10 precautions for using the Vista Firewall

Source: Internet
Author: User

Microsoft has made significant changes to the Windows Firewall in Vista, enhancing security, making it easier for advanced users to configure and customize, while retaining the simplicity required by new users.
I. Use two interfaces to meet different needs

Vista Firewall has two independent graphical configuration interfaces: one is the basic configuration interface, which can be accessed through the "Security Center" and "Control Panel", and the other is the advanced configuration interface, after creating a custom MMC, you can use it as a plug-in for access. This prevents connection interruptions caused by unintentional changes by new users. It also provides a way for advanced users to customize firewall settings and control outbound and inbound traffic. You can also use commands in the context of netsh advfirewall to configure the Vista Firewall from the command line. You can also write scripts to automatically configure the firewall for a group of computers; you can also control the settings of the Vista Firewall through group policies.

Ii. Security Under default settings

Windows Firewall in Vista uses security configuration by default, while still supporting the best ease of use. By default, most inbound traffic is blocked and outbound connections are allowed. Vista Firewall can work with Vista's new Windows Service reinforcement function, so if the firewall detects behavior prohibited by Windows Service reinforcement network rules, it will block this behavior. The firewall also fully supports the IPv6-only network environment.

III. Basic configuration options

On the basic configuration page, you can start or close the firewall, or set the firewall to block all programs completely. You can also allow exceptions (you can specify which programs, services, or ports are not blocked ), specify the range for each exception (whether it is applicable to traffic from all computers, including computers on the Internet, computers on the LAN/subnet, or computers on the IP address or subnet you specify ); you can also specify which connections you want the firewall to protect and configure security logs and ICMP settings.

Iv. ICMP message Blocking

By default, inbound ICMP response requests can pass through the firewall, while all other ICMP information is blocked. This is because the Ping tool regularly sends response request messages for troubleshooting. However, hackers can also send a response message to lock the target host. You can use the "advanced" tab on the basic configuration interface to block the Response Message.

5. Multiple Firewall Configuration Files

The Vista Firewall with advanced security MMC plug-in allows you to create multiple firewall configuration files on your computer, so that you can use different firewall configurations for different environments. This is especially useful for portable computers. For example, when a user connects to a public wireless hotspot, it may require a safer configuration than when the user connects to a home network. You can create up to three firewall configuration files: one for connecting to the Windows domain, one for connecting to the private network, and the other for connecting to the public network.

Vi. IPSec Functions

Through the advanced configuration interface, you can customize IPSec settings to specify the security methods used for encryption and integrity, determine whether the key lifecycle is calculated by time or by session, select the Diffie-Hellman Key Exchange algorithm. By default, the data encryption function of the IPSec connection is disabled, but you can enable it and select which algorithms are used for data encryption and integrity.

VII. Security Rules

Through the wizard, you can gradually create security rules to control how and when a secure connection is established between a single computer or a group of computers; you can also restrict connections based on criteria such as domain members or security conditions, but allow the specified computer to not meet connection verification requirements. You can also create rules, verify the connection between two specified computers (servers to servers) or verify the connection between gateways using tunneling rules.

8. Custom verification rules

When creating a custom verification rule, you must specify a single computer or a group of computers (by IP address or address range) as the connection endpoint. You can request or request to verify the inbound connection, outbound connection, or both.

9. Inbound and Outbound rules

You can create inbound and outbound rules to block or allow connections to specific programs or ports. You can use pre-configured rules or create custom rules, the "New Rule wizard" can help you gradually create rules. You can apply rules to a group of programs, ports, or services, or apply rules to all programs or a specific program; A software can block all connections, allow all connections, or only allow secure connections, and require encryption to protect the security of data sent through the connection; you can configure source IP addresses and destination IP addresses for inbound and outbound traffic, and configure rules for source TCP and UDP ports and destination TCP and UPD ports.

10. Rules Based on Active Directory

You can create rules to block or allow connections Based on Active Directory users, computers, or group accounts, as long as the connections are protected by IPSec with Kerberos v5 (including Active Directory account information. You can also use Windows Firewall with advanced security features to execute network access protection (NAP) policies.

Windows Meeting Space (WMS) is a new built-in program for Windows Vista. It allows up to 10 collaborators to share desktops, files, and presentations, and send personal messages to each other over the network.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.