The Windows 7 Firewall has a lot of features that are not available using the basic configuration tool. This video looks at how to configure the Windows Firewall using the Windows Firewall with Advanced Security tool. This tool allows you to configure rules based on the IP address and port of the connection. It also allows you to configure an IPSec connection so that traffic between two points is automatically encrypted.
Firewall demo 01:49
Windows Firewall with Advanced Security
This admin tool allows you to configure the following items which are not possible in the basic tool.
Rules based on an IP address
Finer control over rules. You could enable only file sharing rather than file and printer sharing
Settings and the rule can be imported and exported. Settings can be used other computers and group policy
The Windows Firewall has IPSec integrated into the Firewall. This makes IPSec a lot easier to configure than ever before and also means that packets travelling over an IPSec connection will be checked by the Windows Firewall.
IPSec Rule Types
Isolation: This rule connections the computer up to another computer or device. This is based on a criteria the rule must meet. For example if the computer is a member of a domain.
Authentication Exemption: This is a connection that does not require authentication. Usually the other party will be determined by looking at its IP address. This type of connection is not considered to be very security since IP addresses can be faked.
Server to Server: Creates a connection to anther device or computer or to a subnet.
Tunnel: This uses tunnel mode rather than transport mode in IPSec. Tunnel mode is usually used when connecting to gateways together. For example, if you had to VPN devices connecting to each other and they had clients behind them. Transport mode is usually used when one end point is a host. E.g. host to host, host to VPN device.