Friday, November 17, 2006

Using Group Policy to Configure Windows Firewall


I just recently decided to configure Windows Firewall through group policy. Why just now? well that was because I rolled out most of the XP operating systems with the Firewall configured during installation. Only recently did I discover people, programs whatever had made some changes.

So I decided to create a group policy for the firewall settings so I wouldn't have to walk around to everyones computers and set it up. You can change these policies to the local machine by opening up gepedit.msc or by using Active Directory Users and Computers then right click on your OU and then properties. Then you will be able to access the Group Policy Management Console by the Group policy tab and by clicking Open.

You can find the configuration under the Administrative Templates -> Network -> Network Connections -> Windows Firewall -> Domain Profile.

The different Settings include.
Protect all network connections
Do not allow exceptions
Define program exceptions
Allow local program exceptions
Allow remote administration exception
Allow file and printer sharing exception
Allow ICMP exceptions
Allow Remote Desktop exception
Allow UPnP framework exception
Prohibit notifications
Allow Logging
Prohibit unicast response to multicast or broadcast
Define port exceptions
Allow local port exceptions

These settings helped me keep consistent settings across the Domain.

No comments: