mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-17 11:23:45 +00:00
updates
This commit is contained in:
Paolo Matarazzo
@ -4,9 +4,6 @@ description: Learn how to add production devices to the membership group for a z
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Add Production Devices to the Membership Group for a Zone
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to add devices to the group for a zone to test whether yo
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Add Test Devices to the Membership Group for a Zone
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use sample template files import an XML file containing customized
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Appendix A: Sample GPO Template Files for Settings Used in this Guide
|
||||
|
||||
@ -7,9 +7,6 @@ ms.collection:
|
||||
- tier3
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Assign Security Group Filters to the GPO
|
||||
|
||||
@ -3,9 +3,6 @@ title: Basic Firewall Policy Design (Windows)
|
||||
description: Protect the devices in your organization from unwanted network traffic that gets through the perimeter defenses by using basic firewall policy design.
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
ms.date: 12/31/2017
|
||||
---
|
||||
|
||||
|
||||
@ -7,9 +7,6 @@ ms.collection:
|
||||
- highpri
|
||||
- tier3
|
||||
ms.topic: article
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Best practices for configuring Windows Defender Firewall
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn about GPOs to create that must align with the group you creat
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Boundary Zone GPOs
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how a boundary zone supports devices that must receive traffi
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Boundary Zone
|
||||
|
||||
@ -4,9 +4,6 @@ description: This example uses a fictitious company to illustrate certificate-ba
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Certificate-based Isolation Policy Design Example
|
||||
|
||||
@ -4,9 +4,6 @@ description: Explore the methodology behind Certificate-based Isolation Policy D
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Certificate-based isolation policy design
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to convert a rule from request to require mode and apply
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Change Rules from Request to Require Mode
|
||||
|
||||
@ -4,9 +4,6 @@ description: Configure Windows Firewall to set inbound and outbound behavior, di
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Configuring Basic Firewall Settings
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use these tasks to configure connection security rules and IPsec se
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Configuring Rules for an Isolated Server Zone
|
||||
|
||||
@ -4,9 +4,6 @@ description: Checklist Configuring Rules for Servers in a Standalone Isolated Se
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Configuring Rules for Servers in a Standalone Isolated Server Zone
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use these tasks to configure connection security rules and IPsec se
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Configuring Rules for the Boundary Zone
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use these tasks to configure connection security rules and IPsec se
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Configuring Rules for the Encryption Zone
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use these tasks to configure connection security rules and IPsec se
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Configuring Rules for the Isolated Domain
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn to deploy firewall settings, IPsec settings, firewall rules,
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Creating Group Policy Objects
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use these tasks for creating inbound firewall rules in your GPOs fo
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Creating Inbound Firewall Rules
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use these tasks for creating outbound firewall rules in your GPOs f
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Creating Outbound Firewall Rules
|
||||
|
||||
@ -4,9 +4,6 @@ description: Checklist for when creating rules for clients of a Standalone Isola
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Creating Rules for Clients of a Standalone Isolated Server Zone
|
||||
|
||||
@ -4,9 +4,6 @@ description: Follow this parent checklist for implementing a basic firewall poli
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Implementing a Basic Firewall Policy Design
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use these references to learn about using certificates as an authen
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Implementing a Certificate-based Isolation Policy Design
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use these references to learn about the domain isolation policy des
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Implementing a Domain Isolation Policy Design
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use these tasks to create a server isolation policy design that isn
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Checklist: Implementing a Standalone Server Isolation Policy Design
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to configure authentication methods for devices in an iso
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Configure Authentication Methods
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to configure the data protection settings for connection
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Configure Data Protection (Quick Mode) Settings
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to configure Group Policy to automatically enroll client
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Configure Group Policy to Autoenroll and Deploy Certificates
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to configure the main mode key exchange settings used to
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Configure Key Exchange (Main Mode) Settings
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to configure rules to add encryption algorithms and delet
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Configure the Rules to Require Encryption
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to configure Windows Defender Firewall with Advanced Secu
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Configure the Windows Defender Firewall with Advanced Security Log
|
||||
|
||||
@ -3,9 +3,6 @@ title: Configure the Workstation Authentication Template (Windows)
|
||||
description: Learn how to configure a workstation authentication certificate template, which is used for device certificates that are enrolled and deployed to workstations.
|
||||
ms.prod: windows-client
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
ms.topic: conceptual
|
||||
---
|
||||
|
||||
|
||||
@ -4,9 +4,6 @@ description: Configure Windows Defender Firewall with Advanced Security to suppr
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Configure Windows Defender Firewall with Advanced Security to Suppress Notifications When a Program Is Blocked
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to confirm that a Group Policy is being applied as expect
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 01/24/2023
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Confirm That Certificates Are Deployed Correctly
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to make a copy of a GPO by using the Active Directory Use
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Copy a GPO to Create a New GPO
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to create a security group for the computers that are to
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create a Group Account in Active Directory
|
||||
|
||||
@ -7,9 +7,6 @@ ms.collection:
|
||||
- tier3
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create a Group Policy Object
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to create rules that exempt devices that cannot communica
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create an Authentication Exemption List Rule
|
||||
|
||||
@ -4,9 +4,6 @@ description: Create a new rule for Windows Defender Firewall with Advanced Secur
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create an Authentication Request Rule
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to allow inbound ICMP traffic by using the Group Policy M
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create an Inbound ICMP Rule
|
||||
|
||||
@ -7,9 +7,6 @@ ms.collection:
|
||||
- tier3
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create an Inbound Port Rule
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to allow inbound traffic to a program or service by using
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create an Inbound Program or Service Rule
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn to block outbound traffic on a port by using the Group Policy
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create an Outbound Port Rule
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use the Windows Defender Firewall with Advanced Security node in th
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create an Outbound Program or Service Rule
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to allow RPC network traffic by using the Group Policy Ma
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create Inbound Rules to Support RPC
|
||||
|
||||
@ -3,9 +3,6 @@ title: Create Windows Firewall rules in Intune (Windows)
|
||||
description: Learn how to use Intune to create rules in Windows Defender Firewall with Advanced Security. Start by creating a profile in Device Configuration in Intune.
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
ms.date: 12/31/2017
|
||||
---
|
||||
|
||||
|
||||
@ -7,9 +7,6 @@ ms.collection:
|
||||
- tier3
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Create WMI Filters for the GPO
|
||||
|
||||
@ -4,9 +4,6 @@ description: Answer the question in this article to design an effective Windows
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Designing a Windows Defender Firewall with Advanced Security Strategy
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to define the trusted state of devices in your enterprise
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Determining the Trusted State of Your Devices
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to document the zone placement of devices in your design
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Documenting the Zones
|
||||
|
||||
@ -4,9 +4,6 @@ description: This example uses a fictitious company to illustrate domain isolati
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Domain Isolation Policy Design Example
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to design a domain isolation policy, based on which devic
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Domain Isolation Policy Design
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn the rules for Windows Defender Firewall with Advanced Securit
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Enable Predefined Inbound Rules
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn to deploy predefined firewall rules that block outbound netwo
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/07/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Enable Predefined Outbound Rules
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to add a device to an encryption zone by adding the devic
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Encryption Zone GPOs
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to create an encryption zone to contain devices that host
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Encryption Zone
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to add exemptions for any network traffic that uses the I
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Exempt ICMP from Authentication
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn about reasons to add devices to an exemption list in Windows
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Exemption List
|
||||
|
||||
@ -3,9 +3,6 @@ title: Filter origin audit log improvements
|
||||
description: Filter origin documentation audit log improvements
|
||||
ms.prod: windows-client
|
||||
ms.topic: troubleshooting
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
ms.date: 12/31/2017
|
||||
---
|
||||
|
||||
@ -29,19 +26,19 @@ The blocking filters can be categorized under these filter origins:
|
||||
|
||||
2. Firewall default block filters
|
||||
|
||||
a. AppContainer loopback
|
||||
a. AppContainer loopback
|
||||
|
||||
b. Boottime default
|
||||
b. Boottime default
|
||||
|
||||
c. Quarantine default
|
||||
c. Quarantine default
|
||||
|
||||
d. Query user default
|
||||
d. Query user default
|
||||
|
||||
e. Stealth
|
||||
e. Stealth
|
||||
|
||||
f. Universal Windows Platform (UWP) default
|
||||
f. Universal Windows Platform (UWP) default
|
||||
|
||||
g. Windows Service Hardening (WSH) default
|
||||
g. Windows Service Hardening (WSH) default
|
||||
|
||||
The next section describes the improvements made to audits 5157 and 5152, and how the above filter origins are used in these events. These improvements were added in the Windows Server 2022 and Windows 11 releases.
|
||||
|
||||
@ -59,8 +56,8 @@ To enable a specific audit event, run the corresponding command in an administra
|
||||
|
||||
|**Audit #**|**Enable command**|**Link**|
|
||||
|:-----|:-----|:-----|
|
||||
|**5157**|`Auditpol /set /category:"System" /SubCategory:"Filtering Platform Connection" /success:enable /failure:enable`|[5157(F): The Windows Filtering Platform has blocked a connection.](../auditing/event-5157.md)|
|
||||
|**5152**|`Auditpol /set /category:"System" /SubCategory:"Filtering Platform Packet Drop" /success:enable /failure:enable`|[5152(F): The Windows Filtering Platform blocked a packet.](../auditing/event-5152.md)|
|
||||
|**5157**|`Auditpol /set /category:"System" /SubCategory:"Filtering Platform Connection" /success:enable /failure:enable`|[5157(F): The Windows Filtering Platform has blocked a connection.](../../../threat-protection/auditing/event-5157.md)|
|
||||
|**5152**|`Auditpol /set /category:"System" /SubCategory:"Filtering Platform Packet Drop" /success:enable /failure:enable`|[5152(F): The Windows Filtering Platform blocked a packet.](../../../threat-protection/auditing/event-5152.md)|
|
||||
|
||||
## Example flow of debugging packet drops with filter origin
|
||||
|
||||
@ -75,13 +72,13 @@ The next sections are divided by `Filter Origin` type, the value is either a rul
|
||||
Run the following PowerShell command to generate the rule information using `Filter Origin`.
|
||||
|
||||
```Powershell
|
||||
Get-NetFirewallRule -Name “<Filter Origin>”
|
||||
Get-NetFirewallRule -Name "<Filter Origin>"
|
||||
Get-NetFirewallRule -Name " {A549B7CF-0542-4B67-93F9-EEBCDD584377} "
|
||||
```
|
||||
|
||||
|
||||
|
||||
After identifying the rule that caused the drop, the network admin can now modify/disable the rule to allow the traffic they want through command prompt or using the Windows Defender UI. The network admin can find the rule in the UI with the rule’s `DisplayName`.
|
||||
After identifying the rule that caused the drop, the network admin can now modify/disable the rule to allow the traffic they want through command prompt or using the Windows Defender UI. The network admin can find the rule in the UI with the rule's `DisplayName`.
|
||||
|
||||
>[!NOTE]
|
||||
> Firewall rules from Mobile Device Management (MDM) store cannot be searched using the Windows Defender UI. Additionally, the above method will not work when the `Filter Origin` is one of the default block filters, as they do not correspond to any firewall rules.
|
||||
@ -161,4 +158,4 @@ For more information on how to debug drops caused by UWP default block filters,
|
||||
|
||||
**WSH default**
|
||||
|
||||
Network drops from Windows Service Hardening (WSH) default filters indicate that there wasn’t an explicit Windows Service Hardening allow rule to allow network traffic for the protected service. The service owner will need to configure allow rules for the service if the block isn't expected.
|
||||
Network drops from Windows Service Hardening (WSH) default filters indicate that there wasn't an explicit Windows Service Hardening allow rule to allow network traffic for the protected service. The service owner will need to configure allow rules for the service if the block isn't expected.
|
||||
|
||||
@ -4,9 +4,6 @@ description: In this example, a Group Policy Object is linked to the domain cont
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Firewall GPOs
|
||||
|
||||
@ -4,9 +4,6 @@ description: This example features a fictitious company and illustrates firewall
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Basic Firewall Policy Design Example
|
||||
|
||||
@ -3,9 +3,6 @@ title: Troubleshooting Windows Firewall settings after a Windows upgrade
|
||||
description: Firewall settings lost on upgrade
|
||||
ms.prod: windows-client
|
||||
ms.topic: troubleshooting
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
ms.date: 12/31/2017
|
||||
---
|
||||
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn about gathering Active Directory information, including domai
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Gathering Information about Your Active Directory Deployment
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to gather info about your network infrastructure so that
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Gathering Information about Your Current Network Infrastructure
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn what information to gather about the devices in your enterpri
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Gathering Information about Your Devices
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn about additional information you may need to gather to deploy
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Gathering Other Relevant Information
|
||||
|
||||
@ -4,9 +4,6 @@ description: Collect and analyze information about your network, directory servi
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Gathering the Information You Need
|
||||
|
||||
@ -4,9 +4,6 @@ description: This example GPO supports devices that aren't part of the isolated
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# GPO\_DOMISO\_Boundary
|
||||
|
||||
@ -4,9 +4,6 @@ description: This example GPO supports the ability for servers that contain sens
|
||||
ms.topic: conceptual
|
||||
ms.prod: windows-client
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# GPO\_DOMISO\_Encryption\_WS2008
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn about the settings and rules in this example GPO, which is au
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# GPO\_DOMISO\_Firewall
|
||||
|
||||
@ -4,9 +4,6 @@ description: Author this GPO by using Windows Defender Firewall with Advanced Se
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# GPO\_DOMISO\_IsolatedDomain\_Clients
|
||||
|
||||
@ -4,9 +4,6 @@ description: Author this GPO by using the Windows Defender Firewall with Advance
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# GPO\_DOMISO\_IsolatedDomain\_Servers
|
||||
|
||||
@ -4,9 +4,6 @@ description: Identifying Your Windows Defender Firewall with Advanced Security (
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Identifying Windows Defender Firewall with Advanced Security implementation goals
|
||||
|
||||
@ -4,9 +4,6 @@ description: Implementing Your Windows Defender Firewall with Advanced Security
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Implementing Your Windows Defender Firewall with Advanced Security Design Plan
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn about GPOs for isolated domains in this example configuration
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Isolated Domain GPOs
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn about the isolated domain, which is the primary zone for trus
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Isolated Domain
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to customize your firewall configuration to isolate the n
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Isolating Microsoft Store Apps on Your Network
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to link a GPO to the Active Directory container for the t
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Link the GPO to the Domain
|
||||
|
||||
@ -4,9 +4,6 @@ description: Mapping your implementation goals to a Windows Firewall with Advanc
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Mapping your implementation goals to a Windows Firewall with Advanced Security design
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to modify GPO filters to apply to a different zone or ver
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Modify GPO Filters to Apply to a Different Zone or Version of Windows
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to open the Group Policy Management Console to IP Securit
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Open the Group Policy Management Console to IP Security Policies
|
||||
|
||||
@ -7,9 +7,6 @@ ms.collection:
|
||||
- tier3
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Group Policy Management of Windows Firewall with Advanced Security
|
||||
|
||||
@ -4,9 +4,6 @@ description: Group Policy Management of Windows Defender Firewall with Advanced
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Group Policy Management of Windows Defender Firewall
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to open the Windows Defender Firewall with Advanced Secur
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Open Windows Defender Firewall with Advanced Security
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how a device unable to join an Active Directory domain can st
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning Certificate-based Authentication
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to use information you've gathered to make decisions abou
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning Domain Isolation Zones
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to use security group filtering and WMI filtering to prov
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning GPO Deployment
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to plan a group policy deployment for your isolation zone
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning Group Policy Deployment for Your Isolation Zones
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn about planning isolation groups for the zones in Microsoft Fi
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning Isolation Groups for the Zones
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to implement a network access group for users and devices
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning Network Access Groups
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to restrict access to a server to approved users by using
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning Server Isolation Zones
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how to design a basic policy for Windows Defender Firewall wi
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning Settings for a Basic Firewall Policy
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn about planning Group Policy Objects for your isolation zones
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning the GPOs
|
||||
|
||||
@ -4,9 +4,6 @@ description: Use the design information in this article to plan for the deployme
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning to Deploy Windows Defender Firewall with Advanced Security
|
||||
|
||||
@ -4,9 +4,6 @@ description: After you gather the relevant information, select the design or com
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Planning Your Windows Defender Firewall with Advanced Security Design
|
||||
|
||||
@ -4,9 +4,6 @@ description: Learn how running a host-based firewall on every device in your org
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 01/18/2022
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Protect devices from unwanted network traffic
|
||||
|
||||
@ -4,9 +4,6 @@ description: Quarantine behavior is explained in detail.
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Quarantine behavior
|
||||
|
||||
@ -4,9 +4,6 @@ description: Windows Defender Firewall with Advanced Security allows you to requ
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Require Encryption When Accessing Sensitive Network Resources
|
||||
|
||||
@ -4,9 +4,6 @@ description: Restrict access to devices and users that are members of domain gro
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Restrict Access to Only Specified Users or Computers
|
||||
|
||||
@ -4,9 +4,6 @@ description: Windows Defender Firewall with Advanced Security enables you to iso
|
||||
ms.prod: windows-client
|
||||
ms.topic: conceptual
|
||||
ms.date: 09/08/2021
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10 and later</a>
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/windows-server-release-info" target="_blank">Windows Server 2016 and later</a>
|
||||
---
|
||||
|
||||
# Restrict access to only trusted devices
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user