There are at least two ways of controlling the Windows 8 firewall with
Group Policies; my first choice would be to go to the Windows Settings, Security Settings
folder.
When it comes to firewall GPOs the old saying, 'go slowly, I am in a
hurry' springs to mind. However, if you know what you want, and have a plan,
then you can configure these firewall group policy settings to produce a
most satisfyingly result.
Methods for Disabling a Firewall with a Group Policy
The most sure-footed method of getting this bunch of policies working, is to open
the Control Panel on the Firewall page; then as you make your selections with Gpedit.msc,
so you can see changes in the Cpanel window.
Later you can reproduce these settings in the GPMC
and thus apply them to all your users.
Computer Configuration ... Windows Settings [Key folder] ..... Windows
Firewall Advanced Security
Windows Firewall Properties
Simply click on the Windows Firewall and Advanced Security and this will
display all the settings that you see in the Control Panel.
The key difference with using Gpedit (or GPMC) is that local users, even
those with administrative rights, cannot change the firewall settings.
If you want to disable the firewall the crucial step is to click on: Windows Firewall
Properties. See screenshot to the right.
The secret of mastering these policies is to watch what happens in the Control Panel
window as you configure the drop-down menus on each Profile
tab. The reason that harp on about this comparison technique is that
there are 3 possible firewalls, Domain, Private and Public, and you can
configure each independently.
Understanding the three options for Firewall state:
Setting the state to 'Off' disables the Windows 8 firewall, this group
policy also means that the local administrator cannot over-ride the policy,
and turn it on. Equally, if you set the policy to 'On (recommended)'
then the administrator will find the radio buttons greyed-out if they try to
reverse your policy. The only setting that enables the
administrator to make changes to the
firewall is 'Not configured'.
Free Monitor for Your Network: SolarWinds Real-time Traffic Analyzer
The main reason for monitoring your network is to check at a glance which
servers are available. If there is a network problem you
want an interface to show the scope of the problem immediately.
Even when all servers and routers are available, sooner or later you will be curious to
know who, or what, is hogging the precious network's bandwidth. A GUI
showing the top 10 users always makes interesting reading.
Another reason to monitor network traffic is to learn more about your
server's response times and the consumption of resources. To take the pain out of
capturing frames and analysing the raw data, Guy recommends that you download a copy of
the SolarWinds
free Real-time NetFlow Analyzer.
Windows
Firewall: Protect all network connections Before you change any
settings, make your plan. Do you want to enable (have a firewall), or disable the firewall on the
Windows 8 client? The logic of this policy is by no means obvious so
check in the Control Panel that your settings really to bite.
Would this be a Domain or Standard profile? Researching with NetSh did
not help me, but this is the syntax:
What worked for me was 'suck it and see'. I disabled the Standard
profile and success, I disabled the Domain profile nothing happened on my
configuration, but beware, the opposite may be the case in your network.
These Windows 8 firewall policies are in the Computer Configuration, thus
launch your GPMC, or Gpedit on Windows 8, now expand:
Computer Configuration . Administrative Templates ... Network .....
Network Connections [Key folder] ....... Standard Profile [Check Domain
Profile] ......... Windows Firewall: Protect all network connections
(Disable)
If you disable this policy setting, Windows Firewall does not run.
This is the only way to ensure that Windows Firewall does not run and
administrators who log on locally cannot start it.
Note 1: As with many Windows 8 Group Policies, check the
logic, for instance, Protect -- > Disable. This means you have no
firewall protection.
Note 2: Check that your policy is working in the Control
Panel. As this policy changes requires neither a reboot nor a logon /
logoff, the changes will be instantaneous.
More Windows 8 Firewall Group Policies
So far I have only dealt with the basic job of preventing unauthorized access
to, or from, your network with a group policy. If we go back to those Control Panel
settings, then you can see dozens of extra firewall configurations, for
example those 'Rules' under Advanced Settings; well
it's no surprise that each can be controlled via a group policy.
See more about
Windows firewall configuration.
Recommended: Solarwinds' Permissions Analyzer - Free Active Directory Tool
I like the
Permissions Monitor because it enables me to see WHO has permissions
to do WHAT at a glance. When you launch this tool it analyzes a users effective NTFS
permissions for a specific file or folder, and takes into account network share
access, then displays the results in a nifty desktop dashboard!
Think of all the frustration that this free SolarWinds utility saves when you are
troubleshooting authorization problems for user's access to a resource.
Another strategy for preventing administrators from changing the firewall settings in
the control panel is to call for Regedit and change the settings there.
This method should alert you to the fact that a
local administrator could reverse your attempt to disable the firewall -
unless you have a Group Policy to disable regedit.
Anyway, you can research thus:
Select the appropriate folder: Domain, Public or Standard Profile.
Seek the DWORD EnableFirewall
Logic check: 1 means the firewall is on, and the admin cannot turn
it off.
Zero means the firewall is disabled.
Registry Research For Windows 8 Group Policy
Experimenting with Windows 8 firewall led me to wonder where in the registry the
group policies tattooed their settings. I found the above enable / disable
firewall
setting by examining the registry:
My technique was to launch Regedit and export the entire registry, I called
my file: FWallEnable.reg. Next I made the change to, 'EnableFirewall',
then I exported the registry a second time and called the file: FWallDisable.reg. Next
I ran either WinDiff or this PowerShell script:
Summary of
Windows 8 Disable Firewall Group Policy Settings
In my opinion, enabling group policies to prevent unauthorized access to
your network is tricky. However, you can control the Windows 8 firewall through
either the Administrative
Templates or the Windows Settings areas in Group Policies, my choice would
be the latter. Which ever path you take, the secret of understanding
how these policies work is to keep the Control Panel's Firewall window open as you make your policy changes.
If you like this page then please share it with your friends
