User Tools
computing:security:windows_firewall
This is an old revision of the document!
Table of Contents
Windows Firewall
Login scripts run in the security context of the user logging in and are therefore not suitable for manipulating the Windows Firewall.
You can use Computer Startup scripts as they run as the LocalSystem account.
Manage with Group Policy
http://technet.microsoft.com/en-us/library/bb490626.aspx
http://technet.microsoft.com/en-us/library/bb490616.aspx
Edit an existing or create a new Group Policy Object (GPO)
Computer Configuration → Administrative Templates → Network → Network Connections → Windows Firewall
Choose the proper profile to modify, Standard or Domain, if you are on a domain-based network.
Here are some settings to:
- Enable firewall on all workstations
- Allow Remote Desktop connections
- Enable WMI
- Enable AVG Admin remote installations
| Setting | Enabled | Other Settings |
|---|---|---|
| Windows Firewall: Protect all network connections | enabled | |
| Windows Firewall: Allow remote administration exception | enabled | IP address of your management host |
| Windows Firewall: Allow ICMP exceptions | enabled | Allow inbound echo request |
| Windows Firewall: Allow Remote Desktop exception | enabled | comma separated list of allowed IP addresses or networks |
| Windows Firewall: Define port exceptions | enabled | 135:TCP:*:enabled:TCP_135 135:UDP:*:enabled:UDP_135 |
Manage with Batch Files
computing/security/windows_firewall.1336505130.txt.gz · Last modified: 2012/05/08 13:25 by gcooper
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
