ch21.html


Previous Page Next Page

Part IV: Network Security, Web Services, and Performance Monitoring

 

Hour 21 Working with the Windows Firewall and IPSec

 

Hour 22 Using Network Address Translation and Certificate Services

 

Hour 23 Using the Internet Information Service

 

Hour 24 Monitoring Server Performance and Network Connections

Hour 21. Working with the Windows Firewall and IPSec

What You’ll Learn in This Hour:

Protecting your network from outside attack is extremely important; particularly in situations where your private network is connected to a public network—the Internet. Windows Server 2008 provides a number of strategies for protecting your network data and this hour takes a look at the basics of working with the Windows Firewall and IPSec (IP Security Protocol).

Understanding the Windows Firewall

A firewall is best defined as hardware or software (or both) that is designed to sit between your computer (or network) and the Internet and protect the computer (or network) from outside attack. Firewalls examine data entering and leaving the internal network and can filter (meaning block or drop) the data traveling in both directions.

If data packets do not meet a particular rule that has been configured on the firewall, the data is not allowed to enter the internal network. Firewalls can also filter outgoing data and prevent data from leaving the internal network (meaning connections to the Internet via certain software can be controlled with a firewall).

Depending on the complexity of your network, you may already deploy a hardware firewall that sits as an intermediary device between your internal network and the Internet. Software firewalls, such as the Windows Firewall, are designed to provide security at the computer level. The “new” Windows Firewall available on servers running Windows Server 2008 and network clients running Windows Vista is a host-based solution for data filtering and protection from attacks both inside and outside the network.

The Windows Firewall is a stateful firewall, meaning it keeps track of the state of a computer’s network connections as it examines both incoming and outgoing data packets. In terms of incoming data traffic, data that is considered unsolicited (meaning it is not the result of a request from the local computer for that data) is dropped by the firewall and so protects the host. The Windows Firewall can be configured with exceptions that allow some data traffic to be received by the host, based on an exception rule that is configured for particular software and ports.

In terms of outgoing data traffic, the Windows Firewall rules can also be configured to block specific outgoing traffic based on software and ports. This enables the network administrator to limit network communication to certain software. By default the Windows Firewall is configured to allow all outgoing connections.

The Windows Firewall can be configured locally on the host and you can also control its configuration by using policies via Group Policy, which provides a network administrator with a way to make the Windows Firewall configuration for network clients consistent throughout the network. Both Group Policy and Network Access Protection (both of which have settings related to the required use of Windows Firewall on clients and actual firewall settings) are covered in Hour 11, “Deploying Group Policy and Network Access Protection.” This hour concentrates on firewall settings as they would be configured on the host (for example, a server running Windows Server 2008).

Previous Page Next Page

Leave a Reply


Time limit is exhausted. Please reload the CAPTCHA.

Categories