There are at least two ways of controlling the Windows 8 firewall with
Group Policies; my first choice would be to go to the Windows Settings, Security Settings
folder.
When it comes to firewall GPOs the old saying, 'go slowly, I am in a
hurry' springs to mind. However, if you know what you want, and have a plan,
then you can configure these firewall group policy settings to produce a
most satisfyingly result.
Methods for Disabling a Firewall with a Group Policy
The most sure-footed method of getting this bunch of policies working, is to open
the Control Panel on the Firewall page; then as you make your selections with Gpedit.msc,
so you can see changes in the Cpanel window.
Later you can reproduce these settings in the GPMC
and thus apply them to all your users.
Computer Configuration ... Windows Settings [Key folder] ..... Windows
Firewall Advanced Security
Windows Firewall Properties
Simply click on the Windows Firewall and Advanced Security and this will
display all the settings that you see in the Control Panel.
The key difference with using Gpedit (or GPMC) is that local users, even
those with administrative rights, cannot change the firewall settings.
If you want to disable the firewall the crucial step is to click on: Windows Firewall
Properties. See screenshot to the right.
The secret of mastering these policies is to watch what happens in the Control Panel
window as you configure the drop-down menus on each Profile
tab. The reason that harp on about this comparison technique is that
there are 3 possible firewalls, Domain, Private and Public, and you can
configure each independently.
Understanding the three options for Firewall state:
Setting the state to 'Off' disables the Windows 8 firewall, this group
policy also means that the local administrator cannot over-ride the policy,
and turn it on. Equally, if you set the policy to 'On (recommended)'
then the administrator will find the radio buttons greyed-out if they try to
reverse your policy. The only setting that enables the
administrator to make changes to the
firewall is 'Not configured'.
SolarWinds Firewall Browser
Here is an utility where you can review firewall settings such as
access control lists (ACL), or troubleshoot problems with network
address translation (NAT).
Other reasons to download this SolarWinds Firewall Browser include
managing requests to change your firewall settings, testing firewall
rules before you go live, and querying settings with the browser's
powerful search options.
Windows
Firewall: Protect all network connections Before you change any
settings, make your plan. Do you want to enable (have a firewall), or disable the firewall on the
Windows 8 client? The logic of this policy is by no means obvious so
check in the Control Panel that your settings really to bite.
Would this be a Domain or Standard profile? Researching with NetSh did
not help me, but this is the syntax:
What worked for me was 'suck it and see'. I disabled the Standard
profile and success, I disabled the Domain profile nothing happened on my
configuration, but beware, the opposite may be the case in your network.
These Windows 8 firewall policies are in the Computer Configuration, thus
launch your GPMC, or Gpedit on Windows 8, now expand:
Computer Configuration . Administrative Templates ... Network .....
Network Connections [Key folder] ....... Standard Profile [Check Domain
Profile] ......... Windows Firewall: Protect all network connections
(Disable)
If you disable this policy setting, Windows Firewall does not run.
This is the only way to ensure that Windows Firewall does not run and
administrators who log on locally cannot start it.
Note 1: As with many Windows 8 Group Policies, check the
logic, for instance, Protect -- > Disable. This means you have no
firewall protection.
Note 2: Check that your policy is working in the Control
Panel. As this policy changes requires neither a reboot nor a logon /
logoff, the changes will be instantaneous.
More Windows 8 Firewall Group Policies
So far I have only dealt with the basic job of preventing unauthorized access
to, or from, your network with a group policy. If we go back to those Control Panel
settings, then you can see dozens of extra firewall configurations, for
example those 'Rules' under Advanced Settings; well
it's no surprise that each can be controlled via a group policy.
See more about
Windows firewall configuration.
Thus utility makes it easy to check the health of a router or firewall.
Check the real-time performance, and availability statistics, for any
device on your network. Get started with an extensive collection
of "out-of-the-box" monitors for popular network devices. Give Network
Monitor a whirl - it's free.
Download your free Network Device Monitor
Another strategy for preventing administrators from changing the firewall settings in
the control panel is to call for Regedit and change the settings there.
This method should alert you to the fact that a
local administrator could reverse your attempt to disable the firewall -
unless you have a Group Policy to disable regedit.
Anyway, you can research thus:
Select the appropriate folder: Domain, Public or Standard Profile.
Seek the DWORD EnableFirewall
Logic check: 1 means the firewall is on, and the admin cannot turn
it off.
Zero means the firewall is disabled.
Registry Research For Windows 8 Group Policy
Experimenting with Windows 8 firewall led me to wonder where in the registry the
group policies tattooed their settings. I found the above enable / disable
firewall
setting by examining the registry:
My technique was to launch Regedit and export the entire registry, I called
my file: FWallEnable.reg. Next I made the change to, 'EnableFirewall',
then I exported the registry a second time and called the file: FWallDisable.reg. Next
I ran either WinDiff or this PowerShell script:
Summary of
Windows 8 Disable Firewall Group Policy Settings
In my opinion, enabling group policies to prevent unauthorized access to
your network is tricky. However, you can control the Windows 8 firewall through
either the Administrative
Templates or the Windows Settings areas in Group Policies, my choice would
be the latter. Which ever path you take, the secret of understanding
how these policies work is to keep the Control Panel's Firewall window open as you make your policy changes.
If you like this page then please share it with your friends
Guy Recommends:
SolarWinds' NPM - Network Performance Monitor
SolarWinds' performance monitor is designed for detecting network outages,
making it easy to see what's working, and what needs your attention.
This utility guides you through creating network maps; it also helps
identifying whether the
root cause is faulty equipment, or resource overload. Give NPM a try.
