In a previous article, we talked about the Windows Firewall with Advanced Security and its features. Now it is time to show you how to manage rules using this tool: how to create or delete a rule and how to enable or disable existing rules.
How to Create or Delete a New Rule
I will use as an example ActiveSync and the ports used by this application. ActiveSync is the client used to connect Windows Mobile phones to Windows computers and it uses the following inbound TPC ports: 990, 999, 5678, 5721, 26675 and outbound UDP port 5679.
In order to create a new rule, open Windows Firewall with Advanced Security and select the inbound or outbound rules section, depending on what type of rule you want to add. Then, you can use the Actions panel on the right side of the window and click on 'New Rule'.
Another option is to select the type of rule you want to add and use the menu on top of the Windows Firewall with Advanced Security window. There, click on Action and then on 'New Rule'.
The 'New Rule Wizard' will start. You need to first select one of the four available options: program (adds rules that control connections for a specified program), port (rules which control connection using specific ports, independent of programs), predefined (rules which generally apply to Windows services and programs) or custom (which allows you to define any combination of parameters).
For our exercise, I need to select Port and then click on Next.
Once the protocol is selected it is time to specify the ports we want open. Check 'Specific local ports' and start typing the protocols you need to open, split by coma. When done, click on Next.
Next, you need to select what action should be taken for the specified protocol and ports. You have three options: allow the connection, allow the connection if it is secure (this allows traffic only through secure connections, otherwise traffic is blocked), or block the connection.
For my example, I selected 'Allow the connection' and clicked on Next.
Now you need to select to which type of network location does the rule apply to. Select the ones you need and click on Next.
In the last window of the wizard, you need to type a name for the rule and a description. Make sure you type something suggestive to what it does so that you know when you check it later. When done, click on Finish.
Now I have created an inbound rule for the ports used by ActiveSync. To create an outbound rule, I need to go through the same steps and specify UDP and 5679 as the protocol & port.
If you need to delete an existing rule, go to the appropriate category, right click on it and select Delete.
How to Enable/Disable or Modify a Rule
To modify an existing rule, you need to go to the appropriate category of rules and select it. To see its properties, you can either double click on it or make a right-click and select Properties.
The Properties window looks similar to the screen below. Here you can edit all its properties and, when done, click on OK to apply the changes.
If you want to enable or disable an existing rule, right click on it and select enable or disable.
As you can see from this tutorial, creating new rules in Windows Firewall with Advanced Security is not very difficult. If you are familiar with networking concepts such as protocols, ports and networking services, you will have no issues in defining the rules you need for safe networking.
For more info on Windows Firewall and how it works, don't hesitate to read the articles recommended below.