Windows 8 Firewall
-
Upload
rical133238 -
Category
Documents
-
view
224 -
download
0
Transcript of Windows 8 Firewall
-
7/28/2019 Windows 8 Firewall
1/30
Windows 8 Firewall
-
7/28/2019 Windows 8 Firewall
2/30
Windows 8 Firewall Topics
What is a firewall?
Firewall types
How a firewall works Default firewall behavior
Windows 8 firewall features
Configuring Windows 8 firewall
-
7/28/2019 Windows 8 Firewall
3/30
What is a firewall?
A device that filters packets either coming intoor going out of a device
Filtering can be based on IP, TCP, UDP and
other criteria relating to a packet as well asauthentication.
Criteria contained in firewall rules.
Firewall rule is similar to an access control liststatement
Example: permit host 172.16.1.1 host 180.50.1.1 eq
Telnet
-
7/28/2019 Windows 8 Firewall
4/30
Firewall Types
Packet filtering vs stateful vs proxy
Packet filtering makes each filtering decision on apacket by packet basis without regard to previous
packets in any direction
Stateful firewall keeps track of packet flows andfilters based on flow information
Proxy firewall works on a per-application basis.User sends to proxy, proxy creates new packetsourced from proxy
-
7/28/2019 Windows 8 Firewall
5/30
Firewall Types
Network-based vs host-based
Network-based runs a router, multi-layer switch ordedicated firewall
Host-based firewall runs on computer running OSsuch as Windows 7 or UNIX
Hardware vs software firewall
Hardware firewall chassis designed for specifically tooperate as a firewall; highest performance
-
7/28/2019 Windows 8 Firewall
6/30
6
Windows Firewall
Host-based, stateful software firewall
Evaluates each packet as it arrives or leaves anddetermines whether that packet is allowed or deniedbased on flow
Windows 8 firewall is improved over XP version
-
7/28/2019 Windows 8 Firewall
7/30
Default Firewall Behavior
Default is to allow all outbound traffic andresponse inbound traffic; deny all other inboundtraffic
-
7/28/2019 Windows 8 Firewall
8/30
How Firewall Works
Incoming packet is inspected and comparedagainst a list of allowed traffic.
If packet matches a list entry, packet passed to
TCP/IP protocol for further processing.
If the packet does not match a list entry then packetis discarded
If logging is enabled, Windows creates an entry in theFirewall logging file
-
7/28/2019 Windows 8 Firewall
9/30
How List is Populated
When enabled connection sends a packet, thefirewall creates an entry in the list for responsetraffic.
Allow rules can be manually created withAdvanced Security.
-
7/28/2019 Windows 8 Firewall
10/30
10
Windows 8 Firewall
Windows Firewall features
Inbound filtering
Outbound filtering Firewall rules combined with IPsec rules
Before Vista, IPSec was configured separately sometimesresulting in conflicting results
-
7/28/2019 Windows 8 Firewall
11/30
Windows 8 Firewall
Support for complex rules. Includes
Source and destination IP address
Source and destination port
Multiple ports per rule Interface types (i.e. wireless)
Services rather than port
Active Directory groups or users (IPSec rules only)
Support for logging
Allows monitoring of blocked packets
-
7/28/2019 Windows 8 Firewall
12/30
Locations and the Firewall
Windows Firewall with Advanced Security is a networklocation aware application
Windows 8 stores the firewall properties based on
location types Configuration for each location type is called a profile
In each profile you can:
Enable or disable Windows Firewall
Configure inbound and/or outbound connections
Customize logging and other settings
-
7/28/2019 Windows 8 Firewall
13/30
Locations and Firewall Settings
As the network location connected to changes,the Windows Firewall profile changes.
Windows Firewall can therefore automaticallyallow incoming traffic for a specific desktopmanagement tool when the computer is on adomain network but block similar traffic when
the computer is connected to public or privatenetworks.
-
7/28/2019 Windows 8 Firewall
14/30
Locations and Firewall Settings
Location types: work, home and public.
Location type affects Network Discovery andhomegroup capabilities
Network Discovery
allows you to see other computers and devices onthe network and allows other network users to see
your computer.
-
7/28/2019 Windows 8 Firewall
15/30
Location Types
Domain
Set by network administrator
Work
For small office or other workplace networks. Network discovery is on,
but you can't create or join a homegroup. Home
For home and other private environments. Computers can belong to ahomegroup. Network discovery is turned on.
Public
For public places (such as coffee shops or airports). HomeGroup is notavailable, and network discovery is turned off. You should also choosethis option if you're connected directly to the Internet without using arouter, or if you have a mobile broadband connection.
-
7/28/2019 Windows 8 Firewall
16/30
Configuring Windows Firewall
-
7/28/2019 Windows 8 Firewall
17/30
17
Basic Firewall Configuration
-
7/28/2019 Windows 8 Firewall
18/30
18
Advanced Firewall Configuration
Allows you to configure more complex rules,outgoing filtering, and IPsec rules
-
7/28/2019 Windows 8 Firewall
19/30
19
Advanced Firewall Configuration
-
7/28/2019 Windows 8 Firewall
20/30
20
Windows Firewall Properties
-
7/28/2019 Windows 8 Firewall
21/30
21
IPSec Settings
IPsec is a system for securing and authenticatingIP-based network connections
IPsec defaults - you can configure Key exchange protocols
Data protection protocols
Authentication Method
-
7/28/2019 Windows 8 Firewall
22/30
22
Advanced Firewall Configuration
-
7/28/2019 Windows 8 Firewall
23/30
23
Advanced Firewall Configuration
View and Edit Firewall Rules
A large number of inbound and outbound rules arecreated by default in Windows Vista
-
7/28/2019 Windows 8 Firewall
24/30
24
Advanced Firewall Configuration
-
7/28/2019 Windows 8 Firewall
25/30
25
Advanced Firewall Configuration
View and Edit Firewall RulesYou modify an existing rule by opening its properties
Tabs in the properties of an outbound rule
General Programs and Services
Computers
Protocols and Ports
Scope
Advanced
Create New Firewall Rules
A wizard guides you through the process
-
7/28/2019 Windows 8 Firewall
26/30
26
Advanced Firewall Configuration
-
7/28/2019 Windows 8 Firewall
27/30
27
Advanced Firewall Configuration
Create New Firewall Rules
Rule types you can create with the Outbound RuleWizard
Program
Port
Predefined
CustomActions for a rule
Allow the connection
Allow the connection if it is secure
Block the connection
-
7/28/2019 Windows 8 Firewall
28/30
28
Advanced Firewall Configuration
-
7/28/2019 Windows 8 Firewall
29/30
29
Advanced Firewall Configuration
Create New Computer-Connection SecurityRules
Use IPsec to authenticate and secure communicationbetween two computers
Security rule types
Isolation
Authentication exemption Server-to-server
Tunnel
Custom
-
7/28/2019 Windows 8 Firewall
30/30
30
Advanced Firewall Configuration