deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-17 15:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/security/threat-protection/windows-firewall/TOC.md
Benny Shilpa 0fd13c3bd8
Update TOC.md
2020-12-18 12:33:36 +05:30

9.6 KiB
Raw Blame History

Windows Firewall with Advanced Security

Plan deployment

Design guide

Design process

Implementation goals

Identify implementation goals

Protect devices from unwanted network traffic

Restrict access to only trusted devices

Require encryption

Restrict access

Implementation designs

Mapping goals to a design

Basic firewall design

Basic firewall design example

Domain isolation design

Domain isolation design example

Server isolation design

Server Isolation design example

Certificate-based isolation design

Certificate-based Isolation design example

Design planning

Planning your design

Planning settings for a basic firewall policy

Planning domain isolation zones

Domain isolation zones
Exemption list
Isolated domain
Boundary zone
Encryption zone

Planning server isolation zones

Planning certificate-based authentication

Documenting the Zones
Planning group policy deployment for your isolation zones
Planning isolation groups for the zones
Planning network access groups
Planning the GPOs

####### Firewall GPOs ######## GPO_DOMISO_Firewall ####### Isolated domain GPOs ######## GPO_DOMISO_IsolatedDomain_Clients ######## GPO_DOMISO_IsolatedDomain_Servers ####### Boundary zone GPOs ######## GPO_DOMISO_Boundary ####### Encryption zone GPOs ######## GPO_DOMISO_Encryption ####### Server isolation GPOs

Planning GPO deployment

Planning to deploy

Deployment guide

Deployment overview

Implementing your plan

Basic firewall deployment

Checklist: Implementing a basic firewall policy design

Domain isolation deployment

Checklist: Implementing a Domain Isolation Policy Design

Server isolation deployment

Checklist: Implementing a Standalone Server Isolation Policy Design

Certificate-based authentication

Checklist: Implementing a Certificate-based Isolation Policy Design

Best practices

Configuring the firewall

Securing IPsec

PowerShell

Isolating Microsoft Store Apps on Your Network

How-to

Add Production devices to the membership group for a zone

Add test devices to the membership group for a zone

Assign security group filters to the GPO

Change rules from request to require mode

Configure authentication methods

Configure data protection (Quick Mode) settings

Configure Group Policy to autoenroll and deploy certificates

Configure key exchange (main mode) settings

Configure the rules to require encryption

Configure the Windows Firewall log

Configure the workstation authentication certificate template

Configure Windows Firewall to suppress notifications when a program is blocked

Confirm that certificates are deployed correctly

Copy a GPO to create a new GPO

Create a Group Account in Active Directory

Create a Group Policy Object

Create an authentication exemption list rule

Create an authentication request rule

Create an inbound ICMP rule

Create an inbound port rule

Create an inbound program or service rule

Create an outbound port rule

Create an outbound program or service rule

Create inbound rules to support RPC

Create WMI filters for the GPO

Create Windows Firewall rules in Intune

Enable predefined inbound rules

Enable predefined outbound rules

Exempt ICMP from authentication

Link the GPO to the domain

Modify GPO filters

Open IP security policies

Open Group Policy

Open Group Policy

Open Windows Firewall

Restrict server access

Enable Windows Firewall

Verify Network Traffic

References

Checklist: Creating Group Policy objects

Checklist: Creating inbound firewall rules

Checklist: Creating outbound firewall rules

Checklist: Configuring basic firewall settings

Checklist: Configuring rules for the isolated domain

Checklist: Configuring rules for the boundary zone

Checklist: Configuring rules for the encryption zone

Checklist: Configuring rules for an isolated server zone

Checklist: Configuring rules for servers in a standalone isolated server zone

Checklist: Creating rules for clients of a standalone isolated server zone

Appendix A: Sample GPO template files for settings used in this guide

Troubleshooting

Troubleshooting UWP app connectivity issues in Windows Firewall

Filter origin audit log improvements

Quarantine behavior

Firewall settings lost on upgrade