articles_tutorials/configure-Windows-Server-2008-advanced-firewall-MMC-snap-in.html
- http://4sysops.com/archives/windows-server-2008-windows-firewall-with-advanced-security
March 22, 2008
By Ryan Bass
www.vista123.net, tweak and customize Windows Vista easily.
