Creating WFAS Rules
The process for configuring inbound rules and outbound rules is essentially the same: In the WFAS console, select the node that represents the type of rule that you want to create and then click New Rule. This opens the New Inbound (or Outbound) Rule Wizard. The first page allows you to specify the type of rule that you are going to create. You can select between a program, port, predefined, or custom rule. The program and predefined rules are similar to what you can create using Windows Firewall. A custom rule allows you to configure a rule based on criteria not covered by any of the other options. You would create a custom rule if you wanted a rule that applied to a particular service rather than a program or port. You can also use a custom rule if you want to create a rule that involves both a specific program and a set of ports. For example, if you wanted to allow communication to a specific program on a certain port but not other ports, you would create a custom rule.
If you decide to create a program rule, you then need to specify a program for which the rule applies. If you choose a port rule, you must choose whether the rule applies to the TCP or the UDP protocol. You must also specify port numbers. In the next step, you specify what action to take when the firewall encounters traffic that meets the rule conditions. The options are as follows:
- Allow the connection WFAS allows the connection if the traffic meets the rule conditions.
- Block the connection WFAS blocks the connection if the traffic meets the rule conditions.
- Allow the connection if it is secure WFAS allows the connection if the traffic meets the rule conditions and is authenticated using one of the methods specified in the connection security rules. Security options are shown.
The default setting requires that the connection be authenticated and integrity protected, but not encrypted. Use the Require The Connection To Be Encrypted option if you want firewall rules to enforce data encryption as well as authentication and integrity protection. The override block rules option allows you to specify a computer account or computer group that can bypass existing block rules.
In this tutorial:
- Windows Firewall and Remote Management
- Managing Windows Firewall
- Windows 7 Firewall
- Network Location Awareness
- Allowing Programs Through Windows Firewall
- Windows Firewall with Advanced Security
- Creating WFAS Rules
- Rule Scope
- Connection Security Rules
- Importing and Exporting Firewall Configuration
- Managing WFAS with Netsh
- Windows 7 Remote Management
- Remote Desktop
- Configuring Remote Desktop
- Remote Assistance
- Windows Remote Management Service
- Windows Remote Shell for Remote Management
- Windows PowerShell Remote Management