Project 9-1: Exploring the Advanced Settings of Windows Firewall
Required: 15 minutes
Examine the advanced settings of Windows Firewall.
The Windows Firewall in Windows 7 and Windows Server 2008 R2 has
three profiles. From most restrictive to least restrictive, they are
Public, Private, and Domain. Only one profile can be active at a
time. The Windows Firewall has two interfaces: The interface in the
Control Panel is appropriate for inexperienced users, and the
advanced settings are appropriate for experienced users and technical
If you completed the Chapter 1 hands-on projects, you installed
ZoneAlarm on your Windows 7 system. Log on to the Windows 7 system,
click Start, click Control Panel, click Programs and Features, and
Click Start, click Control Panel, click the View by list box in the
upper-right corner, and click Small icons. Click Windows Firewall.
Log on to the Windows Server 2008 system, and repeat Step 2 to open
On both computers, the Domain networks profile should be listed as
connected. The section should be expanded and show that the Windows
Firewall is on and that the Active domain network is your domain.
Your results should be similar to those in Figure 9-10.
On both computers, click Advanced settings. As usual, when attempting
administrative tasks in Windows 7, you need to provide domain
administrator credentials when prompted.
The Overview section of the Windows Firewall with Advanced Security
window should show that the Domain profile is active. The Private and
Public profiles show that Windows Firewall is on, but these profiles
are not active. In the middle frame, scroll down and click Windows
Firewall Properties. Here, the first three tabs allow you to
customize settings for each of the three profiles. On the Domain
Profile tab, click the Customize button in the Settings section. In
the Firewall settings section, select Yes from the Display a
notification list box, and click OK. In the Logging section, click
Customize. Note the location of the firewall log. Click Start, click
Computer, and find the folder on the C: drive that holds the log
files. The folder should be empty.
Return to the Customize Logging Settings for the Domain Profile
window, set both the Log dropped packets and Log successful
connections list boxes to Yes, and click OK. Click OK again in the
In the left frame of the Windows Firewall with Advanced Security
window, click Inbound Rules. Compare the differences between the
rules listed in Windows Server 2008 and Windows 7. Double-click an
inbound rule in the middle pane that is labeled with a green
checkmark; notice that the Enabled box is checked. Click Cancel, and
then double-click an inbound rule labeled with a gray icon; note that
the Enabled box is not checked. Click Cancel.
Leave your systems running for the next project
Let’s block ads! (Why?)