{"id":1308,"date":"2014-01-02T14:24:11","date_gmt":"2014-01-02T20:24:11","guid":{"rendered":"http:\/\/www.poweradmin.com\/blog\/?p=1308"},"modified":"2015-04-24T16:48:40","modified_gmt":"2015-04-24T21:48:40","slug":"how-to-use-windows-firewall-to-authorize-connections","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/how-to-use-windows-firewall-to-authorize-connections\/","title":{"rendered":"How to use Windows Firewall to Authorize Connections"},"content":{"rendered":"

\n\tIn this article I will show you how to use Windows Firewall to authorize connections before data can be sent between devices. Authorization offers you an extra security layer and should be used whenever possible. There are services or applications that include authorization rules so that only allowed users\/computers can connect to certain network resources. Applications like IIS or Windows sharing offer different authorization types. Authorization should be the first security layer used to protect private information against external security threats.<\/span><\/span>\n<\/p>\n

\n\tLet's open up the server manager console and navigate to Windows Firewall with Advanced Security<\/em> section. Note that for this demonstration I will be using a Windows Server 2012 R2 machine, but similar settings are applicable to Windows Server 2008 versions. Once you\u2019ve openned the console navigate to\u00a0Outbound Rules<\/em>:<\/span><\/span>\n<\/p>\n

\n\t\u00a0\u00a0\u00a0\u00a0 \"Windows<\/a><\/span><\/span>\n<\/p>\n

\n\tIf desired, you can configure a new outbound rule which will filter the traffic based on the specified criteria. I will be editing the\u00a0All Outgoing (TCP)<\/em>\u00a0rule which is responsible for managing all outbound connections that are using a TCP port. Right click<\/em> this rule and select Properties<\/em>:<\/span><\/span>\n<\/p>\n

\n\t\"All<\/a><\/span><\/span>\n<\/p>\n

\n\tFrom the\u00a0General<\/em> tab select allow the connection if it is secure<\/em>\u00a0and click on customiz<\/em>e. This option will allow outbound connections only if they are secured:<\/span><\/span>\n<\/p>\n

\n\t\"All<\/a><\/span><\/span>\n<\/p>\n

\n\tThere are several options available when allowing secured connections only. Note that authorization takes advantage of IPSec when filtering rules so, you can require authentication, integrity and\/or encryption. When enabling require the connections to be encrypted<\/em>, besides data integrity and authentication, privacy will also be used:<\/span><\/span>\n<\/p>\n

\n\t\"Customize<\/a><\/span><\/span>\n<\/p>\n

\n\tOnce you press\u00a0OK<\/em>, navigate to the\u00a0Remote Computers<\/em>\u00a0tab to add the authorized computers that will take advantage of this rule. You can enable authentication for individual or a specified group of computers. The rule will then be applied for outbound connections and only for the machines added in this section. We can also configure exceptions for particular hosts or group of computers. This basically means that for the specified hosts, the rule will not be applied and these computers will not be authenticated:<\/span><\/span>\n<\/p>\n

\n\t\"All<\/a><\/span><\/span>\n<\/p>\n

\n\tBased on the criteria configured in this section, the rule will filter any outbound packets. If a match for this rule is found then the computers will be checked for authorization. If the machines were not added within this section, the connections will be dropped.<\/span><\/span>\n<\/p>\n

\n\tFor monitoring network traffic you can enable logging on your Windows Server so that you can troubleshoot and visualize authentication requests. Right click\u00a0Windows Firewall with Advanced Security<\/em>\u00a0and select\u00a0Properties<\/em>. There are multiple sections available based on the location of your workstations. Because I'm using an Active Directory domain, I will enable logging on the\u00a0Domain Profile<\/em>. From the Logging<\/em> section select Customize<\/em>:<\/span><\/span>\n<\/p>\n

\n\t\"Windows<\/a><\/span><\/span>\n<\/p>\n

\n\tYou'll need to specify the name and location of the log file, size limit and if the server will log dropped packets or successful connections:<\/span><\/span>\n<\/p>\n

\n\t\"<\/a><\/span><\/span>\n<\/p>\n

\n\tLogging outbound or inbound connections offers you a way to troubleshoot and monitor server\u2019s connections. If there are malicious users trying to authenticate using your server you can also block connections based on the logged IP addresses.<\/span><\/span>\n<\/p>\n

\n\tThat\u2019s it for this article folks, hope you\u2019ve understood the basics of using Windows Firewall to authorize connections. If you have any questions don\u2019t hesitate to post a comment and we will answer as soon as possible. Enjoy your day and stay tuned for the following articles.<\/span><\/span>\n<\/p>\n

\n\t\u00a0\n<\/p>\n

\n\tImage credits: By Berishafjolla (Own work) [CC-BY-SA-3.0 (http:\/\/creativecommons.org\/licenses\/by-sa\/3.0)], via Wikimedia Commons<\/span><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

In this article I will show you how to use Windows Firewall to authorize connections before data can be sent between devices. Authorization offers you an extra security layer and should be used whenever possible. There are services or applications that include authorization rules so that only allowed users\/computers can connect to certain network resources. […]<\/p>\n","protected":false},"author":4,"featured_media":1327,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,13,9,8],"tags":[],"class_list":["post-1308","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-how-to","category-pc-security","category-technical","category-windows"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/1308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/comments?post=1308"}],"version-history":[{"count":5,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/1308\/revisions"}],"predecessor-version":[{"id":3546,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/1308\/revisions\/3546"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media\/1327"}],"wp:attachment":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media?parent=1308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/categories?post=1308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/tags?post=1308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}