Both Windows Vista and Windows Server 2008 include the next-generation of Windows Firewall, which has become a standard aspect of Microsoft's client and server operating systems. Windows Firewall with Advanced Security, although not marketed as a replacement for more complex solutions designed to manage network traffic, has the advantage that it ships as a default component integrated with the platforms. On top of this, Windows Firewall with Advanced Security is not as simplistic as it might appear. This is why Microsoft has made available for download a complex design guide of the product.
Windows Firewall with Advanced Security "can filter the network traffic permitted to enter the computer from the network, and also control what network traffic the computer is allowed to send to the network. Windows Firewall with Advanced Security supports IPsec, which enables you to require authentication from any computer that is attempting to communicate with your computer. When authentication is required, computers that cannot authenticate cannot communicate with your computer. By using IPsec, you can also require that specific network traffic be encrypted to prevent it from being read or intercepted while in transit between computers," revealed Microsoft's Dave Bishop.
The bottom line is that Windows Firewall with Advanced Security, featured in Windows Server 2008, Windows Vista (with or without SP1) does much more than offer protection to computers against malicious network traffic. In this regard, the Design Guide will offer a wide array of recommendations set up to enable users to take advantage of everything that Windows Firewall with Advanced Security has to offer. Details such as planning for exemption lists, Isolated Domains, Boundary and Encryption Zones, as well as for Network Access Groups and many more are all described in the Guide.
"The interface for Windows Firewall with Advanced Security is much more capable and flexible than the consumer-friendly interface found in the Windows Firewall Control Panel. They both interact with the same underlying services, but provide different levels of control over those services. While the Windows Firewall Control Panel meets the needs for protecting a single computer in a home environment, it does not provide enough centralized management or security features to help secure more complex network traffic found in a typical business enterprise environment," Bishop added.
Windows Firewall with Advanced Security Design Guide is available for download here.