How to Create a Windows Firewall Policy


How to / Nasıl yaparım:

 

1.   In the Configuration Manager console, click Assets and Compliance.

2.    In the Assets and Compliance workspace, expand Endpoint Protection, and then click Windows Firewall Policies.

3.    On the Home tab, in the Create group, click Create Firewall Policy.

4.    On the General page of the Create Firewall Policy Wizard, specify a name and an optional description for this firewall policy, and then click Next.

5.    On the Profile Settings page of the wizard, configure the following settings for each network profile:

Note

For more information about network profiles, see your Windows documentation.

     Enable Windows Firewall

Note

If Enable Windows Firewall is not enabled, the other settings on this page of the wizard will be unavailable.

     Block all incoming connections, including those in the list of allowed programs:

     Notify the user when firewall blocks a new program:

6.    On the Summary page of the wizard, review the actions to be taken, and then complete the wizard.

7.    Verify that the new Windows Firewall policy displays in the Windows Firewall Policies list.

 

To Deploy a Windows Firewall Policy

1.   In the Configuration Manager console, click Assets and Compliance.

2.    In the Assets and Compliance workspace, expand Endpoint Protection, and then click Windows Firewall Policies.

3.    In the Windows Firewall Policies list, select the Windows Firewall policy that you want to deploy.

4.    On the Home tab, in the Deployment group, click Deploy.

5.    In the Deploy Windows Firewall Policy dialog box, specify the collection that you want to assign this Windows Firewall policy to, and specify an assignment schedule. The Windows Firewall policy evaluates for compliance by using this schedule and the Windows Firewall settings on clients reconfigure to match the Windows Firewall policy.

6.    Click OK to close the Deploy Firewall Policy dialog box and to assign the Windows Firewall Policy.

Important

When you deploy a Windows Firewall Policy to a collection, this policy is applied to computers in a random order over a 2 hour period to avoid flooding the network.

 

 

Source: http://blogs.msdn.com/b/scstr/

Source: http://www.mycloud-tr.com/

İsmail Şen

 

Comments (1)

  1. As nifty as this feature is, it's rather pointless. You get so much more control with a GPO, and that appears to be the recommendation from MS. You can enable the firewall here, but with a GPO you can do all that as well as provide allowed ports/protocols/programs. This seems to be what most people thought they would see in this feature.

Skip to main content