I have searched all over the web for this, and can find no answer... All three of these operating systems have the same problem: they can have duplicate entries in their firewalls. Is there a way to automatically clean these up? Is each network packet coming through to the firewall being examined by each and every duplicate rule? Let's say someone had 100,000 duplicates. Examining each packet 100,000 times would significantly impact a server's network throughput. This question has been asked before, but was never fully answered. Could someone from Microsoft please address this? Here is the link to the previous question that was asked: http://social.technet.microsoft.com/Forums/en-US/windowsserver2008r2networking/thread/915488db-420d-4358-b694-54bad9e049e4

Hi, Why are there so many duplicate rules enabled in the Firewall? I am afraid that there is no tool to automatically delete duplicate rule. You may use the Filters or export the rules to an Excel file to clean up the firewall rules. In addition, the following are some best practices for your reference: http://technet.microsoft.com/en-us/library/cc759479(WS.10).aspx http://technet.microsoft.com/en-us/library/cc995156.aspx Hope it is helpful for your work. This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, I am afraid that there is no tool to automatically delete duplicate rule. You may use the Filters or export the rules to an Excel file to clean up the firewall rules. In addition, the following are some best practices for your reference: http://technet.microsoft.com/en-us/library/cc759479(WS.10).aspx http://technet.microsoft.com/en-us/library/cc995156.aspx Hope it is helpful for your work. This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Thank you for the reply. Unfortunately, in our environment, we have to individually control each server's firewall. We are looking into further automating setup (currently using .wfw files), but the issue of duplicate rules arose, which is problematic. I just wish I knew why duplicate rules are even allowed. Also, it looks like SCW is only for the Server 2003 firewalls, so that's a no-go.