Programming4us
         
 
 
Windows

Windows Vista: Windows Firewall Settings - Computer Connection Security Rules

1/5/2011 2:43:11 PM
Because the Internet is inherently insecure, businesses still need to preserve the privacy of data travelling over the network. IPSec creates a standard platform to develop secure networks and electronic tunnels between two machines. The two machines are known as endpoints. After the tunnel has been defined and both endpoints agree on the same parameters, the data will be encrypted on one end, encapsulated in a packet, and sent to the other endpoint (where the data is decrypted).

In Windows XP and Windows Server 2003, you configure the Windows Firewall and IPSec separately. Unfortunately, because both can block or allow incoming traffic, it is possible that the firewall and IPSec rules can conflict with each other. In Windows Vista, Windows Firewall with Advanced Security provides a single, simplified interface for managing both firewall filters and IPSec rules.

Windows Firewall with Advanced Security uses authentication rules to define IPSec policies. No authentication rules are defined by default. To create a new authentication rule, follow these steps:

1.
In Windows Firewall with Advanced Security, select the Computer Connection Security node.

2.
Right-click the Computer Connection Security node in the console tree, and then click New Rule to start the New Connection Security Rule Wizard.

3.
From the Rule Type page of the New Authentication Rule Wizard, you can select the following:

  • Isolation. Used to specify that computers are isolated from other computers based on membership in a common Active Directory domain or current health status. You must specify when you want authentication to occur (for example, for incoming or outgoing traffic and whether you want to require or only request protection), the authentication method for protected traffic, and a name for the rule.

  • Authentication exemption. Used to specify computers that do not have to authenticate or protect traffic by their IP addresses.

  • Server to server. Used to specify traffic protection between specific computers, typically servers. You must specify the set of endpoints that will exchange protected traffic by IP address, when you want authentication to occur, the authentication method for protected traffic, and a name for the rule.

  • Tunnel. Used to specify traffic protection that is tunneled, typically used when sending packets across the Internet between two security gateway computers. You must specify the tunnel endpoints by IP address, the authentication method, and a name for the rule.

  • Custom. Used to create a rule that does not specify a protection behavior. You would select this option when you want to manually configure a rule, perhaps based on advanced properties that cannot be configured through the pages of the New Authentication Rule Wizard. You must specify a name for the rule.

To configure advanced properties for the rule, follow these steps:

1.
Right-click the name of the rule, and then click Properties.

2.
From the Properties dialog box for a rule, you can configure settings on the following tabs:

  • General. The rule’s name and description and whether the rule is enabled.

  • Computers. The set of computers, by IP address, for which traffic is protected.

  • Authentication. When you want authentication for traffic protection to occur (for example, for incoming or outgoing traffic and whether you want to require or only request protection) and the authentication method for protected traffic.

  • Advanced. The profiles and types of interfaces to which the rule applies and IPSec tunneling behavior.
Other -----------------
- Windows7: Troubleshooting Networking from the Command Line (part 2)
- Windows7: Troubleshooting Networking from the Command Line (part 1)
- Windows7: General Solutions to Network Problems (part 2) - Updating the Router Firmware
- Windows7: General Solutions to Network Problems (part 1) - Turning On Network Discovery
- Windows 7: Troubleshooting Networking - Checking the Connection Status
- Windows 7: Troubleshooting Networking - Repairing a Network Connection
- Windows 7: Troubleshooting Startup Using the System Configuration Utility
- Windows 7: Troubleshooting Startup - Recovering Using the System Recovery Options
- Windows 7: Troubleshooting Startup - When to Use the Various Advanced Startup Options
- Windows Vista: Windows Firewall Settings - Advanced Configuration
- Windows Vista: Windows Firewall Settings - Basic Configuration
- Windows 7: Troubleshooting Device Problems (part 3)
- Windows 7: Troubleshooting Device Problems (part 2) - Displaying a List of Nonworking Devices
- Windows 7: Troubleshooting Device Problems (part 1) - Troubleshooting with Device Manager
- Windows 7: Working with Device Security Policies
- Windows Vista : Configuring Network Security - Windows Defender
- Windows 7: Managing Your Hardware with Device Manager (part 4) - Writing a Complete List of Device Drivers to a Text File
- Windows 7: Managing Your Hardware with Device Manager (part 3) - Configuring Windows to Ignore Unsigned Device Drivers
- Windows 7: Managing Your Hardware with Device Manager (part 2) - Working with Device Drivers
- Windows 7: Managing Your Hardware with Device Manager (part 1)
 
 
Most View
- Windows 7 : Managing a User Account - Limiting Computer Access
- ASP.NET Applications and the Web Server
- Administering SQL Server 2008 with PowerShell : Step-By-Step Examples (part 2) - Common OS-Related Tasks
- SharePoint Server 2010 Business Intelligence Platform (part 5) - PowerPivot
- SharePoint 2010 : Using Data Connection Libraries (part 1) - Connecting to Data Using Alternative Credentials & Configuring the Secure Store Service
- BizTalk Server 2009 : Identifying Standard Message Exchange Patterns (part 1) - Request/Response services
- Windows Server 2003 : Using IAS to Protect the Network from Bad Computers
- Active Directory Domain Services 2008: Disable the Directory Service Changes Auditing Subcategory
- Exchange Server 2010 : Designing and Implementing Message Classifications (part 2)
- Optimizing SQL Server for SharePoint 2010 (part 2) - Database Files and Their Location
Top 10
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 3) - Configuring Recipient Filtering
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 2)
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 1)
- Implementing Edge Services for an Exchange Server 2007 Environment : Installing and Configuring the Edge Transport Server Components
- What's New in SharePoint 2013 (part 7) - BCS
- What's New in SharePoint 2013 (part 6) - SEARCH
- What's New in SharePoint 2013 (part 6) - WEB CONTENT MANAGEMENT
- What's New in SharePoint 2013 (part 5) - ENTERPRISE CONTENT MANAGEMENT
- What's New in SharePoint 2013 (part 4) - WORKFLOWS
- What's New in SharePoint 2013 (part 3) - REMOTE EVENTS