If you have any experience at all with configuring firewalls, you’ll quickly realize that the Windows Firewall application found in Control Panel covers only the most basic tasks. But don’t take this to mean that Windows Firewall is underpowered. You can configure all manner of firewall rules, allowing or blocking traffic based on program, port, protocol, IP address, and so on. In addition, you can enable, disable, and monitor rules, configure logging, and much more. With advanced tools, you can even configure Windows Firewall on remote workstations.
Because the interface to these advanced features is rather daunting, Windows Firewall provides the simplified interface. This is adequate for less-experienced users, as well as for performing the routine firewall tasks needed by most IT professionals and other users.
Nonetheless, the Win¬dows Firewall With Advanced Security interface (a snap-in and predefined console for Microsoft Management Console) offers granular control over rules, exceptions, and pro¬files. To open the Advanced Security interface, you can open Windows Firewall and select Advanced Settings. If you’re using a standard account and you haven’t yet entered administrative credentials during this Windows Fire¬wall session, you’ll need to do so now.
Note that you don’t need to open Windows Firewall to get to the Windows Firewall With Advanced Security interface. For faster access, you can go to the Start menu search box, type wf.msc, and press Ctrl+Shift+Enter to run it as an administrator.
The initial view presents information similar to that shown in Windows Firewall. Go just a few steps further, though, and you’ll discover far deeper control. The “Windows Firewall with Advanced Security Getting Started Guide” offers some helpful information to help you along.
If you’re not intimidated by the Windows Firewall With Advanced Security console, you might want to try the command-line interface for managing Windows Firewall. Because it can be scripted, it can be useful if you need to make firewall settings repeatedly, whether on a single computer as conditions change or on a fleet of computers. To use the command-line interface, use the Netsh command with the Advfirewall context. You can get some terse help by typing netsh advfirewall at a Command Prompt. For addi¬tional information, check out “Netsh Commands for Windows Firewall with Advanced Security”.