Windows® Firewall with Advanced Security is a stateful, host-based firewall that blocks incoming and outgoing connections based on its configuration. While typical end-user configuration of Windows Firewall still takes place through the Windows Firewall Control Panel tool, advanced configuration now takes place in a Microsoft® Management Control (MMC) snap-in named Windows Firewall with Advanced Security. The inclusion of this snap-in not only provides an interface for configuring Windows Firewall locally but also for configuring Windows Firewall on remote computers and via Group Policy.
Firewall functions are now integrated with IPsec (Internet Protocol security) protection settings, reducing the possibility of conflict between the two protection mechanisms. Windows Firewall with Advanced Security supports separate profiles for when computers are domain-joined or connected to a private or public network. It also supports the creation of rules for enforcing server and domain isolation policies. Windows Firewall with Advanced Security supports more granular rules, including Microsoft Active Directory® users and groups, source and destination Internet Protocol (IP) addresses, IP port number, ICMP settings, IPsec settings, specific types of interfaces, services, and more.
This document covers Windows Firewall with Advanced Security in Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008.