Configuring windows 7 firewall (block all outbound)
Hi :
i am in the progress of configuring a windows 7 firewall policy in our enterprise . I am interesting in configuring a defualt block all outbound traffic ,and then allow specific ports for speific processes .
Is there is a guide to help in such configuration ? i.e a guide /article/blog that shows how to configure such policy to allow Directory access and domain authentication ,remote assistance , OCS client and live meeting ..basic stuff .. ??
ammarhasayen
July 29th, 2010 12:48am
Download wireshark, a sniffer that you can use to know the ports you should open for outbound client traffic. This sniffer allows you to see all the outbound packets and give you many informations about them. So, you can use it to see what a client computer
need as opened ports.
This is the link to download it (it is free): http://www.wireshark.org/
If you need other help, post and I will respond.
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post
does not actually answer your question. This can be beneficial to other community members reading the thread.
Best regards.
Free Windows Admin Tool Kit Click here and download it now
July 29th, 2010 1:09am
Thanks Malek alot for your response . im sure there is someone who did this exercies and have a paper listing the basic rules to be opened ( AD traffic, logon, ...) , the basic rules at least .I will use your recommened tool and get back to you .
Thanks againammarhasayen
July 29th, 2010 9:20pm
What you said is true but try to work with this tool and you will be able to determine alone the port used for each service. If you find any problems with my recommended tool, post it and I will help you.
Best regards.
Free Windows Admin Tool Kit Click here and download it now
July 29th, 2010 9:25pm
Hi ammarhasayen,
Here are some learning materials in TechNet for your reference:
Windows Firewall
Windows Firewall with Advanced Security and IPsec
Regards,
Linda
Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
July 30th, 2010 10:00am