From 38e1781359fc066b3efd686127b8435c8d7e67ba Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Thu, 22 Apr 2021 21:15:25 -0700 Subject: [PATCH] Conversion to YAML: ./windows/security/threat-protection/windows-firewall/TOC.md --- .../threat-protection/windows-firewall/TOC.md | 184 ------------- .../windows-firewall/TOC.yml | 252 ++++++++++++++++++ 2 files changed, 252 insertions(+), 184 deletions(-) delete mode 100644 windows/security/threat-protection/windows-firewall/TOC.md create mode 100644 windows/security/threat-protection/windows-firewall/TOC.yml diff --git a/windows/security/threat-protection/windows-firewall/TOC.md b/windows/security/threat-protection/windows-firewall/TOC.md deleted file mode 100644 index 00a5fecc08..0000000000 --- a/windows/security/threat-protection/windows-firewall/TOC.md +++ /dev/null @@ -1,184 +0,0 @@ -# [Windows Firewall with Advanced Security](windows-firewall-with-advanced-security.md) - -## [Plan deployment]() - -### [Design guide](windows-firewall-with-advanced-security-design-guide.md) - -### [Design process](understanding-the-windows-firewall-with-advanced-security-design-process.md) - -### [Implementation goals]() -#### [Identify implementation goals](identifying-your-windows-firewall-with-advanced-security-deployment-goals.md) -#### [Protect devices from unwanted network traffic](protect-devices-from-unwanted-network-traffic.md) -#### [Restrict access to only trusted devices](restrict-access-to-only-trusted-devices.md) -#### [Require encryption](require-encryption-when-accessing-sensitive-network-resources.md) -#### [Restrict access](restrict-access-to-only-specified-users-or-devices.md) - -### [Implementation designs]() -#### [Mapping goals to a design](mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md) - -#### [Basic firewall design](basic-firewall-policy-design.md) -##### [Basic firewall design example](firewall-policy-design-example.md) - - -#### [Domain isolation design](domain-isolation-policy-design.md) -##### [Domain isolation design example](domain-isolation-policy-design-example.md) - - -#### [Server isolation design](server-isolation-policy-design.md) -##### [Server Isolation design example](server-isolation-policy-design-example.md) - - -#### [Certificate-based isolation design](certificate-based-isolation-policy-design.md) -##### [Certificate-based Isolation design example](certificate-based-isolation-policy-design-example.md) - -### [Design planning]() -#### [Planning your design](planning-your-windows-firewall-with-advanced-security-design.md) - -#### [Planning settings for a basic firewall policy](planning-settings-for-a-basic-firewall-policy.md) - -#### [Planning domain isolation zones]() -##### [Domain isolation zones](planning-domain-isolation-zones.md) -##### [Exemption list](exemption-list.md) -##### [Isolated domain](isolated-domain.md) -##### [Boundary zone](boundary-zone.md) -##### [Encryption zone](encryption-zone.md) - -#### [Planning server isolation zones](planning-server-isolation-zones.md) - -#### [Planning certificate-based authentication](planning-certificate-based-authentication.md) -##### [Documenting the Zones](documenting-the-zones.md) - -##### [Planning group policy deployment for your isolation zones](planning-group-policy-deployment-for-your-isolation-zones.md) -###### [Planning isolation groups for the zones](planning-isolation-groups-for-the-zones.md) -###### [Planning network access groups](planning-network-access-groups.md) - -###### [Planning the GPOs](planning-the-gpos.md) -####### [Firewall GPOs](firewall-gpos.md) -######## [GPO_DOMISO_Firewall](gpo-domiso-firewall.md) -####### [Isolated domain GPOs](isolated-domain-gpos.md) -######## [GPO_DOMISO_IsolatedDomain_Clients](gpo-domiso-isolateddomain-clients.md) -######## [GPO_DOMISO_IsolatedDomain_Servers](gpo-domiso-isolateddomain-servers.md) -####### [Boundary zone GPOs](boundary-zone-gpos.md) -######## [GPO_DOMISO_Boundary](gpo-domiso-boundary.md) -####### [Encryption zone GPOs](encryption-zone-gpos.md) -######## [GPO_DOMISO_Encryption](gpo-domiso-encryption.md) -####### [Server isolation GPOs](server-isolation-gpos.md) - -###### [Planning GPO deployment](planning-gpo-deployment.md) - - -### [Planning to deploy](planning-to-deploy-windows-firewall-with-advanced-security.md) - - -## [Deployment guide]() -### [Deployment overview](windows-firewall-with-advanced-security-deployment-guide.md) - -### [Implementing your plan](implementing-your-windows-firewall-with-advanced-security-design-plan.md) - -### [Basic firewall deployment]() -#### [Checklist: Implementing a basic firewall policy design](checklist-implementing-a-basic-firewall-policy-design.md) - - - -### [Domain isolation deployment]() -#### [Checklist: Implementing a Domain Isolation Policy Design](checklist-implementing-a-domain-isolation-policy-design.md) - - - -### [Server isolation deployment]() -#### [Checklist: Implementing a Standalone Server Isolation Policy Design](checklist-implementing-a-standalone-server-isolation-policy-design.md) - - - -### [Certificate-based authentication]() -#### [Checklist: Implementing a Certificate-based Isolation Policy Design](checklist-implementing-a-certificate-based-isolation-policy-design.md) - - - -## [Best practices]() -### [Configuring the firewall](best-practices-configuring.md) -### [Securing IPsec](securing-end-to-end-ipsec-connections-by-using-ikev2.md) -### [PowerShell](windows-firewall-with-advanced-security-administration-with-windows-powershell.md) -### [Isolating Microsoft Store Apps on Your Network](isolating-apps-on-your-network.md) - - -## [How-to]() -### [Add Production devices to the membership group for a zone](add-production-devices-to-the-membership-group-for-a-zone.md) -### [Add test devices to the membership group for a zone](add-test-devices-to-the-membership-group-for-a-zone.md) -### [Assign security group filters to the GPO](assign-security-group-filters-to-the-gpo.md) -### [Change rules from request to require mode](Change-Rules-From-Request-To-Require-Mode.Md) -### [Configure authentication methods](Configure-authentication-methods.md) -### [Configure data protection (Quick Mode) settings](configure-data-protection-quick-mode-settings.md) -### [Configure Group Policy to autoenroll and deploy certificates](configure-group-policy-to-autoenroll-and-deploy-certificates.md) -### [Configure key exchange (main mode) settings](configure-key-exchange-main-mode-settings.md) -### [Configure the rules to require encryption](configure-the-rules-to-require-encryption.md) -### [Configure the Windows Firewall log](configure-the-windows-firewall-log.md) -### [Configure the workstation authentication certificate template](configure-the-workstation-authentication-certificate-template.md) -### [Configure Windows Firewall to suppress notifications when a program is blocked](configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md) -### [Confirm that certificates are deployed correctly](confirm-that-certificates-are-deployed-correctly.md) -### [Copy a GPO to create a new GPO](copy-a-gpo-to-create-a-new-gpo.md) -### [Create a Group Account in Active Directory](create-a-group-account-in-active-directory.md) -### [Create a Group Policy Object](create-a-group-policy-object.md) -### [Create an authentication exemption list rule](create-an-authentication-exemption-list-rule.md) -### [Create an authentication request rule](create-an-authentication-request-rule.md) -### [Create an inbound ICMP rule](create-an-inbound-icmp-rule.md) -### [Create an inbound port rule](create-an-inbound-port-rule.md) -### [Create an inbound program or service rule](create-an-inbound-program-or-service-rule.md) -### [Create an outbound port rule](create-an-outbound-port-rule.md) -### [Create an outbound program or service rule](create-an-outbound-program-or-service-rule.md) -### [Create inbound rules to support RPC](create-inbound-rules-to-support-rpc.md) -### [Create WMI filters for the GPO](create-wmi-filters-for-the-gpo.md) -### [Create Windows Firewall rules in Intune](create-windows-firewall-rules-in-intune.md) -### [Enable predefined inbound rules](enable-predefined-inbound-rules.md) -### [Enable predefined outbound rules](enable-predefined-outbound-rules.md) -### [Exempt ICMP from authentication](exempt-icmp-from-authentication.md) -### [Link the GPO to the domain](link-the-gpo-to-the-domain.md) -### [Modify GPO filters](modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md) -### [Open IP security policies](open-the-group-policy-management-console-to-ip-security-policies.md) -### [Open Group Policy](open-the-group-policy-management-console-to-windows-firewall.md) -### [Open Group Policy](open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md) -### [Open Windows Firewall](open-windows-firewall-with-advanced-security.md) -### [Restrict server access](restrict-server-access-to-members-of-a-group-only.md) -### [Enable Windows Firewall](turn-on-windows-firewall-and-configure-default-behavior.md) -### [Verify Network Traffic](verify-that-network-traffic-is-authenticated.md) - - -## [References]() -### [Checklist: Creating Group Policy objects](checklist-creating-group-policy-objects.md) -### [Checklist: Creating inbound firewall rules](checklist-creating-inbound-firewall-rules.md) -### [Checklist: Creating outbound firewall rules](checklist-creating-outbound-firewall-rules.md) -### [Checklist: Configuring basic firewall settings](checklist-configuring-basic-firewall-settings.md) - - -### [Checklist: Configuring rules for the isolated domain](checklist-configuring-rules-for-the-isolated-domain.md) -### [Checklist: Configuring rules for the boundary zone](checklist-configuring-rules-for-the-boundary-zone.md) -### [Checklist: Configuring rules for the encryption zone](checklist-configuring-rules-for-the-encryption-zone.md) -### [Checklist: Configuring rules for an isolated server zone](checklist-configuring-rules-for-an-isolated-server-zone.md) - -### [Checklist: Configuring rules for servers in a standalone isolated server zone](checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md) -### [Checklist: Creating rules for clients of a standalone isolated server zone](checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md) - - -### [Appendix A: Sample GPO template files for settings used in this guide](appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md) - - - -## [Troubleshooting]() -### [Troubleshooting UWP app connectivity issues in Windows Firewall](troubleshooting-uwp-firewall.md) -### [Filter origin audit log improvements](filter-origin-documentation.md) -### [Quarantine behavior](quarantine.md) -### [Firewall settings lost on upgrade](firewall-settings-lost-on-upgrade.md) - - - - - - - - - - - - - - diff --git a/windows/security/threat-protection/windows-firewall/TOC.yml b/windows/security/threat-protection/windows-firewall/TOC.yml new file mode 100644 index 0000000000..efaa07fa4e --- /dev/null +++ b/windows/security/threat-protection/windows-firewall/TOC.yml @@ -0,0 +1,252 @@ +- name: Windows Firewall with Advanced Security + href: windows-firewall-with-advanced-security.md + items: + - name: Plan deployment + items: + - name: Design guide + href: windows-firewall-with-advanced-security-design-guide.md + - name: Design process + href: understanding-the-windows-firewall-with-advanced-security-design-process.md + - name: Implementation goals + items: + - name: Identify implementation goals + href: identifying-your-windows-firewall-with-advanced-security-deployment-goals.md + - name: Protect devices from unwanted network traffic + href: protect-devices-from-unwanted-network-traffic.md + - name: Restrict access to only trusted devices + href: restrict-access-to-only-trusted-devices.md + - name: Require encryption + href: require-encryption-when-accessing-sensitive-network-resources.md + - name: Restrict access + href: restrict-access-to-only-specified-users-or-devices.md + - name: Implementation designs + items: + - name: Mapping goals to a design + href: mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md + - name: Basic firewall design + href: basic-firewall-policy-design.md + items: + - name: Basic firewall design example + href: firewall-policy-design-example.md + - name: Domain isolation design + href: domain-isolation-policy-design.md + items: + - name: Domain isolation design example + href: domain-isolation-policy-design-example.md + - name: Server isolation design + href: server-isolation-policy-design.md + items: + - name: Server Isolation design example + href: server-isolation-policy-design-example.md + - name: Certificate-based isolation design + href: certificate-based-isolation-policy-design.md + items: + - name: Certificate-based Isolation design example + href: certificate-based-isolation-policy-design-example.md + - name: Design planning + items: + - name: Planning your design + href: planning-your-windows-firewall-with-advanced-security-design.md + - name: Planning settings for a basic firewall policy + href: planning-settings-for-a-basic-firewall-policy.md + - name: Planning domain isolation zones + items: + - name: Domain isolation zones + href: planning-domain-isolation-zones.md + - name: Exemption list + href: exemption-list.md + - name: Isolated domain + href: isolated-domain.md + - name: Boundary zone + href: boundary-zone.md + - name: Encryption zone + href: encryption-zone.md + - name: Planning server isolation zones + href: planning-server-isolation-zones.md + - name: Planning certificate-based authentication + href: planning-certificate-based-authentication.md + items: + - name: Documenting the Zones + href: documenting-the-zones.md + - name: Planning group policy deployment for your isolation zones + href: planning-group-policy-deployment-for-your-isolation-zones.md + items: + - name: Planning isolation groups for the zones + href: planning-isolation-groups-for-the-zones.md + - name: Planning network access groups + href: planning-network-access-groups.md + - name: Planning the GPOs + href: planning-the-gpos.md + items: + - name: Firewall GPOs + href: firewall-gpos.md + items: + - name: GPO_DOMISO_Firewall + href: gpo-domiso-firewall.md + - name: Isolated domain GPOs + href: isolated-domain-gpos.md + items: + - name: GPO_DOMISO_IsolatedDomain_Clients + href: gpo-domiso-isolateddomain-clients.md + - name: GPO_DOMISO_IsolatedDomain_Servers + href: gpo-domiso-isolateddomain-servers.md + - name: Boundary zone GPOs + href: boundary-zone-gpos.md + items: + - name: GPO_DOMISO_Boundary + href: gpo-domiso-boundary.md + - name: Encryption zone GPOs + href: encryption-zone-gpos.md + items: + - name: GPO_DOMISO_Encryption + href: gpo-domiso-encryption.md + - name: Server isolation GPOs + href: server-isolation-gpos.md + - name: Planning GPO deployment + href: planning-gpo-deployment.md + - name: Planning to deploy + href: planning-to-deploy-windows-firewall-with-advanced-security.md + - name: Deployment guide + items: + - name: Deployment overview + href: windows-firewall-with-advanced-security-deployment-guide.md + - name: Implementing your plan + href: implementing-your-windows-firewall-with-advanced-security-design-plan.md + - name: Basic firewall deployment + items: + - name: "Checklist: Implementing a basic firewall policy design" + href: checklist-implementing-a-basic-firewall-policy-design.md + - name: Domain isolation deployment + items: + - name: "Checklist: Implementing a Domain Isolation Policy Design" + href: checklist-implementing-a-domain-isolation-policy-design.md + - name: Server isolation deployment + items: + - name: "Checklist: Implementing a Standalone Server Isolation Policy Design" + href: checklist-implementing-a-standalone-server-isolation-policy-design.md + - name: Certificate-based authentication + items: + - name: "Checklist: Implementing a Certificate-based Isolation Policy Design" + href: checklist-implementing-a-certificate-based-isolation-policy-design.md + - name: Best practices + items: + - name: Configuring the firewall + href: best-practices-configuring.md + - name: Securing IPsec + href: securing-end-to-end-ipsec-connections-by-using-ikev2.md + - name: PowerShell + href: windows-firewall-with-advanced-security-administration-with-windows-powershell.md + - name: Isolating Microsoft Store Apps on Your Network + href: isolating-apps-on-your-network.md + - name: How-to + items: + - name: Add Production devices to the membership group for a zone + href: add-production-devices-to-the-membership-group-for-a-zone.md + - name: Add test devices to the membership group for a zone + href: add-test-devices-to-the-membership-group-for-a-zone.md + - name: Assign security group filters to the GPO + href: assign-security-group-filters-to-the-gpo.md + - name: Change rules from request to require mode + href: Change-Rules-From-Request-To-Require-Mode.Md + - name: Configure authentication methods + href: Configure-authentication-methods.md + - name: Configure data protection (Quick Mode) settings + href: configure-data-protection-quick-mode-settings.md + - name: Configure Group Policy to autoenroll and deploy certificates + href: configure-group-policy-to-autoenroll-and-deploy-certificates.md + - name: Configure key exchange (main mode) settings + href: configure-key-exchange-main-mode-settings.md + - name: Configure the rules to require encryption + href: configure-the-rules-to-require-encryption.md + - name: Configure the Windows Firewall log + href: configure-the-windows-firewall-log.md + - name: Configure the workstation authentication certificate template + href: configure-the-workstation-authentication-certificate-template.md + - name: Configure Windows Firewall to suppress notifications when a program is blocked + href: configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md + - name: Confirm that certificates are deployed correctly + href: confirm-that-certificates-are-deployed-correctly.md + - name: Copy a GPO to create a new GPO + href: copy-a-gpo-to-create-a-new-gpo.md + - name: Create a Group Account in Active Directory + href: create-a-group-account-in-active-directory.md + - name: Create a Group Policy Object + href: create-a-group-policy-object.md + - name: Create an authentication exemption list rule + href: create-an-authentication-exemption-list-rule.md + - name: Create an authentication request rule + href: create-an-authentication-request-rule.md + - name: Create an inbound ICMP rule + href: create-an-inbound-icmp-rule.md + - name: Create an inbound port rule + href: create-an-inbound-port-rule.md + - name: Create an inbound program or service rule + href: create-an-inbound-program-or-service-rule.md + - name: Create an outbound port rule + href: create-an-outbound-port-rule.md + - name: Create an outbound program or service rule + href: create-an-outbound-program-or-service-rule.md + - name: Create inbound rules to support RPC + href: create-inbound-rules-to-support-rpc.md + - name: Create WMI filters for the GPO + href: create-wmi-filters-for-the-gpo.md + - name: Create Windows Firewall rules in Intune + href: create-windows-firewall-rules-in-intune.md + - name: Enable predefined inbound rules + href: enable-predefined-inbound-rules.md + - name: Enable predefined outbound rules + href: enable-predefined-outbound-rules.md + - name: Exempt ICMP from authentication + href: exempt-icmp-from-authentication.md + - name: Link the GPO to the domain + href: link-the-gpo-to-the-domain.md + - name: Modify GPO filters + href: modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md + - name: Open IP security policies + href: open-the-group-policy-management-console-to-ip-security-policies.md + - name: Open Group Policy + href: open-the-group-policy-management-console-to-windows-firewall.md + - name: Open Group Policy + href: open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md + - name: Open Windows Firewall + href: open-windows-firewall-with-advanced-security.md + - name: Restrict server access + href: restrict-server-access-to-members-of-a-group-only.md + - name: Enable Windows Firewall + href: turn-on-windows-firewall-and-configure-default-behavior.md + - name: Verify Network Traffic + href: verify-that-network-traffic-is-authenticated.md + - name: References + items: + - name: "Checklist: Creating Group Policy objects" + href: checklist-creating-group-policy-objects.md + - name: "Checklist: Creating inbound firewall rules" + href: checklist-creating-inbound-firewall-rules.md + - name: "Checklist: Creating outbound firewall rules" + href: checklist-creating-outbound-firewall-rules.md + - name: "Checklist: Configuring basic firewall settings" + href: checklist-configuring-basic-firewall-settings.md + - name: "Checklist: Configuring rules for the isolated domain" + href: checklist-configuring-rules-for-the-isolated-domain.md + - name: "Checklist: Configuring rules for the boundary zone" + href: checklist-configuring-rules-for-the-boundary-zone.md + - name: "Checklist: Configuring rules for the encryption zone" + href: checklist-configuring-rules-for-the-encryption-zone.md + - name: "Checklist: Configuring rules for an isolated server zone" + href: checklist-configuring-rules-for-an-isolated-server-zone.md + - name: "Checklist: Configuring rules for servers in a standalone isolated server zone" + href: checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md + - name: "Checklist: Creating rules for clients of a standalone isolated server zone" + href: checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md + - name: "Appendix A: Sample GPO template files for settings used in this guide" + href: appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md + - name: Troubleshooting + items: + - name: Troubleshooting UWP app connectivity issues in Windows Firewall + href: troubleshooting-uwp-firewall.md + - name: Filter origin audit log improvements + href: filter-origin-documentation.md + - name: Quarantine behavior + href: quarantine.md + - name: Firewall settings lost on upgrade + href: firewall-settings-lost-on-upgrade.md