Saturday, January 16, 2010

Configuring Windows Firewall Group Policies in Windows Small Business Server 2008

In the new Windows Small Business Server 2008, there are actually two different locations depening on which version of Windows your are configuring for.


Below, I have outline where to find the appropriate locations to configure both Windows XP SP2-based (click the link for more infomation) workstations or Windows Vista (including Windows 7) based workstations.

Note: these directions assume you have Group Policy Management addin saved under Windows SBS Native Tools Management.

For Windows Vista & 7
  1. Open “Windows SBS Native Tools Management” Console
  2. Navigate to:
    Group Policy Management > Forest: domain.local > Domains > domain.local > MyBusiness > Computers > SBSComputers
  3. Right-click on “Windows SBS Client – Windows Vista Policy” and select Edit
  4. Navigate to:
    Computer Configuration > Windows Settings > Security Settings > Windows Firewall with Advanced Security.





  5. Right-click on “Inbound Rules” and select “New Rule...” and complete the wizard respectively.
For Windows XP
  1. Open “Windows SBS Native Tools Management” Console
  2. Navigate to:
    Group Policy Management > Forest: domain.local > Domains > domain.local > MyBusiness > Computers > SBSComputers
  3. Right-click on “Windows SBS Client – Windows XP Policy” and select Edit
  4. Navigate to:
    Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile
  5. In the right-hand panel, right-click on “Windows Firewall: Define inbound program exceptions” or “ Windows Firewall: Define inbound port exceptions” and select Properties
  6. In the window, click the “Show...” button
  7. Enter in required exceptions (see example), then click OK when finished.
For Windows XP Firewall program exception example, use the following as a guide:
%ProgramFiles%\ExampleAppFolder\Example.exe:*:Enabled:Example Program Title
For  Windows XP Firewall port exception example:
23:TCP:*:Enabled:Telnet
Port Number : TCP/UDP: Scope : Enable/Disabled : Port Title

For more information, see the following Microsoft TechNet page:
http://technet.microsoft.com/en-us/library/bb490616.aspx#EBAA

No comments:

Post a Comment