Firewall filtering question
We'd like to deploy the windows 7 firewall and set it up in such a way that it prevents the workstations from talking to each other, ie. block incoming from specific IP ranges, only allow incoming from servers etc.
Is this possible? If so, any info or KB's about that?
Thanks!
May 17th, 2011 11:18am
We'd like to deploy the windows 7 firewall and set it up in such a way
that it prevents the workstations from talking to each other, ie.
block incoming from specific IP ranges, only allow incoming from
servers etc.
Well... you may just setup a GPO targeting the Windows 7 adv firewall
so that it will block connections which don't match a rule, then
configure
a rule to "allow all" toward the servers IPs while blocking traffic
going
to any other IP address; the same, for older O/S versions may be
achieved by setting up an IPSec policy which won't be used for any
kind of "encryption" but just to filter traffic
Free Windows Admin Tool Kit Click here and download it now
May 17th, 2011 11:54am
Sounds good, any available info on how to do that?
May 17th, 2011 12:02pm
> Sounds good, any available info on how to do that?
Hmm... what about ...
http://technet.microsoft.com/en-us/library/cc748991%28WS.10%29.aspx
http://technet.microsoft.com/en-us/library/deploy-ipsec-firewall-policies-step-by-step%28WS.10%29.aspx
and then, since we're at it...
http://support.microsoft.com/kb/813878
http://msdn.microsoft.com/en-us/library/ff648481.aspx
http://www.analogx.com/contents/articles/ipsec.htm
HTH
Free Windows Admin Tool Kit Click here and download it now
May 17th, 2011 12:47pm