Windows 7 / Networking

Managing Windows Firewall Using the Windows Firewall with Advanced Security Snap-in

The Windows Firewall with Advanced Security MMC snap-in exposes most of the functionality of Windows Firewall for advanced users and administrators of the local computer (main mode rules and some advanced global IPsec settings are configurable only by Netsh). To start this snap-in, do any of the following:

  • From the Start menu, select Control Panel, System And Security, Windows Firewall, Advanced Settings.
  • Type fire in the Start menu Search box, and then click Windows Firewall With Advanced Security in the Programs group.
  • Type wf.msc in the Start menu Search box and press Enter.
  • Type mmc in the Start menu Search box and press Enter to open a new MMC console, and then add the Windows Firewall with Advanced Security snap-in to the console in the usual way.

The first three methods listed here can be used only to manage Windows Firewall on the local computer. The last method can be used to manage Windows Firewall on either the local computer or a specified remote computer. You must have local administrator credentials on the computer on which you want to manage Windows Firewall when using this snap-in.

Note The Windows 7 version of the Windows Firewall with Advanced Security snap-in can be used to manage Windows Firewall on Windows 7, Windows Vista, Windows Server 2008, and Windows Server 2008 R2.

Using the Windows Firewall with Advanced Security snap-in, you can perform a wide variety of administrative tasks, including the following:

  • Configuring default settings for each firewall profile
  • Enabling and disabling firewall rules
  • Creating and configuring firewall rules
  • Configuring default IPsec settings
  • Enabling and disabling connection security rules
  • Creating and configuring connection security rules
  • Exporting and importing firewall policy for the computer
  • Restoring the default firewall settings for the computer
  • Configuring firewall logging settings
  • Monitoring the state of the firewall and its configuration
  • Monitoring active firewall rules
  • Monitoring active connection security rules
  • Monitoring security associations for both main mode and quick mode
  • Monitoring event logs associated with Windows Firewall

Many of these management tasks are described in more detail in the section titled "Common Management Tasks" later in this tutorial.

To make it easier to manage large numbers of rules on a computer, the Windows Firewall with Advanced Security snap-in lets you filter firewall and connection security rules by profile (domain, private or public) and/or by state (enabled or disabled). In addition, firewall rules (but not connection rules) can also be filtered by rule group. All inbound rules that match the following filtering criteria:

  • Profile: domain
  • State: enabled
  • Group: Remote Assistance

To remove applied filters, select Clear All Filters from the shortcut menu.

[Previous] [Contents] [Next]

In this tutorial:

  1. Configuring Windows Firewall and IPsec
  2. Understanding Windows Firewall with Advanced Security
  3. Improvements to Windows Firewall Introduced Previously in Windows Vista
  4. Additional Improvements to Windows Firewall in Windows 7
  5. Understanding the Windows Filtering Platform
  6. Windows Firewall and the Startup Process
  7. Understanding Windows Service Hardening
  8. Understanding Service SIDs
  9. Windows Firewall and WSH
  10. Windows Firewall and Service Triggers
  11. Understanding Multiple Active Firewall Profiles
  12. Understanding Rules
  13. Understanding Firewall Rules
  14. Inbound vs . Outbound Rules
  15. Allow vs . Block Rules
  16. Allow If Secure Rules
  17. Authenticated Bypass Rules
  18. Filtering Conditions FOR Firewall RULES
  19. Understanding Connection Security Rules
  20. Types of Connection Security Rules
  21. Supported IPsec Settings for Connection Security Rules
  22. Default IPsec Settings for Connection Security Rules
  23. Windows Firewall and Windows PE
  24. Understanding Default Rules
  25. Understanding WSH Rules
  26. Understanding Rules Processing
  27. Managing Windows Firewall with Advanced Security
  28. Tools for Managing Windows Firewall with Advanced Security
  29. Managing Windows Firewall Using Control Panel
  30. Managing Windows Firewall Using the Windows Firewall with Advanced Security Snap-in
  31. Managing Windows Firewall Using Group Policy
  32. Considerations When Managing Windows Firewall Using Group Policy
  33. Managing Windows Firewall Using the Netsh Command
  34. Common Management Tasks
  35. Enabling or Disabling Windows Firewall
  36. Configuring Firewall Profiles and IPsec Settings by Using Group Policy
  37. Creating and Configuring Firewall Rules
  38. Creating and Configuring Connection Security Rules
  39. Monitoring Windows Firewall
  40. Troubleshooting Windows Firewall
  41. Troubleshooting Windows Firewall Using Firewall Logs
  42. Troubleshooting Windows Firewall Using Event Logs
  43. Troubleshooting Windows Firewall Using Auditing
  44. Troubleshooting IPsec Issues Using Netsh Wfp
  45. Troubleshooting Windows Filtering Platform and IPsec Issues Using Netsh Trace