Windows 7 / Networking

Understanding Firewall Rules

Firewall rules are used to filter network traffic between the local computer and the network. To filter traffic means to allow or block traffic based on the filtering conditions specified in the rule. These filtering conditions can include protocol; local or remote port; local or remote IP address scope; user, computer or group; interface type; program or service; and ICMP Type Code. For more information concerning filtering conditions, see the section titled "Filtering Conditions for Firewall Rules" later in this tutorial.

Firewall rules in Windows Firewall with Advanced Security can be classified in various ways:

  • Inbound vs. outbound rules Determines the direction of the rule; that is, whether the rule applies to traffic passing from the network to the local computer or vice versa.
  • Allow vs. block rules Determines the action the rule takes; that is, whether the traffic specified by the rule will be permitted or not.
  • Allow if secure rules Indicates another action that a rule can take; namely, that only traffic protected using IPsec will be permitted.
  • Authenticated bypass rules Overrides blocking rules for properly authenticated traffic (an optional subtype of allow if secure rules).

The sections that follow provide more detail concerning these different types of rules. In addition to the above types of rules, any particular firewall rule you create (such as an inbound allow rule) can be configured as follows:

  • Program rule This type of rule is used to allow traffic for a specific program (executable file) on the computer.
  • Port rule This type of rule is used to allow traffic over a specific TCP or UDP port number or range of port numbers.
  • Predefined rule Windows Firewall with Advanced Security includes a number of predefined firewall rules for specific Windows functionality. Examples of predefined rules include File and Printer Sharing and Remote Assistance. Each predefined rule is actually a group of rules that allow the particular Windows experience or feature to access the network in the way needed.
  • Custom rule Create this type of rule when the other types of firewall rules don't meet the needs of your environment.

For more information, see the section titled "Creating and Configuring Firewall Rules" later in this tutorial.

[Previous] [Contents] [Next]

In this tutorial:

  1. Configuring Windows Firewall and IPsec
  2. Understanding Windows Firewall with Advanced Security
  3. Improvements to Windows Firewall Introduced Previously in Windows Vista
  4. Additional Improvements to Windows Firewall in Windows 7
  5. Understanding the Windows Filtering Platform
  6. Windows Firewall and the Startup Process
  7. Understanding Windows Service Hardening
  8. Understanding Service SIDs
  9. Windows Firewall and WSH
  10. Windows Firewall and Service Triggers
  11. Understanding Multiple Active Firewall Profiles
  12. Understanding Rules
  13. Understanding Firewall Rules
  14. Inbound vs . Outbound Rules
  15. Allow vs . Block Rules
  16. Allow If Secure Rules
  17. Authenticated Bypass Rules
  18. Filtering Conditions FOR Firewall RULES
  19. Understanding Connection Security Rules
  20. Types of Connection Security Rules
  21. Supported IPsec Settings for Connection Security Rules
  22. Default IPsec Settings for Connection Security Rules
  23. Windows Firewall and Windows PE
  24. Understanding Default Rules
  25. Understanding WSH Rules
  26. Understanding Rules Processing
  27. Managing Windows Firewall with Advanced Security
  28. Tools for Managing Windows Firewall with Advanced Security
  29. Managing Windows Firewall Using Control Panel
  30. Managing Windows Firewall Using the Windows Firewall with Advanced Security Snap-in
  31. Managing Windows Firewall Using Group Policy
  32. Considerations When Managing Windows Firewall Using Group Policy
  33. Managing Windows Firewall Using the Netsh Command
  34. Common Management Tasks
  35. Enabling or Disabling Windows Firewall
  36. Configuring Firewall Profiles and IPsec Settings by Using Group Policy
  37. Creating and Configuring Firewall Rules
  38. Creating and Configuring Connection Security Rules
  39. Monitoring Windows Firewall
  40. Troubleshooting Windows Firewall
  41. Troubleshooting Windows Firewall Using Firewall Logs
  42. Troubleshooting Windows Firewall Using Event Logs
  43. Troubleshooting Windows Firewall Using Auditing
  44. Troubleshooting IPsec Issues Using Netsh Wfp
  45. Troubleshooting Windows Filtering Platform and IPsec Issues Using Netsh Trace