……..
Module Overview
• Designing Windows Firewall Implementation
• Overview of IPSec
• Designing IPSec Implementation
Reasons for Implementing Windows Firewall
Windows Firewall can block incoming and outgoing network traffic on a host.
Reasons for implementing Windows Firewall are:
• Protect servers from internal threats
• Prevent malware from propagating
Methods for Configuring Windows Firewall
You can configure Windows Firewall by using:
– Basic Firewall configuration in Control Panel
• Windows Firewall with Advanced Security
• Group Policy
Discussion: Guidelines for Designing Inbound Rules
What rules should exist for inbound packets?
Discussion: Guidelines for Designing Outbound Rules
What rules should exist for outbound packets?
Benefits of IPSec
Benefits of IPSec are:
– Authentication of communication
• Ensuring that data is not modified in transit
• Encrypting to secure communication
• Integrating with Windows Firewall rules as part of Network Access Protection (NAP)
• Protecting communication between two hosts or two networks
Connection Security Rules
Connection security rules:
• Are new in Windows Server 2008 and Windows Vista
• Replace IPSec policies from previous versions of Windows
• Determine which network traffic is affected by IPSec
• Must exist on both hosts to be effective
• Apply to all traffic between hosts
• Can be applied to specific profiles