In the first part of this three part series on configuring the Windows Server 2008 Firewall with Advanced Security, we went over some of the global configuration settings that apply to the firewall. In this article, we’ll take a look at the inbound and outbound firewall rules that you can create to control incoming and outgoing connections to and from the Windows Server 2008 computer.
To get started, open the Windows Firewall with Advanced Security console from the Administrative Tools menu. In the left pane of the console, you’ll see two nodes, the Inbound Rules and the Outbound Rules nodes. The Inbound Rules node lists the rules that control unsolicited, inbound connections to the server. The Outbound Rules node list the rules that control outbound connections made by the server.
Click on the Inbound Rules node. The rules that you see here will vary depending on what servers and services are installed and enabled on the server. In the figure below you can see that the machine is an Active Directory domain controller, and a number of rules are enabled to support Active Directory operations.
By default, if there is no rule that allow the inbound connection to the server, then the connection attempt is dropped. If there is an allow rule, then the connection is allowed if the characteristics of the connection match the settings in the rule. We’ll look at those characteristics in a little bit.