Configuring Firewall

Overview

Configuring firewall is one of the most significant task of a system administrator. Firewall plays a vital role in securing the data from hackers. Desktop Central helps you to deploy customized firewall settings at ease. A firewall configuration in general, can be explained as a collection of Profiles/Rules. These Profiles/Rules, are applied on a computer to determine the permission for all inbound and outbound communication on specified ports. Using Desktop Central, you can create new configurations to deploy specific settings or modify the existing firewall settings, which were not applied using Desktop Central.

Understanding Windows Firewall Profiles

Before we start creating firewall configuration, let us know more about Windows Firewall Profiles. Every computer running Windows operating system, connects to internet/network via profiles. There are three profiles for Windows computers, they are

Understanding Rules

Rules are settings which provide advanced control for the system administrator. A rule is a policy, which can be forced over the profiles. Assume you create a profile for Domain and specify to block all inbound communication, you can still create a rule to add exception to the specified profile, and allow inbound communication to a specific port.

Desktop Central supports configuring firewall for computers running Windows XP and later versions.  

Follow the steps mentioned below to configure Firewall

  1. Windows Vista and later versions
  2. Windows XP and 2003 Server

Windows Vista and later versions

You should choose the profile to which you wanted to configure the firewall like Domain/Private/Public. You can also create a generic firewall configuration for all the profiles by selecting all. After specifying the profile, you will have to choose the Action, that needs to be performed on the firewall like,

    1. Do not Modify : Will not impact the existing firewall settings, if any are configured
    2. ON: Will turn on the Firewall for the target computer
    3. OFF: Firewall will be turned off for the target computer

If you have chosen to turn on the firewall, then you will have to specify the action for inbound and outbound communication separately.

Here are few examples for your reference:

  1. Profile All - Applies to all Domain, Private and Public profiles
    Action on Inbound : Allow
    Action on Outbound : Block
    In this case, all inbound connections will be allowed and all outbound connections will be restricted on the firewall.
  2. Profile Domain - Applies to computers, only when they are connected to a Domain Network
    Action on Inbound : Allow
    Action on Outbound : Block
    In this case,  all inbound connections will be allowed and all outbound connections will be restricted on the firewall.
  3. Profile Public - Applies to computers, only when they are connected to a Public Network
    Action on Inbound : Block
    Action on Outbound : Allow
    In this case,  all inbound communication will be blocked and outbound connections will be allowed on the firewall, when the computer is connected to a public network. However, if you have applied any specific rule, to exempt  inbound communication for a specific port, then the inbound communication will be allowed only the specified port .

You can create specific rules to exclude specific functions like inbound/outbound communication on specific ports.  When you create a rule, you will have to specify a name for the rule, and specify to which profile should this rule be applied, like Domain/Public/Private. You should also specify the port number/ protocol and the action to be performed as exception. You can create one or more rules for the same profile.

You can choose the target, specify the execution settings and deploy the configuration. You have successfully configured the firewall settings on computers running Windows Vista and later versions.

Windows XP and 2003 Server

If you wanted to configure Firewall on the computers running Windows XP, then ensure that Windows XP Service Pack 2 is installed on those computers.

You can choose the Action, that needs to be performed on the firewall like,

    1. Do not Modify : Will not impact the existing firewall settings, if any are configured
    2. ON: Will turn on the Firewall for the target computer
    3. OFF: Firewall will be turned off for the target computer

After specifying the Action on Firewall, you will have to specify the Action that needs to be performed on specific ports. You can choose the action that needs to be performed on the ports like,

    1. Do not Modify : Will not impact the existing settings, if any are configured
    2. Allow : All connections inbound/outbound will be allowed for the port, that you choose. You will have to choose/add the port/protocol and specify the dependent services if any.
    3. Block : All connections inbound/outbound will be blocked for the port, that you choose. You will have to choose/add the port/protocol and specify the dependent services if any.

You can choose the target, specify the execution settings and deploy the configuration. You have successfully configured the firewall settings on computers running Windows XP.

See Also: Managing Configurations and Collections, Viewing Configuration Reports, Defining Targets

 

 

Copyright © 2015, ZOHO Corp. All Rights Reserved.
ManageEngine