Windows 7 / Networking

Creating and Configuring Firewall Rules

You can create and configure firewall rules on targeted computers using Group Policy. Firewall rules filter traffic passing between the computer and the network. For information concerning the types of firewall rules that you can create and the different rule conditions you can specify, see the section titled "Understanding Rules" earlier in this tutorial.

To create an inbound firewall rule on targeted computers using Group Policy, right-click the Inbound Rules node under the firewall policy node in your GPO and select New Rule.

Doing this starts the New Inbound Rule Wizard which walks you through the steps of creating an inbound firewall rule by selecting the type of rule you want to create and specifying the conditions needed for the rule. Note that different pages may be displayed in the wizard depending upon the options you select on each page. For example, if you select Allow The Connection If It Is Secure on the Action page, a Users page and a Computers page is displayed so you can specify the user and computer accounts allowed to access the computer using the rule. (This also requires creating a separate connection security rule that requires traffic that matches the rule to be authenticated.)

Similarly, to create an outbound firewall rule using Group Policy, right-click the Outbound Rules node and select New Rule to start the New Outbound Rules Wizard. Again, different pages may be displayed in the wizard depending upon the options you select on each page. For example, if you select the Allow The Connection If It Is Secure option on the Action page, a Computers page is displayed so that you can specify the computer account allowed to access the computer using the rule. (Again, this also requires creating a separate connection security rule that requires traffic that matches the rule to be authenticated.)

Best practices for creating firewall rules include the following:

  • When possible, select Predefined as the rule type because this enables a group of rules to enable a specific Windows experience or feature to access the network.
  • If a predefined rule doesn't meet your needs, the next best rule type to use is Program, which will allow a specified application (executable) to access the network. Program rules are enabled when the underlying application is running and disabled when the application is terminated. This allows Windows Firewall to keep the minimum number of ports open at any time, which reduces the attack surface of the computer. Note that program rules can be created only if the application uses Winsock to access the network.
  • If a program rule doesn't meet your needs, select Port as the rule type. Port rules allow traffic on a specified TCP or UDP port or range of ports. Note that port rules cause their specified ports to always remain open regardless of whether they are needed by the application or service using them.

Note If you configure a program rule to meet your needs, you should also configure a port rule. In this way, a port is open only when the program is running (instead of being open all the time, as when a port rule is configured alone) and only the ports approved for use by the program can be used (instead of all ports being available for the program rule).

For more information on creating firewall rules, see the following sections of the TechNet Library:

  • "Creating New Rules" at http://technet.microsoft.com/en-us/library/cc771477.aspx
  • "Firewall Rule Wizard" at http://technet.microsoft.com/en-us/library/dd448516.aspx

Once you finish creating a new firewall rule, the rule is automatically enabled. To disable the rule, right-click it and select Disable Rule.

After you have created a firewall rule, you can further configure it if needed. To do this, double-click the rule to display its properties sheet, which exposes all configurable rule conditions for viewing and modification.

For more information on configuring firewall rules, see the following sections of the TechNet Library:

  • "Understanding Firewall Rules" at http://technet.microsoft.com/en-us/library/dd421709.aspx
  • "Configuring Firewall Rules" at http://technet.microsoft.com/en-us/library/dd448559.aspx
  • "Firewall Rule Properties Page" at http://technet.microsoft.com/en-us/library/dd421727.aspx
[Previous] [Contents] [Next]

In this tutorial:

  1. Configuring Windows Firewall and IPsec
  2. Understanding Windows Firewall with Advanced Security
  3. Improvements to Windows Firewall Introduced Previously in Windows Vista
  4. Additional Improvements to Windows Firewall in Windows 7
  5. Understanding the Windows Filtering Platform
  6. Windows Firewall and the Startup Process
  7. Understanding Windows Service Hardening
  8. Understanding Service SIDs
  9. Windows Firewall and WSH
  10. Windows Firewall and Service Triggers
  11. Understanding Multiple Active Firewall Profiles
  12. Understanding Rules
  13. Understanding Firewall Rules
  14. Inbound vs . Outbound Rules
  15. Allow vs . Block Rules
  16. Allow If Secure Rules
  17. Authenticated Bypass Rules
  18. Filtering Conditions FOR Firewall RULES
  19. Understanding Connection Security Rules
  20. Types of Connection Security Rules
  21. Supported IPsec Settings for Connection Security Rules
  22. Default IPsec Settings for Connection Security Rules
  23. Windows Firewall and Windows PE
  24. Understanding Default Rules
  25. Understanding WSH Rules
  26. Understanding Rules Processing
  27. Managing Windows Firewall with Advanced Security
  28. Tools for Managing Windows Firewall with Advanced Security
  29. Managing Windows Firewall Using Control Panel
  30. Managing Windows Firewall Using the Windows Firewall with Advanced Security Snap-in
  31. Managing Windows Firewall Using Group Policy
  32. Considerations When Managing Windows Firewall Using Group Policy
  33. Managing Windows Firewall Using the Netsh Command
  34. Common Management Tasks
  35. Enabling or Disabling Windows Firewall
  36. Configuring Firewall Profiles and IPsec Settings by Using Group Policy
  37. Creating and Configuring Firewall Rules
  38. Creating and Configuring Connection Security Rules
  39. Monitoring Windows Firewall
  40. Troubleshooting Windows Firewall
  41. Troubleshooting Windows Firewall Using Firewall Logs
  42. Troubleshooting Windows Firewall Using Event Logs
  43. Troubleshooting Windows Firewall Using Auditing
  44. Troubleshooting IPsec Issues Using Netsh Wfp
  45. Troubleshooting Windows Filtering Platform and IPsec Issues Using Netsh Trace