Note: If you use role-based administration:
- You must have the Policy setting
- firewall right to configure a firewall policy.
- You cannot edit a policy if it is applied
outside your active sub-estate.
For more information, see Managing roles and sub-estates.
To create a custom
rule which allows fine control over the access allowed for an application:
-
Double-click the firewall policy you want to change.
-
On the Welcome page of the
Firewall Policy wizard, click Advanced firewall policy.
-
Under Configurations, click
Configure next to the location for which you
want to configure the firewall.
- Click the Applications tab.
-
Select the application in the list, and then click .
-
In the
Application Rules dialog box, click
Add.
-
Under
Rule name, type a name for the rule.
The rule name must be unique within the list of rules. Two
application rules cannot have the same name, but two applications can each have
a rule with the same name.
-
Under
Select the events the rule will handle, select
the conditions that the connection must match for the rule to apply.
-
Under
Select the actions with which the rule will
respond, select either
Allow it or
Block it.
-
Do one of the following:
- To allow other
connections to and from the same remote address while the initial connection
exists, select
Concurrent connections.
Note: This option is only available for TCP rules, which are
stateful by default.
- To intelligently allow replies from the
remote computer based on the initial connection, select Stateful
inspection.
Note: This option is only available for UDP and
IP rules.
Note:
On Windows 8 and later, these options do not apply as Stateful
inspection is always used and Concurrent
connections are not supported.
-
Under Rule description, click an underlined value. For example, if you click the
Stateful TCP link, the Select
Protocol dialog box opens.