Programming4us
         
 
 
Windows

Windows Vista: Windows Firewall Settings - Computer Connection Security Rules

1/5/2011 2:43:11 PM
Because the Internet is inherently insecure, businesses still need to preserve the privacy of data travelling over the network. IPSec creates a standard platform to develop secure networks and electronic tunnels between two machines. The two machines are known as endpoints. After the tunnel has been defined and both endpoints agree on the same parameters, the data will be encrypted on one end, encapsulated in a packet, and sent to the other endpoint (where the data is decrypted).

In Windows XP and Windows Server 2003, you configure the Windows Firewall and IPSec separately. Unfortunately, because both can block or allow incoming traffic, it is possible that the firewall and IPSec rules can conflict with each other. In Windows Vista, Windows Firewall with Advanced Security provides a single, simplified interface for managing both firewall filters and IPSec rules.

Windows Firewall with Advanced Security uses authentication rules to define IPSec policies. No authentication rules are defined by default. To create a new authentication rule, follow these steps:

1.
In Windows Firewall with Advanced Security, select the Computer Connection Security node.

2.
Right-click the Computer Connection Security node in the console tree, and then click New Rule to start the New Connection Security Rule Wizard.

3.
From the Rule Type page of the New Authentication Rule Wizard, you can select the following:

  • Isolation. Used to specify that computers are isolated from other computers based on membership in a common Active Directory domain or current health status. You must specify when you want authentication to occur (for example, for incoming or outgoing traffic and whether you want to require or only request protection), the authentication method for protected traffic, and a name for the rule.

  • Authentication exemption. Used to specify computers that do not have to authenticate or protect traffic by their IP addresses.

  • Server to server. Used to specify traffic protection between specific computers, typically servers. You must specify the set of endpoints that will exchange protected traffic by IP address, when you want authentication to occur, the authentication method for protected traffic, and a name for the rule.

  • Tunnel. Used to specify traffic protection that is tunneled, typically used when sending packets across the Internet between two security gateway computers. You must specify the tunnel endpoints by IP address, the authentication method, and a name for the rule.

  • Custom. Used to create a rule that does not specify a protection behavior. You would select this option when you want to manually configure a rule, perhaps based on advanced properties that cannot be configured through the pages of the New Authentication Rule Wizard. You must specify a name for the rule.

To configure advanced properties for the rule, follow these steps:

1.
Right-click the name of the rule, and then click Properties.

2.
From the Properties dialog box for a rule, you can configure settings on the following tabs:

  • General. The rule’s name and description and whether the rule is enabled.

  • Computers. The set of computers, by IP address, for which traffic is protected.

  • Authentication. When you want authentication for traffic protection to occur (for example, for incoming or outgoing traffic and whether you want to require or only request protection) and the authentication method for protected traffic.

  • Advanced. The profiles and types of interfaces to which the rule applies and IPSec tunneling behavior.
Other -----------------
- Windows7: Troubleshooting Networking from the Command Line (part 2)
- Windows7: Troubleshooting Networking from the Command Line (part 1)
- Windows7: General Solutions to Network Problems (part 2) - Updating the Router Firmware
- Windows7: General Solutions to Network Problems (part 1) - Turning On Network Discovery
- Windows 7: Troubleshooting Networking - Checking the Connection Status
- Windows 7: Troubleshooting Networking - Repairing a Network Connection
- Windows 7: Troubleshooting Startup Using the System Configuration Utility
- Windows 7: Troubleshooting Startup - Recovering Using the System Recovery Options
- Windows 7: Troubleshooting Startup - When to Use the Various Advanced Startup Options
- Windows Vista: Windows Firewall Settings - Advanced Configuration
- Windows Vista: Windows Firewall Settings - Basic Configuration
- Windows 7: Troubleshooting Device Problems (part 3)
- Windows 7: Troubleshooting Device Problems (part 2) - Displaying a List of Nonworking Devices
- Windows 7: Troubleshooting Device Problems (part 1) - Troubleshooting with Device Manager
- Windows 7: Working with Device Security Policies
- Windows Vista : Configuring Network Security - Windows Defender
- Windows 7: Managing Your Hardware with Device Manager (part 4) - Writing a Complete List of Device Drivers to a Text File
- Windows 7: Managing Your Hardware with Device Manager (part 3) - Configuring Windows to Ignore Unsigned Device Drivers
- Windows 7: Managing Your Hardware with Device Manager (part 2) - Working with Device Drivers
- Windows 7: Managing Your Hardware with Device Manager (part 1)
 
 
Most View
- Windows Azure: Building a Secure Backup System (part 5)
- iPhone 3D Programming : Vertices and Touch Points - Creating a Wireframe Viewer (part 2)
- The Art of SEO : Trending, Seasonality, and Seasonal Fluctuations in Keyword Demand
- jQuery 1.3 : DOM Manipulation - Moving elements
- Exchange Server 2007 : Manage Resource Mailboxes
- Windows 7 : Migrating the Existing User Data - Working with Windows Easy Transfer (part 2)
- SharePoint 2010 : Use Built-in Web Parts (part 4) - Use the Content Query Web Part in SharePoint Server
- What's New in SharePoint 2013 (part 7) - BCS
- Programming WCF Services : The Response Service (part 1) - Designing a Response Service Contract
- Exchange Server 2007: Examine Your Hardware Needs for Unified Messaging
Top 10
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 3) - Configuring Recipient Filtering
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 2)
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 1)
- Implementing Edge Services for an Exchange Server 2007 Environment : Installing and Configuring the Edge Transport Server Components
- What's New in SharePoint 2013 (part 7) - BCS
- What's New in SharePoint 2013 (part 6) - SEARCH
- What's New in SharePoint 2013 (part 6) - WEB CONTENT MANAGEMENT
- What's New in SharePoint 2013 (part 5) - ENTERPRISE CONTENT MANAGEMENT
- What's New in SharePoint 2013 (part 4) - WORKFLOWS
- What's New in SharePoint 2013 (part 3) - REMOTE EVENTS