Understanding Windows Firewall
Windows Firewall protects servers by blocking unauthorized network traffic. Proper configuration is critical for security.
Open Firewall Management
Two methods:
- GUI: Server Manager ? Tools ? Windows Defender Firewall with Advanced Security
- PowerShell:
New-NetFirewallRule
Block All Inbound by Default
Best practice: Block all inbound traffic, then allow only what's needed.
Allow RDP (Port 3389)
New-NetFirewallRule -DisplayName "Allow RDP" -Direction Inbound -Protocol TCP -LocalPort 3389 -Action AllowAllow HTTP/HTTPS for Web Server
New-NetFirewallRule -DisplayName "Allow HTTP" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow
New-NetFirewallRule -DisplayName "Allow HTTPS" -Direction Inbound -Protocol TCP -LocalPort 443 -Action AllowBlock Specific IP Address
New-NetFirewallRule -DisplayName "Block Suspicious IP" -Direction Inbound -RemoteAddress "192.168.1.100" -Action BlockAllow Traffic from Specific Subnet Only
New-NetFirewallRule -DisplayName "Internal Network Only" -Direction Inbound -RemoteAddress "10.0.0.0/8" -Action AllowView Existing Rules
Get-NetFirewallRule | Where-Object {$_.Enabled -eq "True"} | Select-Object DisplayName, Direction, ActionDelete a Rule
Remove-NetFirewallRule -DisplayName "Allow RDP"Security Best Practices
- Use specific ports, not port ranges
- Limit source IPs when possible
- Document all firewall rules
- Regularly review and remove unused rules
- Test rules before deploying to production
💬 Comments (0)
💬 Join the conversation!
Login or create a free account to comment and get IT tips delivered to your inbox.