Information Technology Reference
In-Depth Information
INetFwProfile
gives access to a particular firewall profile, either the domain profile, the
standard profile, or the current profile that is in effect.
INetFwPolicy
provides access to a particular firewall policy.
INetFwMgr
provides access to the firewall settings for the local computer.
3-1. Enabling and Disabling the Windows Firewall
Problem
You want to enable or disable the built-in firewall on a Windows Server 2003 computer.
Solution
Using a Graphical User Interface
To enable the Windows Firewall, do the following:
1.
Open the Network Connections applet.
2.
Double-click on the Local Area Connection icon.
3.
Click Settings from the Advanced tab; this will launch the Windows Firewall Control
Panel applet.
4.
Click the On radio button to enable the Windows Firewall, or Off to disable the firewall.
Using a Command-Line Interface
The following command enables the Windows Firewall on a Windows Server 2003 computer
for all profiles:
> netsh firewall set opmode mode=enable exceptions=enable profile=all
The following command disables the Windows Firewall on a Windows Server 2003 computer:
> netsh firewall set opmode mode=disable exceptions=disable profile=all
Using Group Policy
Tables 3-1 and 3-2 contain the Group Policy settings that enable or disable the Windows Fire-
wall for the domain and standard profiles respectively.
Table 3-1.
Enable or Disable Windows Firewall—Domain Profile
Path
Computer Configuration\Administrative Templates\Network\Network
Connections\Windows Firewall\Domain Profile
Policy name
Windows Firewall: Protect all network connections
Enabled
to enable the Windows Firewall for all interfaces in the domain
profile.
Disabled
to turn off the Windows Firewall for all interfaces in the
domain profile.
Value
