System security has always been the top priority of LAN maintenance and management operations. One of the most commonly used methods to ensure the security of ordinary servers is to install network firewalls, professional anti-virus software and various anti-spyware tools. . However, each time relying on external forces to protect the security of the server system, it really makes the network administrator feel all kinds of inconvenience, after all, not every network administrator can afford a genuine network firewall, professional anti-virus software; in order to solve network management The confusion of this kind of staff, Windows Server 2008 system deliberately strengthens the built-in firewall function, the network administrator can access the user configuration interface with its own firewall directly from the control panel window as in Windows XP system, and can The advanced functions of the firewall are configured in the MMC console. Cleverly use the firewall program that comes with Windows Server 2008 system, we can effectively protect the security of the local server system!
Multiple ways to enter the firewall
Although starting from Windows XP system, Microsoft Corporation The firewall function has been built into the system, but the function of the firewall is very limited, often only provides one-way security protection, but can not provide two-way security protection, and the network administrator can only access the system's control panel window. Open the firewall program interface. In the Windows Server 2008 server system, the system's own firewall function has made great progress. The network administrator can access the user configuration interface with its own firewall directly from the control panel window as in the Windows XP system. The advanced functions of the built-in firewall can be configured from the MMC console as desired.
In the Windows Server 2008 server system, we can enter the Windows configuration interface of the firewall in two ways, but the contents of the two configuration interfaces are different; the firewall configuration interface from the system control panel window It belongs to the basic interface. This interface is often suitable for primary users. The firewall configuration interface that enters from the MMC console is an advanced interface. This interface is often suitable for advanced users. Advanced users can control the data inflow and outflow of the server system at any time. ability. In addition, friends who like to operate under the DOS command line can also configure the server system to have a firewall in the command line mode through the commands in the MS-DOS window, or use a security script to create a firewall in multiple server systems. Automatic configuration of parameters. Of course, like the firewall program in the old version of the system, we can also control the configuration of the server system firewall through the power of Group Policy. 1. Enter from the control panel
We know that the original system's own firewall program often only provides one-way protection for system security, which means that only the data flow into the server system can be intercepted and reviewed. It is not easy to appear due to improper configuration of firewall parameters, resulting in a decline in the security performance of the server system. In this initial configuration, we can open the basic configuration interface of the firewall through the control window of the server system. The following is the specific opening procedure:
First, in the Windows Server 2008 server system desktop, Click the “Start”/“Settings>;&&quoquo;Control Panel” command, in the pop-up system control panel window, find the Windows Firewall icon, and double-click the icon to open the basics of Windows Firewall. a configuration interface, shown in Figure 1; basic configuration
Figure 1 Windows firewall interface
Next, click & ldquo display region on the left side of the configuration interface; turned on or off Windows Firewall & rdquo; option, click on the "General" tab in the pop-up interface, open the label settings page shown in Figure 2, in this page we can directly select the "Enable" option to enable the server The system's own firewall function, you can also directly select the "Close" option to disable the system firewall function;
< Br>
Figure 2 Firewall Open Interface
When we enable the firewall function of the server system, by default, the firewall program will block all programs to access the external network at the same time, except in the "exceptions" ” Outside the options set in the tab page. Here, the "Block all incoming connections" option is actually a very useful option, especially if the local server system is on a less secure network, this option temporarily disables the "Exceptions" tab page. Any program or service set in the network accesses the network. Once the local server system is in a safer working environment, we cancel the selected state of the "Allow all incoming connections" option to restore the previous normal settings.
As with the old version of the system, in the basic settings of the built-in firewall under Windows Server 2008 server system, we can also set the programs that can directly access the network in the "Exceptions" tab page or service. We can remove the system firewall program's blocking of network access by clicking the “Add Program” and “Add Port” button to add programs or services that need to access the external network.
If there are multiple network connections in the local server system, we can also go to the Firewall's "Advanced" tab page and select the target network connection that needs to be protected by the firewall according to the actual situation. If you find that there are many parameters in the firewall that are not configured correctly, you can directly click the “Restore to Default” button in the “Advanced” tab to quickly cancel all parameter modification operations so that the system firewall can be The parameter settings are restored to the default state when the system was initially installed. 2, enter from the console
As we mentioned earlier, from the system control panel window we can only open the basic configuration interface of the server system firewall, to open the advanced security firewall configuration of the Windows Server 2008 server system The interface, we need to enter from the system's console window, the following is the specific steps:
First open the Windows Server 2008 server system & ldquo; start & rdquo; menu, click on the "run" & rdquo; Command, in the pop-up system run text box, enter the string command “mmc.exe”, click the Enter key to open the console window of the server system;
Secondly in the console window, Click the “File”/“Add/Remove Snap-in" option, select the Advanced Security Windows Firewall option in the subsequent interface, and click the “Add” button, then select “Local Computer&rdquo ;options, click the “Complete” button, and finally click the “OK” button so that we can see System Firewall Advanced Security Settings page up.
In the advanced security firewall configuration interface of the Windows Server 2008 server system, we can define a variety of different security configurations for the server system according to the actual working environment, and each configuration is relatively independent. For example, we can customize the security configuration suitable for the working environment of the local area network in the firewall advanced security settings page, customize the security configuration suitable for the point-to-point network in the home working environment, or customize the security suitable for the public network environment in public. Configuration. Therefore, when the Windows Server 2008 server system is located in the working environment of the unit LAN, we can almost shut down the firewall that comes with the server system, because basically all the LAN networks of the unit have a special firewall, and when the server system is in the public network environment, At that time, we need to play the role of the server system with a firewall in time, after all, in public, the server system is more likely to be illegally attacked.
Although the stability of the Windows 2000/XP system based on the NT architecture has b
You have implemented IPsec to protect communications within your corporate LAN. Although you have ca
Some netizens reflected a Windows Server 2003 server and installed IIS 6.0 components. When you manu
I. INTRODUCTION We envision a remote control solution: a company wants to place such an IIS Web serv
2000/XP can not delete the file solution
Windows Server 2008 Remote Desktop Management Implementation Tutorial
Setting up Security Server for Win Server 2003
How to add programs and Windows components in Win 2003
Win2008 Virtualization 64-bit virtual machine system installation
20 strokes to accelerate Windows 2003 operating system
Detailed Win2000 webpage can not be opened to solve
Win2008 forbidden Thunder download
Hyper2008 installation under Win2008 full installation version
How to modify Win10 user login name
Win10 system settings do not standby do not sleep method
Win7 wireless network connection limited solution
Linux ls command operation example summary
IIS under the 301 permanent redirection settings method
Is there a computer expert, I want to worship him (her) as a teacher
Win8 SMS support, geolocation and other new features exposure