Information Technology Reference
In-Depth Information
CHAPTER 3
■ ■ ■
Windows Firewall
T
he Windows Firewall is a feature of Windows Server 2003 Service Pack 1 that creates a
protective boundary for Windows Server 2003; it monitors incoming connection attempts on
the local computer and restricts information that travels between the local computer and a
local area network (LAN) or the Internet. The Windows Firewall provides a way of protecting
your server against malicious users or content on the Internet, or elsewhere on your network,
that might try to access resources and information on your computer without your permission.
When Windows Server 2003 was first released, the Windows Firewall was known as the
Internet Connection Firewall (ICF) and was a simple, host-based firewall for the Windows
Server 2003 operating system. ICF was not enabled by default, and it was somewhat difficult
to configure. With the release of Service Pack 1 (SP1), Windows Server 2003 now includes the
same Windows Firewall that was introduced in Service Pack 2 for Windows XP. This improved
firewall is much easier to configure and manage, both from the GUI as well as through Group
Policy and the command line.
■
Note
All of the recipes in this chapter assume that you are running Windows Server 2003 Service Pack 1.
Windows Firewall functions by listening for unsolicited incoming requests to your server.
A good example of this is a remote client attempting to access the web service running on a
physical server. You can configure exceptions based on the name of a service or application, as
well as on as the TCP/UDP port it uses to communicate. Using the Windows Firewall, you can
configure which applications should be permitted to access your local computer, and which
connection attempts should be rejected.
Another configuration improvement in the Windows Firewall is the ability to set up multiple
profiles to control how the firewall should behave in different scenarios. You can create config-
uration items such as firewall exceptions to apply to one or both of the following profiles:
•
Domain profile:
This profile will take effect when your computer is logged onto a domain.
The Windows Server 2003 operating system uses a process called
network determination
to figure out whether a computer is currently attached to a domain. This process involves
checking the last time that a computer received a Group Policy update, as well as any
connection-specific DNS suffixes that have been configured and whether a SLIP or PPP
connection is enabled.
93
