none
client side firewall via GPO question

    Question

  • I am in the process of testing a new client side firewall that will be enforced via GPO, domain, public and private. So here is my question, I would like to remove all firewall rules that have been added locally. I have set firewall merging to "No" to not allow local firewall config. So on my test machine, the firewall GPO is in effect, it is enforcing the rules i have configured so far, however, it does not remove the rules that were present prior to testing.

    Here is a piece of an article i found while researching;

    **Another question related to this is about how to prevent the local users from being able to create rules. While you can’t prevent the users from creating a rule you can prevent the rules created by users from being applied (BTW the rule will still be displayed in the GUI) by using the “Apply local Firewall Rules” setting. Again a user cannot create a rule to override a block rule from group policy.
    In the interest of full disclosure a user could potentially override the “Apply local Firewall Rules” setting as documented in the MSDN article.

    technet.microsoft.com/en-us/library/cc755191(WS.10).aspx

    The logging policy can be overridden by the local policy because the merger law is set to on.**

    Reading that, it appears as though even though the local user can create a rule, example: Skype, that rule wont actually work due to the firewall being enforced by GPO and merging not allowed? Is that correct?

    Also, is there a way to completely remove all firewall rules that are not pushed from the GPO?

    Hopefully im being clear on this, but will add info with any questions you may have

    Server 08 r2 , windows 7 clients

    Thanks in advance
    Wednesday, January 22, 2014 7:31 PM

All replies