mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-19 12:23:37 +00:00
Updated 21to40 files
This commit is contained in:
Meghana Athavale
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Create Rules for Standalone Isolated Server Zone Clients (Windows 10)
|
||||
title: Create Rules for Standalone Isolated Server Zone Clients (Windows)
|
||||
description: Checklist for when creating rules for clients of a Standalone Isolated Server Zone
|
||||
ms.assetid: 6a5e6478-add3-47e3-8221-972549e013f6
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This checklist includes tasks for configuring connection security rules and IPsec settings in the GPOs for client devices that must connect to servers in an isolated server zone.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Checklist Implementing a Basic Firewall Policy Design (Windows 10)
|
||||
title: Checklist Implementing a Basic Firewall Policy Design (Windows)
|
||||
description: Follow this parent checklist for implementing a basic firewall policy design to ensure successful implementation.
|
||||
ms.assetid: 6caf0c1e-ac72-4f9d-a986-978b77fbbaa3
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This parent checklist includes cross-reference links to important concepts about the basic firewall policy design. It also contains links to subordinate checklists that will help you complete the tasks that are required to implement this design.
|
||||
|
||||
@ -35,7 +36,7 @@ The procedures in this section use the Group Policy MMC snap-in interfaces to co
|
||||
| Task | Reference |
|
||||
| - | - |
|
||||
| Review important concepts and examples for the basic firewall policy design to determine if this design meets the needs of your organization. | [Identifying Your Windows Defender Firewall with Advanced Security Deployment Goals](identifying-your-windows-firewall-with-advanced-security-deployment-goals.md)<br/>[Basic Firewall Policy Design](basic-firewall-policy-design.md)<br/>[Firewall Policy Design Example](firewall-policy-design-example.md)<br/>[Planning Settings for a Basic Firewall Policy](planning-settings-for-a-basic-firewall-policy.md)|
|
||||
| Create the membership group and a GPO for each set of devices that require different firewall rules. Where GPOs will be similar, such as for Windows 10 and Windows Server 2016, create one GPO, configure it by using the tasks in this checklist, and then make a copy of the GPO for the other version of Windows. For example, create and configure the GPO for Windows 10, make a copy of it for Windows Server 2016, and then follow the steps in this checklist to make the few required changes to the copy. | [Checklist: Creating Group Policy Objects](checklist-creating-group-policy-objects.md)<br/>[Copy a GPO to Create a New GPO](copy-a-gpo-to-create-a-new-gpo.md)|
|
||||
| Create the membership group and a GPO for each set of devices that require different firewall rules. Where GPOs will be similar, such as for Windows 11, Windows 10, and Windows Server 2016, create one GPO, configure it by using the tasks in this checklist, and then make a copy of the GPO for the other version of Windows. For example, create and configure the GPO for Windows 10 or Windows 11, make a copy of it for Windows Server 2016, and then follow the steps in this checklist to make the few required changes to the copy. | [Checklist: Creating Group Policy Objects](checklist-creating-group-policy-objects.md)<br/>[Copy a GPO to Create a New GPO](copy-a-gpo-to-create-a-new-gpo.md)|
|
||||
| If you are working on a GPO that was copied from another, modify the group membership and WMI filters so that they are correct for the devices for which this GPO is intended.| [Modify GPO Filters to Apply to a Different Zone or Version of Windows](modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md)|
|
||||
| Configure the GPO with firewall default settings appropriate for your design.| [Checklist: Configuring Basic Firewall Settings](checklist-configuring-basic-firewall-settings.md)|
|
||||
| Create one or more inbound firewall rules to allow unsolicited inbound network traffic.| [Checklist: Creating Inbound Firewall Rules](checklist-creating-inbound-firewall-rules.md)|
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Checklist Implementing a Certificate-based Isolation Policy Design (Windows 10)
|
||||
title: Checklist Implementing a Certificate-based Isolation Policy Design (Windows)
|
||||
description: Use these references to learn about using certificates as an authentication option and configure a certificate-based isolation policy design.
|
||||
ms.assetid: 1e34b5ea-2e77-4598-a765-550418d33894
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This parent checklist includes cross-reference links to important concepts about using certificates as an authentication option in either a domain isolation or server isolation design.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Checklist Implementing a Domain Isolation Policy Design (Windows 10)
|
||||
title: Checklist Implementing a Domain Isolation Policy Design (Windows)
|
||||
description: Use these references to learn about the domain isolation policy design and links to other checklists to complete tasks require to implement this design.
|
||||
ms.assetid: 76586eb3-c13c-4d71-812f-76bff200fc20
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This parent checklist includes cross-reference links to important concepts about the domain isolation policy design. It also contains links to subordinate checklists that will help you complete the tasks that are required to implement this design.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Checklist Implementing a Standalone Server Isolation Policy Design (Windows 10)
|
||||
title: Checklist Implementing a Standalone Server Isolation Policy Design (Windows)
|
||||
description: Use these tasks to create a server isolation policy design that is not part of an isolated domain. See references to concepts and links to other checklists.
|
||||
ms.assetid: 50a997d8-f079-408c-8ac6-ecd02078ade3
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This checklist contains procedures for creating a server isolation policy design that is not part of an isolated domain. For the steps required to create an isolated server zone within an isolated domain, see [Checklist: Configuring Rules for an Isolated Server Zone](checklist-configuring-rules-for-an-isolated-server-zone.md).
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Configure Authentication Methods (Windows 10)
|
||||
title: Configure Authentication Methods (Windows)
|
||||
description: Learn how to configure authentication methods for devices in an isolated domain or standalone server zone in Windows Defender Firewall with Advanced Security.
|
||||
ms.assetid: 5fcdc523-617f-4233-9213-15fe19f4cd02
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This procedure shows you how to configure the authentication methods that can be used by computers in an isolated domain or standalone isolated server zone.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Configure Data Protection (Quick Mode) Settings (Windows 10)
|
||||
title: Configure Data Protection (Quick Mode) Settings (Windows)
|
||||
description: Learn how to configure the data protection settings for connection security rules in an isolated domain or a standalone isolated server zone.
|
||||
ms.assetid: fdcb1b36-e267-4be7-b842-5df9a067c9e0
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This procedure shows you how to configure the data protection (quick mode) settings for connection security rules in an isolated domain or a standalone isolated server zone.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Configure Group Policy to Autoenroll and Deploy Certificates (Windows 10)
|
||||
title: Configure Group Policy to Autoenroll and Deploy Certificates (Windows)
|
||||
description: Learn how to configure Group Policy to automatically enroll client computer certificates and deploy them to the workstations on your network.
|
||||
ms.assetid: faeb62b5-2cc3-42f7-bee5-53ba45d05c09
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
You can use this procedure to configure Group Policy to automatically enroll client computer certificates and deploy them to the workstations on your network. Follow this procedure for each GPO that contains IPsec connection security rules that require this certificate.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Configure Key Exchange (Main Mode) Settings (Windows 10)
|
||||
title: Configure Key Exchange (Main Mode) Settings (Windows)
|
||||
description: Learn how to configure the main mode key exchange settings used to secure the IPsec authentication traffic in Windows Defender Firewall with Advanced Security.
|
||||
ms.assetid: 5c593b6b-2cd9-43de-9b4e-95943fe82f52
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This procedure shows you how to configure the main mode key exchange settings used to secure the IPsec authentication traffic.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Configure the Rules to Require Encryption (Windows 10)
|
||||
title: Configure the Rules to Require Encryption (Windows)
|
||||
description: Learn how to configure rules to add encryption algorithms and delete the algorithm combinations that do not use encryption for zones that require encryption.
|
||||
ms.assetid: 07b7760f-3225-4b4b-b418-51787b0972a0
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Configure the Windows Defender Firewall Log (Windows 10)
|
||||
title: Configure the Windows Defender Firewall Log (Windows)
|
||||
description: Learn how to configure Windows Defender Firewall with Advanced Security to log dropped packets or successful connections by using Group Policy Management MMC.
|
||||
ms.assetid: f037113d-506b-44d3-b9c0-0b79d03e7d18
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
To configure Windows Defender Firewall with Advanced Security to log dropped packets or successful connections, use the Windows Defender Firewall with Advanced Security node in the Group Policy Management MMC snap-in.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Configure the Workstation Authentication Template (Windows 10)
|
||||
title: Configure the Workstation Authentication Template (Windows)
|
||||
description: Learn how to configure a workstation authentication certificate template, which is used for device certificates that are enrolled and deployed to workstations.
|
||||
ms.assetid: c3ac9960-6efc-47c1-bd69-d9d4bf84f7a6
|
||||
ms.reviewer:
|
||||
@ -11,7 +11,7 @@ ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: dansimp
|
||||
ms.date: 07/30/2018
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -19,7 +19,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
This procedure describes how to configure a certificate template that Active Directory Certification Services (AD CS) uses as the starting point for device certificates that are automatically enrolled and deployed to workstations in the domain. It shows how to create a copy of a template, and then configure the template according to your design requirements.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Configure Windows Defender Firewall with Advanced Security to Suppress Notifications When a Program is Blocked (Windows 10)
|
||||
title: Configure Windows Defender Firewall with Advanced Security to Suppress Notifications When a Program is Blocked (Windows)
|
||||
description: Configure Windows Defender Firewall with Advanced Security to suppress notifications when a program is Bbocked
|
||||
ms.assetid: b7665d1d-f4d2-4b5a-befc-8b6bd940f69b
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
To configure Windows Defender Firewall with Advanced Security to suppress the display of a notification when it blocks a program that tries to listen for network traffic and to prohibit locally defined rules, use the Windows Defender Firewall with Advanced Security node in the Group Policy Management console.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Confirm That Certificates Are Deployed Correctly (Windows 10)
|
||||
title: Confirm That Certificates Are Deployed Correctly (Windows)
|
||||
description: Learn how to confirm that a Group Policy is being applied as expected and that the certificates are being properly installed on the workstations.
|
||||
ms.assetid: de0c8dfe-16b0-4d3b-8e8f-9282f6a65eee
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
After configuring your certificates and autoenrollment in Group Policy, you can confirm that the policy is being applied as expected, and that the certificates are being properly installed on the workstation devices.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Copy a GPO to Create a New GPO (Windows 10)
|
||||
title: Copy a GPO to Create a New GPO (Windows)
|
||||
description: Learn how to make a copy of a GPO by using the Active Directory Users and devices MMC snap-in to create a GPO for boundary zone devices.
|
||||
ms.assetid: 7f6a23e5-4b3f-40d6-bf6d-7895558b1406
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
To create the GPO for the boundary zone devices, make a copy of the main domain isolation GPO, and then change the settings to request, instead of require, authentication. To make a copy of a GPO, use the Active Directory Users and devices MMC snap-in.
|
||||
|
||||
@ -56,4 +57,4 @@ To complete this procedure, you must be a member of the Domain Administrators gr
|
||||
|
||||
12. Type the name of the group that contains members of the boundary zone, for example **CG\_DOMISO\_Boundary**, and then click **OK**.
|
||||
|
||||
13. If required, change the WMI filter to one appropriate for the new GPO. For example, if the original GPO is for client devices running Windows 10, and the new boundary zone GPO is for devices running Windows Server 2016, then select a WMI filter that allows only those devices to read and apply the GPO.
|
||||
13. If required, change the WMI filter to one appropriate for the new GPO. For example, if the original GPO is for client devices running Windows 10 or Windows 11, and the new boundary zone GPO is for devices running Windows Server 2016, then select a WMI filter that allows only those devices to read and apply the GPO.
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Create a Group Account in Active Directory (Windows 10)
|
||||
title: Create a Group Account in Active Directory (Windows)
|
||||
description: Learn how to create a security group for the computers that are to receive Group Policy settings by using the Active Directory Users and Computers console.
|
||||
ms.assetid: c3700413-e02d-4d56-96b8-7991f97ae432
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
To create a security group to contain the computer accounts for the computers that are to receive a set of Group Policy settings, use the Active Directory Users and Computers console.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Create a Group Policy Object (Windows 10)
|
||||
title: Create a Group Policy Object (Windows)
|
||||
description: Learn how to use the Active Directory Users and Computers MMC snap-in to create a GPO. You must be a member of the Domain Administrators group.
|
||||
ms.assetid: 72a50dd7-5033-4d97-a5eb-0aff8a35cced
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
To create a new GPO, use the Active Directory Users and Computers MMC snap-in.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Create an Authentication Exemption List Rule (Windows 10)
|
||||
title: Create an Authentication Exemption List Rule (Windows)
|
||||
description: Learn how to create rules that exempt devices that cannot communicate by using IPSec from the authentication requirements of your isolation policies.
|
||||
ms.assetid: 8f6493f3-8527-462a-82c0-fd91a6cb5dd8
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
In almost any isolated server or isolated domain scenario, there are some devices or devices that cannot communicate by using IPsec. This procedure shows you how to create rules that exempt those devices from the authentication requirements of your isolation policies.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Create an Authentication Request Rule (Windows 10)
|
||||
title: Create an Authentication Request Rule (Windows)
|
||||
description: Create a new rule for Windows Defender Firewall with Advanced Security so devices on the network use IPsec protocols and methods before they can communicate.
|
||||
ms.assetid: 1296e048-039f-4d1a-aaf2-8472ad05e359
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to:**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
After you have configured IPsec algorithms and authentication methods, you can create the rule that requires the devices on the network to use those protocols and methods before they can communicate.
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
title: Create an Inbound ICMP Rule (Windows 10)
|
||||
title: Create an Inbound ICMP Rule (Windows)
|
||||
description: Learn how to allow inbound ICMP traffic by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security.
|
||||
ms.assetid: 267b940a-79d9-4322-b53b-81901e357344
|
||||
ms.reviewer:
|
||||
@ -14,7 +14,7 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.date: 08/17/2017
|
||||
ms.date: 09/07/2021
|
||||
ms.technology: mde
|
||||
---
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: mde
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows Server 2016 and above
|
||||
|
||||
To allow inbound Internet Control Message Protocol (ICMP) network traffic, use the Windows Defender Firewall with Advanced Security node in the Group Policy Management MMC snap-in to create firewall rules. This type of rule allows ICMP requests and responses to be sent and received by computers on the network.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user