Deploying Windows 2008 Firewall policy to promote domain security

A Windows Server 2008-based DC has a very large upgrade in terms of both functionality and security. At the same time, we know that Windows Server 2008 firewalls are also incredibly powerful. There is no doubt that deploying a firewall policy on a Windows Server 2008 DC can greatly enhance the security of the entire domain. The following author constructs the environment, unifies the example to carry on the firewall strategy deployment a demonstration.

1. Deploy firewall Policy on DC

(1). Configure Firewall Policy

Click "Start" to enter "Gpmc.msc" in the search field to open the Group Policy Management tool for GPMC. Expand the DC domain in order to locate the default Domain policy location in this domain, double-click to select the key, and then click "Action" → "edit" to enter the edit window for the domain policy. Click "Computer Configuration" → "Windows Settings" → "Security Settings" → "Windows Firewall with Advanced security", double-click to open " Windows Firewall Properties "You can see a preview of the firewall policy on the right, from which you can learn about the configuration status of Domain profile, Private profiles, and public profiling." (Figure 1)

Click on "Windows Firewall Properties" To open the Firewall Property window, by default, the firewall is not configured, all the requirements we need to set. Because we are configured for a domain firewall, we are positioned under the "Domain Profile" tab page. For example, we want to configure the firewall to prevent all internal connections to prevent network attacks, and allow all external connections, you can do this configuration: Open the firewall to set its status "Firewall state" to "on (recommended)", set "Inbound Connections "to block (default)", set "outbound connections" to "Allow (default)". (Figure 2)