mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-16 19:03:46 +00:00
freshness review
This commit is contained in:
Paolo Matarazzo
@ -2,7 +2,7 @@
|
||||
title: Configure Windows Firewall logging
|
||||
description: Learn how to configure Windows Firewall to log dropped packets or successful connections with CSP and group policy.
|
||||
ms.topic: how-to
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
---
|
||||
|
||||
# Configure Windows Firewall logging
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
---
|
||||
title: Manage Windows Firewall with the command line
|
||||
title: Manage Windows Firewall With the Command Line
|
||||
description: Learn how to manage Windows Firewall from the command line. This guide provides examples how to manage Windows Firewall with PowerShell and Netsh.
|
||||
ms.topic: how-to
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
---
|
||||
|
||||
# Manage Windows Firewall with the command line
|
||||
@ -53,7 +53,7 @@ netsh advfirewall set allprofiles logging filename %SystemRoot%\System32\LogFile
|
||||
|
||||
### Disable Windows Firewall
|
||||
|
||||
Microsoft recommends that you don't disable Windows Firewall because you lose other benefits, such as the ability to use Internet Protocol security (IPsec) connection security rules, network protection from attacks that employ network fingerprinting, Windows Service Hardening, and [boot time filters][BTF]. Non-Microsoft firewall software can programmatically disable only the [rule types][FWRC] of Windows Firewall that need to be disabled for compatibility. You shouldn't disable the firewall yourself for this purpose.
|
||||
Microsoft recommends that you don't disable Windows Firewall because you lose other benefits, such as the ability to use Internet Protocol security (IPsec) connection security rules, network protection from attacks that employ network fingerprinting, Windows Service Hardening, and [boot time filters][BTF]. Non-Microsoft firewall software can programmatically disable only the [rule types][FWRC] of Windows Firewall that need to be disabled for compatibility. You shouldn't disable the firewall yourself for this purpose.
|
||||
If disabling Windows Firewall is required, don't disable it by stopping the Windows Firewall service (in the Services snap-in, the display name is Windows Defender Firewall and the service name is MpsSvc). Stopping the Windows Firewall service isn't supported by Microsoft and can cause problems, including:
|
||||
|
||||
- Start menu can stop working
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
---
|
||||
title: Configure firewall rules with group policy
|
||||
title: Configure Firewall Rules With Group Policy
|
||||
description: Learn how to configure firewall rules using group policy with the Windows Firewall with Advanced Security console.
|
||||
ms.topic: how-to
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
---
|
||||
|
||||
# Configure rules with group policy
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
---
|
||||
title: Windows Firewall dynamic keywords
|
||||
title: Windows Firewall Dynamic Keywords
|
||||
description: Learn about Windows Firewall dynamic keywords and how to configure it using Windows PowerShell.
|
||||
ms.topic: how-to
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
---
|
||||
|
||||
# Windows Firewall dynamic keywords
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
---
|
||||
title: Filter origin audit log
|
||||
title: Filter Origin Audit Log
|
||||
description: Learn about Windows Firewall and filter origin audit log to troubleshoot packet drops.
|
||||
ms.topic: troubleshooting
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
---
|
||||
|
||||
# Filter origin audit log
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
---
|
||||
title: Hyper-V firewall
|
||||
title: Hyper-V Firewall
|
||||
description: Learn how to configure Hyper-V firewall rules and settings using PowerShell or Configuration Service Provider (CSP).
|
||||
ms.topic: how-to
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
appliesto:
|
||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
|
||||
---
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
---
|
||||
title: Windows Firewall overview
|
||||
title: Windows Firewall Overview
|
||||
description: Learn overview information about the Windows Firewall security feature.
|
||||
ms.topic: overview
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
---
|
||||
|
||||
# Windows Firewall overview
|
||||
@ -75,7 +75,7 @@ The *public network* profile is designed with higher security in mind for public
|
||||
|
||||
## Disable Windows Firewall
|
||||
|
||||
Microsoft recommends that you don't disable Windows Firewall because you lose other benefits, such as the ability to use Internet Protocol security (IPsec) connection security rules, network protection from attacks that employ network fingerprinting, Windows Service Hardening, and [boot time filters][BTF]. Non-Microsoft firewall software can programmatically disable only the [rule types][FWRC] of Windows Firewall that need to be disabled for compatibility. You shouldn't disable the firewall yourself for this purpose.
|
||||
Microsoft recommends that you don't disable Windows Firewall because you lose other benefits, such as the ability to use Internet Protocol security (IPsec) connection security rules, network protection from attacks that employ network fingerprinting, Windows Service Hardening, and [boot time filters][BTF]. Non-Microsoft firewall software can programmatically disable only the [rule types][FWRC] of Windows Firewall that need to be disabled for compatibility. You shouldn't disable the firewall yourself for this purpose.
|
||||
If disabling Windows Firewall is required, don't disable it by stopping the Windows Firewall service (in the Services snap-in, the display name is Windows Defender Firewall and the service name is MpsSvc). Stopping the Windows Firewall service isn't supported by Microsoft and can cause problems, including:
|
||||
|
||||
- Start menu can stop working
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
---
|
||||
title: Quarantine behavior
|
||||
title: Quarantine Behavior
|
||||
description: Learn about Windows Firewall and the quarantine feature behavior.
|
||||
ms.topic: concept-article
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
---
|
||||
|
||||
# Quarantine behavior
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Windows Firewall rules
|
||||
title: Windows Firewall Rules
|
||||
description: Learn about Windows Firewall rules and design recommendations.
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
ms.topic: concept-article
|
||||
---
|
||||
|
||||
@ -21,7 +21,7 @@ In many cases, allowing specific types of inbound traffic is required for applic
|
||||
|
||||
Because of 1 and 2, when designing a set of policies, you should make sure that there are no other explicit block rules that could inadvertently overlap, thus preventing the traffic flow you wish to allow.
|
||||
|
||||
Outbound rules follow the same precedence behaviors.
|
||||
Outbound rules follow the same precedence behaviors.
|
||||
|
||||
> [!NOTE]
|
||||
> Windows Firewall doesn't support weighted, administrator-assigned rule ordering. An effective policy set with expected behaviors can be created by keeping in mind the few, consistent, and logical rule behaviors as described.
|
||||
@ -33,12 +33,12 @@ When first installed, network applications and services issue a *listen call* sp
|
||||
:::row:::
|
||||
:::column span="2":::
|
||||
If there's no active application or administrator-defined allow rule(s), a dialog box prompts the user to either allow or block an application's packets the first time the app is launched or tries to communicate in the network:
|
||||
|
||||
|
||||
- If the user has admin permissions, they're prompted. If they respond *No* or cancel the prompt, block rules are created. Two rules are typically created, one each for TCP and UDP traffic
|
||||
- If the user isn't a local admin and they are prompted, block rules are created. It doesn't matter what option is selected
|
||||
|
||||
To disable the notification prompt, you can use the [command line](/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line) or the **Windows Firewall with Advanced Security** console
|
||||
|
||||
|
||||
:::column-end:::
|
||||
:::column span="2":::
|
||||
:::image type="content" source="images/uac.png" alt-text="Screenshot showing the User Account Control (UAC) prompt to allow Microsoft Teams." border="false":::
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Windows Firewall tools
|
||||
title: Windows Firewall Tools
|
||||
description: Learn about the available tools to configure Windows Firewall and firewall rules.
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
ms.topic: best-practice
|
||||
---
|
||||
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: Troubleshooting UWP App Connectivity Issues in Windows Firewall
|
||||
description: Troubleshooting UWP App Connectivity Issues in Windows Firewall
|
||||
ms.topic: troubleshooting
|
||||
ms.date: 09/06/2024
|
||||
ms.date: 04/07/2025
|
||||
---
|
||||
|
||||
# Troubleshooting UWP App Connectivity Issues
|
||||
|
||||
Reference in New Issue
Block a user