Firewall Profiles

Applies To: Windows 7, Windows Server 2008

Understanding Windows Firewall with Advanced Security profiles

A firewall profile is a way of grouping settings, such as firewall rules and connection security rules, that are applied to the computer depending on where the computer is connected. On computers running this version of Windows , there are three profiles for Windows Firewall with Advanced Security. Only one profile is applied at a time.

The following profiles are available:

Profile Description

Domain

Applied when a computer is connected to a network in which the computer's domain account resides.

Private

Applied when a computer is connected to a network in which the computer's domain account does not reside, such as a home network. The private profile settings should be more restrictive than the domain profile settings.

Public

Applied when a computer is connected to a domain through a public network such as those available in airports and coffee shops. The public profile settings should be the most restrictive because the computer is connected to a public network where the security cannot be as tightly controlled as within an IT environment.

If you do not alter profile settings, their default values are applied whenever Windows Firewall with Advanced Security uses the profile. It is recommended that you enable Windows Firewall with Advanced Security for all three profiles.

You can configure these profiles by right-clicking the Windows Firewall with Advanced Security folder and clicking Properties. You can also access the properties from the Action menu, the Action pane, or the center pane, when the folder is highlighted.

Policies

All of the Windows Firewall with Advanced Security settings, including all three profiles, are combined into a policy. Policy files have the .wfw extension and can be imported and exported. When you import a policy, you will overwrite the current policy and the imported policy will be applied. You can import or export a policy by right-clicking the Windows Firewall with Advanced Security folder and clicking Import Policy or Export Policy. You can also select these actions from the Action menu or the Action pane.

These policies can be distributed on other computers manually or by importing the policy into a Group Policy object.

Additional references

Firewall Properties - Profiles and IPsec Settings

Windows Firewall with Advanced Security