Windows Server 2008 R2 network security settings

  

For the general SME type, if you want to manage the enterprise network security, you don't have to pay a high price to buy professional firewall settings, directly rely on operating system
The firewall function that comes with it can meet the application of general enterprise. Today we will explore the powerful functions of the Windows 2008 R2 system firewall. Skilled application Windows
Built-in firewall, you first need to know the network location.

Network Locations

When connecting to the network for the first time, you must select a network location. This will automatically set the appropriate firewall and security settings for the type of network being connected. If a user is connected to the network in a different location (for example, a home, a local coffee shop, or an office), selecting a network location can help ensure that the user's computer is always set to the appropriate security level.

In Windows Server 2008, there are four network locations:

Home Network:

For home networks or when users recognize and trust individuals and devices on the network, Please select “Home Network”. Computers in the home network can belong to a family group. For home networks, "Network Discovery" is enabled, which allows users to view other computers and devices on the network and allow other network users to view the user's computer.

Work Network:

For small office networks or other workspace networks, select “Work Network”. By default, "Network Discovery" is enabled, which allows users to view other computers and devices on the network and allow other network users to view the user's computer, but users cannot create or join a home group.

Public Network:

Select "public network" for networks in public places (for example, coffee shops or airports). This location is designed to make the user's computer invisible to the surrounding computers and to help protect the computer from any malware from the Internet. Home groups are not available on the public network and network discovery is also disabled. This option should also be selected if the user is not directly connected to the Internet using a router or has a mobile broadband connection.

Domain Network:

“Domain" The network location is used for a domain network (such as a network in an enterprise workspace). This type of network location is controlled by the network administrator and cannot be selected or changed.

How Windows Firewall Affects Network Locations

When connecting to a network in a public place, the "public network" location prevents certain programs and services from running, which helps Protect your computer from unauthorized access. If you connect to "public network" and Windows Firewall is turned on, some programs or services may require users to allow them to communicate through the firewall in order for these programs or services to work.

After a user allows a program to communicate through a firewall, the program is also allowed to communicate for each network that has the same location as the one to which it is currently connected. For example, if a user connects to a network at a coffee shop and selects "public network" as the location and then removes the blocking of an instant messaging program, the program is blocked for all public networks to which it is connected. Will be lifted.

If you plan to unblock multiple programs when you connect to the public network, consider changing your network location to "Domestic" or "Work" network. From this point of view, this change may be more secure than affecting each public network to which the user is connected. But keep in mind that if this change is made, the user's computer will be visible to others on the network, which poses a security risk.

Basic Firewall Domain Settings

When we installed the system, the firewall function is enabled by default. In this case, as long as the network location is set, it will block other computers from this computer. Communication. To view the working status of the firewall, click System and Security in the Control Panel, open the Windows Firewall from it, and then you can see the status shown below:

If you want to turn it on or off Windows Firewall, just click on the left side "Open or close the firewall", then see the interface as shown below:

From this figure you can see for the private network The firewall function has been enabled on the home and work networks, and all incoming connections are blocked.

But in practical applications, you can't block all incoming connections. In this case, you can set the corresponding "white list" to release some connections by clicking the firewall. In the left side of the status screen, “Allow programs or functions to pass Windows Firewall”, the following interface appears:

Add a program to the list of allowed programs in the firewall or open one. When a firewall port is used, it allows specific programs to send or receive information between your computer and your computer. Allowing programs to communicate through a firewall (sometimes called “Unblocking) is like opening a hole in a firewall.

Each time you open a port or allow a program to communicate through a firewall, your computer's security is reduced. The more ports your firewall has allowed or open, the more opportunities hackers or malware use these channels to spread worms, access files, or use computers to spread malware to other computers.

Advanced Security Settings for Firewalls

The basic settings have been simple, but the functions are also simple. If you need to further set Windows Firewall rules, you need to pass the "Advanced Security Windows Firewall" function. . To open it, click on Advanced Security Windows Firewall in the Administrative Tools, or click Advanced Settings in the previous firewall state. As shown below, you can then see the interface shown on the right.

Copyright © Windows knowledge All Rights Reserved