Allowing select access to IP addresses using Windows Server 2003
Switching from Zone Alarm 2000 to Windows Server 2003, a SearchSecurity.com reader asks expert Mike Chapple how to limit inbound connections.
I am using Windows Server 2003 with shares used by about 10 remote clients. I would like to only allow the IP addresses from these computers to access the server. I have used Zone Alarm in Server 2000 to do this task. How can I do this on Windows Server 2003?
With the release of Windows Server 2003, Microsoft changed the world of host-based firewalls by including Windows Firewall as a standard feature. Using this basic software firewall, it's possible to limit inbound connections to those matching pre-defined rules. To enable Windows Firewall:
- Open the Local Area Connection Properties page;
- Click the Settings button on the Advanced tab;
- On the General tab, ensure that the firewall is turned on.
Use the exceptions tab to create port-specific rules using the Add Port button. It's also possible to limit inbound traffic to certain IP addresses by clicking the Change Scope button on the Add a Port window.
When Windows Server 2008 was released, Microsoft included Windows Firewall with Advanced Security. This product offers a dramatically enhanced graphical user interface (GUI) and allows administrators to create both ingress (inbound traffic) and egress (outbound traffic) rules.
More information:
- Learn how to configure firewall files with Nipper.
- Expert Michael Cobb discusses how Windows Firewall with Advanced Security interacts with an IPsec command line tool.
This was last published in June 2008
