具有高级安全(Windows Defender Firewall with Advanced Security)性的Windows Defender 防火墙是一种工具,可让您详细控制Windows Defender 防火墙(Windows Defender Firewall)应用的规则。您可以查看Windows Defender 防火墙(Windows Defender Firewall)使用的所有规则、更改其属性、创建新规则或禁用现有规则。在本教程中,我们将分享如何打开具有高级安全性的 Windows Defender 防火墙(Windows Defender Firewall with Advanced Security)、如何绕过它,并讨论可用的规则类型以及它们过滤的流量类型。
注意:(NOTE:)本指南涵盖Windows 10、Windows 7 和Windows 8.1。如果您不知道您拥有的Windows版本,请阅读本教程:我安装了哪个版本的Windows ?。
什么是具有高级安全性的(Advanced Security)Windows Defender 防火墙(Windows Defender Firewall)?
首先,让我们澄清一下名称。Windows 中的本机防火墙在Windows 10(Windows)中(Windows 10)被命名为Windows Defender 防火墙(Windows Defender Firewall),而在Windows 7和 Windows 8.1 中它保留了旧名称Windows 防火墙(Windows Firewall)。同样,我们在本教程中介绍的工具在 Windows 10中命名为具有高级安全性的 Windows Defender 防火墙,(Windows Defender Firewall with Advanced Security)在Windows 7和Windows 8.1中命名为具有高级安全性的(Windows 8.1)Windows 防火墙(Windows Firewall with Advanced Security)。该工具在所有三个Windows版本中的外观和功能都相同。对于本文,我们使用Windows 10的屏幕截图并使用名称具有高级安全性的 Windows Defender 防火墙(Windows Defender Firewall with Advanced Security),但我们的教程适用于所有三个Windows版本。
Windows Defender 防火墙(Windows Defender Firewall)通过过滤允许进入或退出您的设备的网络流量(network traffic)来帮助保护您的Windows设备。(Windows device)该工具构建为Microsoft 管理控制台(Microsoft Management Console)上的一个管理单元,其可执行文件名为wf.msc。有关Windows Defender 防火墙(Windows Defender Firewall)的更多详细信息,请阅读什么是Windows 防火墙(Windows Firewall)以及如何打开或关闭它?。
控制面板为(Control Panel)Windows Defender 防火墙(Windows Defender Firewall)提供了一些基本设置,而具有高级安全性的 Windows Defender 防火墙(Windows Defender Firewall with Advanced Security)使您可以访问其所有功能。Windows 10 在其设置应用程序(Settings app)中引入了基本的防火墙设置,但为了完全控制Windows Defender 防火墙(Windows Defender Firewall),它会将您发送到具有高级安全性的 Windows Defender 防火墙(Windows Defender Firewall with Advanced Security)。
如何访问具有高级安全性的(Advanced Security)Windows Defender 防火墙(Windows Defender Firewall)
在所有三个Windows版本中打开(Windows)具有高级安全性的 Windows Defender 防火墙(Windows Defender Firewall with Advanced Security)的最简单方法是搜索其可执行文件。在Windows 搜索框中(Windows search box and click)键入“wf.msc” ,然后单击或点击结果。
在控制面板(Control Panel)中,您可以通过转到"System and Security -> Windows Defender Firewall,",然后单击或点击高级设置来访问(Advanced settings)具有高级安全性(Windows Defender Firewall with Advanced Security)的 Windows Defender 防火墙。
在Windows 10中,您可以使用以下路径在开始菜单中找到(Start Menu)具有高级安全性的 Windows Defender 防火墙的快捷方式: (Windows Defender Firewall with Advanced Security)“开始菜单 → Windows 管理工具 → 具有高级安全性的 Windows Defender 防火墙”。("Start Menu → Windows Administrative Tools → Windows Defender Firewall with Advanced Security.")
您可以使用具有高级安全性的(Advanced Security)Windows Defender 防火墙(Windows Defender Firewall)做什么?
该工具使您可以访问Windows Defender 防火墙(Windows Defender Firewall)的所有功能。以下是使用它的一些好处:
-
降低来自网络的安全攻击风险(Reduces the risk of security attacks from the network)。Windows Defender 防火墙(Windows Defender Firewall)不是一个完整的安全解决方案(security solution),但它降低了网络攻击(network attack)成功的机会。
-
验证对您设备的访问(Authenticates access to your device)。它可以使用IPsec(Internet 协议安全(Internet Protocol Security))来执行此操作,它强制数据的完整性并保护机密性。
-
无需额外投资即可提供防火墙功能(Provides firewall capability with no additional investment)。Windows Defender 防火墙(Windows Defender Firewall)是Windows的一部分。您无需花钱或安装其他软件即可获得防火墙。
具有高级安全性的 Windows Defender 防火墙(Windows Defender Firewall with Advanced Security)使用以下功能提供了优势:
入站和出站规则(inbound and outbound rules)是什么?
为了提供您需要的安全性,Windows Defender 防火墙(Windows Defender Firewall)具有一组标准的入站和出站规则(inbound and outbound rules),这些规则根据所连接网络的位置启用。
入站规则适用于从网络和 Internet 到您的Windows 计算机或设备(Windows computer or device)的流量。出站规则适用于从您的计算机到网络或Internet的流量。
这些规则可以配置为特定于计算机、用户、程序、服务、端口或协议。您还可以指定它适用于哪种类型的网络适配器(network adapter)(例如,无线、有线、虚拟专用网络)或用户配置文件。
在具有高级安全性的 Windows Defender 防火墙中(Windows Defender Firewall with Advanced Security),您可以访问所有规则并编辑其属性。您所要做的就是单击或点击左侧面板中的相应部分。
可以启用或禁用Windows Defender 防火墙(Windows Defender Firewall)使用的规则。启用或激活的在名称(Name)列中标有绿色复选框。
让我们以Windows Media Player 网络共享服务(Windows Media Player Network Sharing Service)的规则之一为例(example one)。如果您使用Windows Media Player在(Windows Media Player)Windows 设备(Windows device)上管理媒体库,您可以决定通过网络共享它。默认情况下禁用此用途的规则(名称旁边缺少绿色复选框)。(green checkbox)
如果您想了解有关特定规则的更多信息并查看其属性,请右键单击它并选择“属性(Properties)”或选择它并按右侧列中的“属性(Properties)”,其中列出了可供您选择的操作。
在“属性(Properties)”窗口中,您可以找到有关所选规则、其作用和应用时间的完整信息。您还可以编辑其属性并更改任何可用参数。要在我们的示例中启用规则,请选中复选框已启用(Enabled),然后按OK按钮。
当我们返回到具有高级安全性的 Windows Defender 防火墙(Windows Defender Firewall with Advanced Security)窗口时,该规则的绿色复选框显示它已启用。
有关管理这些规则的更多详细信息,请阅读如何在具有高级安全(Advanced Security)性的Windows 防火墙中(Windows Firewall)添加和管理规则(Add & Manage Rules)。
什么是连接安全规则(Connection Security Rules)?
连接安全(Connection security)规则用于在两台计算机通过网络时保护其之间的流量。一个示例是定义必须加密两台特定计算机之间的连接的规则。这些规则定义了使用IPsec(Internet 安全协议(Internet Security Protocol))对计算机进行身份验证的方式和时间。
虽然入站或出站规则(inbound or outbound rules)仅适用于一台计算机,但连接安全(connection security)规则要求两台计算机定义和启用相同的规则。如果您想查看您的计算机上是否有任何此类规则,请单击或点击(click or tap) 左侧面板上的“连接安全规则” 。("Connection Security Rules")默认情况下,Windows计算机和设备上没有定义此类规则。它们一般用在商业环境中,由网络管理员(network administrator)设置这样的规则。
具有高级安全(Advanced Security)性的Windows Defender 防火墙(Defender Firewall)- 它监控什么?
具有高级安全性的Windows Defender 防火墙(Windows Defender Firewall with Advanced Security)还包括一些监视功能。在监控(Monitoring)部分,您可以找到以下信息:活动的防火墙规则(入站和出站(inbound and outbound))、活动的连接安全(connection security)规则以及是否有任何活动的安全关联。
您应该注意,监控(Monitoring)部分仅显示当前网络位置(network location)的活动规则。如果有为其他网络位置(network location)启用的规则,则在本节中看不到它们。
您想要Windows Defender 防火墙(Windows Defender Firewall)中的哪些规则?
我们审查了您在具有高级安全性的 Windows Defender 防火墙(Windows Defender Firewall with Advanced Security)中找到的所有内容。现在您已了解Windows 设备(Windows device)上存在的各种规则,您可以了解有关添加和管理防火墙规则的更多信息。在下面的评论中让我们知道您想为您的Windows Defender 防火墙(Windows Defender Firewall)设置什么样的规则。
Windows Defender Firewall with Advanced Security: What is it? How to open it? What can you do with it?
The Windows Defender Firewall with Advanced Security is a tool which gives you detailed control over the rules that are applied by the Windows Defender Firewall. You can view all the rules that are used by the Windows Defender Firewall, change their properties, create new rules or disable existing ones. In this tutorial, we share how to open the Windows Defender Firewall with Advanced Security, how to find your way around it, and talk about the types of rules that are available and what kind of traffic they filter.
NOTE: This guide covers Windows 10, Windows 7, and Windows 8.1. If you do not know the version of Windows that you have, read this tutorial: What version of Windows do I have installed?.
What is Windows Defender Firewall with Advanced Security?
First, let's clarify the name. The native firewall in Windows is named Windows Defender Firewall in Windows 10 while in Windows 7 and Windows 8.1 it retains the old name of Windows Firewall. Similarly, the tool we cover in this tutorial is named Windows Defender Firewall with Advanced Security in Windows 10 and Windows Firewall with Advanced Security in Windows 7 and Windows 8.1. The tool looks and functions identically in all three Windows versions. For this article, we use screenshots from Windows 10 and use the name Windows Defender Firewall with Advanced Security, but our tutorial is valid for all three Windows versions.
Windows Defender Firewall helps secure your Windows device by filtering the network traffic permitted to enter or exit your device. The tool is built as a snap-in on the Microsoft Management Console, and its executable file is named wf.msc. For more details on Windows Defender Firewall, read What is the Windows Firewall and how to turn it on or off?.
Control Panel provides a couple of basic settings for Windows Defender Firewall while Windows Defender Firewall with Advanced Security gives you access to all its features. Windows 10 has introduced basic firewall settings in its Settings app, but for full control of Windows Defender Firewall, it sends you to the Windows Defender Firewall with Advanced Security.
How to access the Windows Defender Firewall with Advanced Security
The easiest method to open Windows Defender Firewall with Advanced Security in all three Windows versions is to search for its executable file. Type "wf.msc" in the Windows search box and click or tap on the result.
In Control Panel you can access the Windows Defender Firewall with Advanced Security by going to "System and Security -> Windows Defender Firewall," and then by clicking or tapping Advanced settings.
In Windows 10, you can find a shortcut for Windows Defender Firewall with Advanced Security in the Start Menu using the following path: "Start Menu → Windows Administrative Tools → Windows Defender Firewall with Advanced Security."
What can you do with Windows Defender Firewall with Advanced Security?
The tool gives you access to all the features of Windows Defender Firewall. Here are some of the benefits of using it:
-
Reduces the risk of security attacks from the network. Windows Defender Firewall is not a complete security solution, but it reduces the chances of a successful network attack.
-
Authenticates access to your device. It can do it using IPsec (Internet Protocol Security), which enforces the integrity of data and protects confidentiality.
-
Provides firewall capability with no additional investment. Windows Defender Firewall is part of Windows. You get the firewall without spending money or installing additional software.
Windows Defender Firewall with Advanced Security delivers the benefits using these features:
- Inbound and Outbound Rules
- Connection Security Rules
- Monitoring
What are the inbound and outbound rules?
To provide the security you need, the Windows Defender Firewall has a standard set of inbound and outbound rules, which are enabled depending on the location of the connected network.
Inbound rules are applied to the traffic that is coming from the network and the internet to your Windows computer or device. Outbound rules apply to the traffic from your computer to the network or the Internet.
These rules can be configured so that they are specific to computers, users, programs, services, ports or protocols. You can also specify to which type of network adapter (e.g., wireless, cable, virtual private network) or user profile it is applied.
In the Windows Defender Firewall with Advanced Security, you can access all rules and edit their properties. All you have to do is click or tap the appropriate section in the left-side panel.
The rules used by the Windows Defender Firewall can be enabled or disabled. The ones which are enabled or active are marked with a green checkbox in the Name column.
Let's pick as an example one of the rules for Windows Media Player Network Sharing Service. If you manage your media library on your Windows device with Windows Media Player, you can decide to share it over the network. The rules for this purpose are disabled by default (the green checkbox is missing next to their names).
If you want to know more about a specific rule and see its properties, right click on it and select Properties or select it and press Properties in the column on the right, which lists the actions that are available for your selection.
In the Properties window, you find complete information about the selected rule, what it does and when it is applied. You can also edit its properties and change any of the available parameters. To enable the rule in our example, mark the checkbox Enabled and press the OK button.
When we return to the Windows Defender Firewall with Advanced Security window, the rule has the green checkbox showing it is enabled.
For more details on managing these rules, read How to Add & Manage Rules in the Windows Firewall with Advanced Security.
What are the Connection Security Rules?
Connection security rules are used to secure traffic between two computers while it crosses the network. One example would be a rule which defines that connections between two specific computers must be encrypted. These rules define how and when computers are authenticated using IPsec (Internet Security Protocol).
While the inbound or outbound rules are applied only to one computer, connection security rules require both computers to have the same rules defined and enabled. If you want to see if there are any such rules on your computer, click or tap "Connection Security Rules" on the panel on the left. By default, there are no such rules defined on Windows computers and devices. They are generally used in business environments, and the network administrator sets such rules.
Windows Defender Firewall with Advanced Security - What does it monitor?
The Windows Defender Firewall with Advanced Security includes some monitoring features as well. In the Monitoring section you can find the following information: the firewall rules that are active (both inbound and outbound), the connection security rules that are active and whether there are any active security associations.
You should note that the Monitoring section shows only the active rules for the current network location. If there are rules which get enabled for other network locations, you do not see them in this section.
What rules do you want in Windows Defender Firewall?
We have reviewed all that you find in the Windows Defender Firewall with Advanced Security. Now that you know the kinds of rules that exist on your Windows device, you can learn more about adding and managing firewall rules. Let us know in a comment below what kind of rules you would like to set up for your Windows Defender Firewall.
