mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-19 04:13:41 +00:00
Updating 61 to 80
This commit is contained in:
Meghana Athavale
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Basic Firewall Policy Design Example (Windows 10)
|
||||
title: Basic Firewall Policy Design Example (Windows)
|
||||
description: This example features a fictitious company and illustrates firewall policy design for Windows Defender Firewall with Advanced Security.
|
||||
ms.assetid: 0dc3bcfe-7a4d-4a15-93a9-64b13bd775a7
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
In this example, the fictitious company Woodgrove Bank is a financial services institution.
|
||||
|
||||
@ -67,7 +68,7 @@ Other traffic notes:
|
||||
|
||||
Woodgrove Bank uses Active Directory groups and Group Policy Objects to deploy the firewall settings and rules to the devices on their network. They know that they must deploy policies to the following collections of devices:
|
||||
|
||||
- Client devices that run Windows 10, Windows 8, or Windows 7
|
||||
- Client devices that run Windows 11, Windows 10, Windows 8, or Windows 7
|
||||
|
||||
- WGBank front-end servers that run Windows Server 2016, Windows Server 2012 R2, Windows Server 2012 or Windows Server 2008 R2 (there are none in place yet, but their solution must support adding them)
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Gathering Information about Your Active Directory Deployment (Windows 10)
|
||||
title: Gathering Information about Your Active Directory Deployment (Windows)
|
||||
description: Learn about gathering Active Directory information, including domain layout, organizational unit architecture, and site topology, for your firewall deployment.
|
||||
ms.assetid: b591b85b-12ac-4329-a47e-bc1b03e66eb0
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
Active Directory is another important item about which you must gather information. You must understand the forest structure. This includes domain layout, organizational unit (OU) architecture, and site topology. This information makes it possible to know where devices are currently placed, their configuration, and the impact of changes to Active Directory that result from implementing Windows Defender Firewall with Advanced Security. Review the following list for information needed:
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Gathering Info about Your Network Infrastructure (Windows 10)
|
||||
title: Gathering Info about Your Network Infrastructure (Windows)
|
||||
description: Learn how to gather info about your network infrastructure so that you can effectively plan for Windows Defender Firewall with Advanced Security deployment.
|
||||
ms.assetid: f98d2b17-e71d-4ffc-b076-118b4d4782f9
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
Perhaps the most important aspect of planning for Windows Defender Firewall with Advanced Security deployment is the network architecture, because IPsec is layered on the Internet Protocol itself. An incomplete or inaccurate understanding of the network can prevent any Windows Defender Firewall solution from being successful. Understanding subnet layout, IP addressing schemes, and traffic patterns are part of this effort, but accurately documenting the following components are important to completing the planning phase of this project:
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Gathering Information about Your Devices (Windows 10)
|
||||
title: Gathering Information about Your Devices (Windows)
|
||||
description: Learn what information to gather about the devices in your enterprise to plan your Windows Defender Firewall with Advanced Security deployment.
|
||||
ms.assetid: 7f7cd3b9-de8e-4fbf-89c6-3d1a47bc2beb
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
One of the most valuable benefits of conducting an asset discovery project is the large amount of data that is obtained about the client and server devices on the network. When you start designing and planning your isolation zones, you must make decisions that require accurate information about the state of all hosts to ensure that they can use IPsec as planned.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Gathering Other Relevant Information (Windows 10)
|
||||
title: Gathering Other Relevant Information (Windows)
|
||||
description: Learn about additional information you may need to gather to deploy Windows Defender Firewall with Advanced Security policies in your organization.
|
||||
ms.assetid: 87ccca07-4346-496b-876d-cdde57d0ce17
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This topic discusses several other things that you should examine to see whether they will cause any complications in your ability to deploy Windows Defender Firewall with Advanced Security policies in your organization.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Gathering the Information You Need (Windows 10)
|
||||
title: Gathering the Information You Need (Windows)
|
||||
description: Collect and analyze information about your network, directory services, and devices to prepare for Windows Defender Firewall with Advanced Security deployment.
|
||||
ms.assetid: 545fef02-5725-4b1e-b67a-a32d94c27d15
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
Before starting the planning process for a Windows Defender Firewall with Advanced Security deployment, you must collect and analyze up-to-date information about the network, the directory services, and the devices that are already deployed in the organization. This information enables you to create a design that accounts for all possible elements of the existing infrastructure. If the gathered information is not accurate, problems can occur when devices and devices that were not considered during the planning phase are encountered during implementation.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: GPO\_DOMISO\_Boundary (Windows 10)
|
||||
title: GPO\_DOMISO\_Boundary (Windows)
|
||||
description: This example GPO supports devices that are not part of the isolated domain to access specific servers that must be available to those untrusted devices.
|
||||
ms.assetid: ead3a510-c329-4c2a-9ad2-46a3b4975cfd
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This GPO is authored by using the Windows Defender Firewall with Advanced Security interface in the Group Policy editing tools. Woodgrove Bank began by copying and pasting the GPO for the Windows Server 2008 version of the isolated domain GPO, and then renamed the copy to reflect its new purpose.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: GPO\_DOMISO\_Encryption\_WS2008 (Windows 10)
|
||||
title: GPO\_DOMISO\_Encryption\_WS2008 (Windows)
|
||||
description: This example GPO supports the ability for servers that contain sensitive data to require encryption for all connection requests.
|
||||
ms.assetid: 84375480-af6a-4c79-aafe-0a37115a7446
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: GPO\_DOMISO\_Firewall (Windows 10)
|
||||
title: GPO\_DOMISO\_Firewall (Windows)
|
||||
description: Learn about the settings and rules in this example GPO, which is authored by using the Group Policy editing tools.
|
||||
ms.assetid: 318467d2-5698-4c5d-8000-7f56f5314c42
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This GPO is authored by using the Windows Defender Firewall
|
||||
with Advanced Security interface in the Group Policy editing tools. The User Configuration section of the GPO is disabled. It is intended to only apply to devices that are running at least Windows 7 or Windows Server 2008.
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: GPO\_DOMISO\_IsolatedDomain\_Clients (Windows 10)
|
||||
title: GPO\_DOMISO\_IsolatedDomain\_Clients (Windows)
|
||||
description: Author this GPO by using the Windows Defender Firewall with Advanced Security interface in the Group Policy editing tools.
|
||||
ms.assetid: 73cd9e25-f2f1-4ef6-b0d1-d36209518cd9
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This GPO is authored by using the Windows Defender Firewall with Advanced Security interface in the Group Policy editing tools. The User Configuration section of the GPO is disabled. It is intended to only apply to client devices that are running Windows 8, Windows 7, or Windows Vista.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: GPO\_DOMISO\_IsolatedDomain\_Servers (Windows 10)
|
||||
title: GPO\_DOMISO\_IsolatedDomain\_Servers (Windows)
|
||||
description: Author this GPO by using the Windows Defender Firewall with Advanced Security interface in the Group Policy editing tools.
|
||||
ms.assetid: 33aed8f3-fdc3-4f96-985c-e9d2720015d3
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This GPO is authored by using the Windows Defender Firewall interface in the Group Policy editing tools. The User Configuration section of the GPO is disabled. It is intended to only apply to server devices that are running at least Windows Server 2008.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Identify implementation goals for Windows Defender Firewall with Advanced Security Deployment (Windows 10)
|
||||
title: Identify implementation goals for Windows Defender Firewall with Advanced Security Deployment (Windows)
|
||||
description: Identifying Your Windows Defender Firewall with Advanced Security (WFAS) implementation goals
|
||||
ms.assetid: 598cf45e-2e1c-4947-970f-361dfa264bba
|
||||
ms.reviewer:
|
||||
@ -14,14 +14,15 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
# Identifying Windows Defender Firewall with Advanced Security implementation goals
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 10
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
Correctly identifying your Windows Defender Firewall with Advanced Security implementation goals is essential for the success of your Windows Defender Firewall design project. Form a project team that can clearly articulate deployment issues in a vision statement. When you write your vision statement, identify, clarify, and refine your implementation goals. Prioritize and, if possible, combine your implementation goals so that you can design and deploy Windows Defender Firewall by using an iterative approach. You can take advantage of the predefined Windows Defender Firewall implementation goals presented in this guide that are relevant to your scenarios.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Implementing Your Windows Defender Firewall with Advanced Security Design Plan (Windows 10)
|
||||
title: Implementing Your Windows Defender Firewall with Advanced Security Design Plan (Windows)
|
||||
description: Implementing Your Windows Defender Firewall with Advanced Security Design Plan
|
||||
ms.assetid: 15f609d5-5e4e-4a71-9eff-493a2e3e40f9
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
The following are important factors in the implementation of your Windows Defender Firewall design plan:
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Isolated Domain GPOs (Windows 10)
|
||||
title: Isolated Domain GPOs (Windows)
|
||||
description: Learn about GPOs for isolated domains in this example configuration of Windows Defender Firewall with Advanced Security.
|
||||
ms.assetid: e254ce4a-18c6-4868-8179-4078d9de215f
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
All of the devices in the isolated domain are added to the group CG\_DOMISO\_IsolatedDomain. You must create multiple GPOs to align with this group, one for each Windows operating system that must have different rules or settings to implement the basic isolated domain functionality that you have in your isolated domain. This group is granted Read and Apply Group Policy permissions on all the GPOs described in this section.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Isolated Domain (Windows 10)
|
||||
title: Isolated Domain (Windows)
|
||||
description: Learn about the isolated domain, which is the primary zone for trusted devices, which use connection security and firewall rules to control communication.
|
||||
ms.assetid: d6fa8d67-0078-49f6-9bcc-db1f24816c5e
|
||||
ms.reviewer:
|
||||
@ -14,16 +14,16 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
# Isolated Domain
|
||||
|
||||
**Applies to:**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows Server 2019
|
||||
- Windows 10
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
The isolated domain is the primary zone for trusted devices. The devices in this zone use connection security and firewall rules to control the communications that can be sent between devices in the zone.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Isolating Microsoft Store Apps on Your Network (Windows 10)
|
||||
title: Isolating Microsoft Store Apps on Your Network (Windows)
|
||||
description: Learn how to customize your firewall configuration to isolate the network access of the new Microsoft Store apps that run on devices added to your network.
|
||||
ms.prod: m365-security
|
||||
ms.mktglfcycl: deploy
|
||||
@ -11,7 +11,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 10/13/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
ms.technology: mde
|
||||
@ -21,7 +21,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
When you add new devices to your network, you may want to customize your Windows Defender Firewall with Advanced Security configuration to isolate the network access of the new Microsoft Store apps that run on them. Developers who build Microsoft Store apps can declare certain app capabilities that enable different classes of network access. A developer can decide what kind of network access the app requires and configure this capability for the app. When the app is installed on a device, appropriate firewall rules are automatically created to enable access. You can then customize the firewall configuration to further fine-tune this access if they desire more control over the network access for the app.
|
||||
|
||||
@ -65,7 +66,7 @@ To isolate Microsoft Store apps on your network, you need to use Group Policy to
|
||||
|
||||
- The Remote Server Administration Tools (RSAT) are installed on your client device. When you perform the following steps from your client device, you can select your Microsoft Store app when you create Windows Defender Firewall rules.
|
||||
|
||||
>**Note:** You can install the RSAT on your device running Windows 10 from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=45520).
|
||||
>**Note:** You can install the RSAT on your device running Windows from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=45520).
|
||||
|
||||
|
||||
## Step 1: Define your network
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Link the GPO to the Domain (Windows 10)
|
||||
title: Link the GPO to the Domain (Windows)
|
||||
description: Learn how to link a GPO to the Active Directory container for the target devices, after you configure it in Windows Defender Firewall with Advanced Security.
|
||||
ms.assetid: 746d4553-b1a6-4954-9770-a948926b1165
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
After you create the GPO and configure it with security group filters and WMI filters, you must link the GPO to the container in Active Directory that contains all of the target devices.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Mapping your implementation goals to a Windows Firewall with Advanced Security design (Windows 10)
|
||||
title: Mapping your implementation goals to a Windows Firewall with Advanced Security design (Windows)
|
||||
description: Mapping your implementation goals to a Windows Firewall with Advanced Security design
|
||||
ms.assetid: 7e68c59e-ba40-49c4-8e47-5de5d6b5eb22
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
After you finish reviewing the existing Windows Firewall with Advanced Security implementation goals and you determine which goals are important to your specific deployment, you can map those goals to a specific Windows Firewall with Advanced Security design.
|
||||
> [!IMPORTANT]
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Modify GPO Filters (Windows 10)
|
||||
title: Modify GPO Filters (Windows)
|
||||
description: Learn how to modify GPO filters to apply to a different zone or version of windows in Windows Defender Firewall with Advanced Security.
|
||||
ms.assetid: 24ede9ca-a501-4025-9020-1129e2cdde80
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
You must reconfigure your copied GPO so that it contains the correct security group and WMI filters for its new role. If you are creating the GPO for the isolated domain, use the [Block members of a group from applying a GPO](#to-block-members-of-a-group-from-applying-a-gpo) procedure to prevent members of the boundary and encryption zones from incorrectly applying the GPOs for the main isolated domain.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Open the Group Policy Management Console to IP Security Policies (Windows 10)
|
||||
title: Open the Group Policy Management Console to IP Security Policies (Windows)
|
||||
description: Learn how to open the Group Policy Management Console to IP Security Policies to configure GPOs for earlier versions of the Windows operating system.
|
||||
ms.assetid: 235f73e4-37b7-40f4-a35e-3e7238bbef43
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/08/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
Procedures in this guide that refer to GPOs for earlier versions of the Windows operating system instruct you to work with the IP Security Policy section in the Group Policy Management Console (GPMC).
|
||||
|
||||
|
||||
Reference in New Issue
Block a user