Share via


Overview of Windows Firewall with Advanced Security

Applies To: Windows Server 2008 R2

What is Windows Firewall with Advanced Security?

Windows Firewall with Advanced Security combines a host firewall and Internet Protocol security (IPsec). Unlike a perimeter firewall, Windows Firewall with Advanced Security runs on each computer running this version of Windows and provides local protection from network attacks that might pass through your perimeter network or originate inside your organization. It also provides computer-to-computer connection security by allowing you to require authentication and data protection for communications.

Important

Windows Firewall with Advanced Security is designed for use by IT administrators who need to manage network security in an enterprise environment. It is not intended for use in home networks. Home users should consider using the Windows Firewall program available in Control Panel instead.

Windows Firewall with Advanced Security is a stateful firewall that inspects and filters all packets for IP version 4 (IPv4) and IP version 6 (IPv6) traffic. In this context, filter means to allow or block network traffic by processing it through administrator-defined rules. By default, incoming traffic is blocked unless it is a response to a request by the host (solicited traffic) or it is specifically allowed (that is, a firewall rule has been created to allow the traffic). You can configure Windows Firewall with Advanced Security to explicitly allow traffic by specifying a port number, application name, service name, or other criteria.

Windows Firewall with Advanced Security also allows you to request or require that computers authenticate each other before communicating, and to require the use of data integrity or data encryption when communicating.

For more information, see Overview of Windows Firewall with Advanced Security (https://go.microsoft.com/fwlink/?linkid=137800) in the TechNet Library.