Summary

Updated: December 7, 2009

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

Windows Firewall with Advanced Security is an important element in a defense-in-depth security strategy to help secure the computers in your organization, and help mitigate threats that either bypass your perimeter firewall or originate from within the network.

In this guide, you were introduced to the features of the Windows Firewall with Advanced Security included with Windows 7, Windows Vista, Windows Server 2008 R2, and Windows Server 2008:

  • You used Windows Firewall with Advanced Security to set up basic inbound and outbound firewall rules.

  • You created Group Policy objects that configure firewall settings on all the computers in a domain, and ensured that users cannot override those settings.

  • You created a set of basic domain isolation rules that restrict domain-member computers from accepting network traffic from computers that are not members of the domain.

  • You created connection security rules that isolate servers which store sensitive information, by restricting access to only computers that are members of approved groups.

  • You created firewall rules that enabled specific trusted computers to bypass firewall requirements.

  • Finally, you created tunnel mode connection security rules that caused network traffic destined for a certain network address to be protected by IPsec and then routed to a gateway server where it the packet is extracted and then forwarded to the destination computer.

We hope you found this document helpful. Your feedback is valuable and welcome! Please send your comments and suggestions to Windows Firewall with Advanced Security Documentation Feedback (wfasdoc@microsoft.com). The author of this guide will review your comments and use them to improve this documentation. Your e-mail address will not be saved or used for any other purposes.

Next topic: Additional References