Shulou(Shulou.com)06/01 Report--

How to correctly set up the function of vista firewall to play a role, in view of this problem, this article introduces the corresponding analysis and answer in detail, hoping to help more partners who want to solve this problem to find a more simple and easy way.

First, use two interfaces to meet different needs

Vista Firewall has two independent graphical configuration interfaces: one is the basic configuration interface, which can be accessed through the Security Center and the Control Panel, and the other is the advanced configuration interface, which can be accessed as a plug-in after creating a custom MMC.

This prevents connection breaks caused by inadvertent changes by novice users, and provides a way for advanced users to customize firewall settings in more detail and control outbound and inbound traffic. Users can also use commands in the netsh advfirewall context to configure the Vista firewall from the command line, write scripts to automatically configure the firewall for a group of computers, and control the settings of the Vista firewall through group policy.

Second, security under the default settings

The Windows firewall in Vista is configured with security by default, while still supporting the best ease of use. By default, most inbound traffic is blocked and outbound connections are allowed. Vista Firewall works with Vista's new Windows service hardening feature, so if the firewall detects a behavior that is prohibited by Windows service hardening network rules, it blocks that behavior. The firewall also fully supports a pure ipv6 network environment.

III. Basic configuration options

Using the basic configuration interface, users can turn on or off the firewall, or set the firewall to completely block all programs You can also allow exceptions (you can specify which programs, services, or ports are not blocked) and specify the scope of each exception (whether it applies to traffic from all computers, including computers on the Internet, computers on Lans / subnets, or computers where you specify an IP address or subnet) You can also specify which connections you want the firewall to protect, and configure security logs and ICMP settings.

4. ICMP message blocking

By default, inbound ICMP echo requests can pass through the firewall, while all other ICMP information is blocked. This is because the Ping tool is used periodically to send echo request messages for troubleshooting. However, the hacker can also send an echo request message to lock the target host. Users can block echo request messages through the Advanced tab on the basic configuration interface.

5. Multiple firewall profiles

The Vista firewall with the advanced security MMC plug-in allows users to create multiple firewall profiles on their computers, so that different firewall configurations can be used for different environments. This is especially useful for portable computers. For example, when a user connects to a public wireless hotspot, a more secure configuration may be required than when connecting to a home network. Users can create up to three firewall profiles: one to connect to a Windows domain, one to connect to a private network, and another to connect to a public network.

VI. IPSec function

Through the advanced configuration interface, users can customize IPSec settings, specify security methods for encryption and integrity, determine whether the key life cycle is calculated by time or session, and select the desired Diffie-Hellman key exchange algorithm. By default, data encryption for IPSec connections is disabled, but you can enable it and choose which algorithms are used for data encryption and integrity.

VII. Safety rules

Through the wizard program, users can gradually create security rules to control how and when secure connections are established between a single computer or a group of computers, or to restrict connections according to criteria such as domain members or security conditions. however, the specified computer may not meet the connection verification requirements. You can also create rules that require authentication when two specific computers (server-to-server) connect, or use tunnel rules to verify connections between gateways.

VIII. Custom verification rules

When creating custom validation rules, specify a single computer or a group of computers (through an IP address or address range) to be the connection endpoint. Users can request or require authentication of inbound connections, outbound connections, or both.

IX. Inbound and outbound rules

Users can create inbound and outbound rules to block or allow specific programs or ports to connect; they can use preset rules or create custom rules. The New Rule Wizard can help users step through the steps of creating rules. Users can apply rules to a group of programs, ports, or services, or to all programs or to a particular program. A software can block all connections, allow all connections, or only allow secure connections, and require encryption to protect data sent over that connection; source IP and destination IP addresses can be configured for inbound and outbound traffic, as well as rules for source TCP and UDP ports and destination TCP and UPD ports.

Rules based on active Directory

Users can create rules to block or allow connections based on active Directory users, computers, or group accounts, as long as connections are secured through IPSec with Kerberos v5 (containing active Directory account information). Users can also enforce network access protection (NAP) policies using the Windows firewall with advanced security features.

Windows Meeting Space (WMS) is a new program built into Windows Vista that makes it easy for up to 10 collaborators to share desktops, files, and presentations and send personal messages to each other over the network.

This is the answer to the question on how to correctly set up the vista firewall to work. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel to learn more about it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.