deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-23 02:37:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Minor changes

Browse Source
This commit is contained in:
Asha Iyengar 2020-12-16 23:37:43 +05:30 committed by GitHub
parent 089f72e52c
commit 5bf7b35e59
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
windows/security/threat-protection/windows-firewall/quarantine.md
View File

@ -25,7 +25,7 @@ Network changes can happen frequently. Additionally, the operations required to
To counter this potential exploitation, Windows Firewall will quarantine an interface until the system has successfully re-categorized the network and Windows Filtering Platform (WFP) has the correct filters applied for the updated interface configuration. During quarantine, all new inbound connections without exceptions are blocked to the machine.
While the quarantine feature has long been a part of Windows Firewall, the features behavior has often caused confusion for customers unaware of quarantine and its motivations.
While the quarantine feature has long been a part of Windows Firewall, the feature behavior has often caused confusion for customers unaware of quarantine and its motivations.
Ultimately, the goal of this document is to describe the quarantine feature at a high level and help network admins understand why the application traffic is sometimes blocked by quarantine.
@ -33,11 +33,9 @@ Ultimately, the goal of this document is to describe the quarantine feature at a
The quarantine feature creates filters which can be split into three categories:
1. Quarantine default inbound block filter
2. Quarantine default exception filters
3. Interface un-quarantine filters
- Quarantine default inbound block filter
- Quarantine default exception filters
- Interface un-quarantine filters
These filters are added in the FWPM_SUBLAYER_MPSSVC_QUARANTINE sublayer and these layers are:
@ -50,7 +48,7 @@ These filters are added in the FWPM_SUBLAYER_MPSSVC_QUARANTINE sublayer and thes
4. FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V6
>[!NOTE]
> Any Firewall rules added by the customers will not affect the filters in the quarantine sublayer as filters from Firewall rules are added in the FWPM_SUBLAYER_MPSSVC_WF sublayer. In other words, customers cannot add their own exception filters to prevent packets from being evaluated by quarantine filters.
> Any firewall rules added by the customers will not affect the filters in the quarantine sublayer as filters from Firewall rules are added in the FWPM_SUBLAYER_MPSSVC_WF sublayer. In other words, customers cannot add their own exception filters to prevent packets from being evaluated by quarantine filters.
For more information about WFP layers and sublayers, see [WFP Operation](https://docs.microsoft.com/windows/win32/fwp/basic-operation).