WF.msc: Chii uye maitiro ekuita Windows Advanced Firewall

Mundobytes » IT » Kuchengeteka » WF.msc: Chii, kuti ndechei, uye nzira yekuziva firewall yepamusoro muWindows

WF.msc ndiyo yepamberi firewall manejimendi console ye Windows, yakakosha pakugadzira, kugadzirisa uye kutonga network network zvakadzama.
Inokutendera kuti ushandise mitemo yakavakirwa panetiweki profiles uye maneja kunze, maodhisheni uye otomatiki kuburikidza PowerShell kana mitemo yeboka.
Kushandiswa kwayo kwakakosha munzvimbo dzehunyanzvi uye dzepamba kusimbisa chengetedzo, kuvharira kutyisidzira, uye kugadzirisa kuwana kwekushandisa uye masevhisi.

windows firewall

Faira wf.msc inoenderana ne Windows Firewall Management Console ine Advanced Security. Iyi faira, kazhinji inowanikwa mudhairekitori Windows\System32, inoshandisa graphical interface kuburikidza iyo inokwanisika kugadzirisa, kugadzirisa uye kutarisa mitemo yakaoma yeWindows firewall. Mukana mukuru wewf.msc pamusoro pemamwe mafomu eutariri idanho rayo repamusoro re granularity, zvichikubvumidza kuti udzore traffic inouya uye inobuda, shandisa chaiyo mitemo kumapurogiramu kana masevhisi, tsanangura zvirambidzo zvinoenderana netiweki profiles, nezvimwe zvakawanda.

Paunovhura wf.msc kubva kuRun dialog box (shortcut Win + R) kana kubva mumutsara we rairo, unowana tsika yeMMC (Microsoft Management Console) yakagadzirirwa kushanda zvakadzika neWindows Firewall. Kuwana uku kwakakosha kumabasa ekutonga sevha, nzvimbo dzebhizinesi, kana nharaunda uko kutonga kwenetiweki nekuchengetedzeka kuri pamberi.

Chii chinonzi wf.msc uye inokurudzirwa kuishandisa riini?

wf.msc Inonyanya kushandiswa kune:

Gadzira, gadzirisa, uye dzima mitemo yefirewall (yetraffic inouya neinobuda).
Bvumira kana kuvharira mamwe maapplication, masevhisi, kana maprotocol.
Tsanangura mitemo yakavakirwa pane network profile (domain, private, public).
Tarisa firewall chiitiko uye uwane ruzivo rwekuongorora.
Tumira kunze uye unza zvigadziriso zvefirewall kuti uzviite nyore nyore mumakomputa akasiyana.

Kushandiswa kwaro kunonyanya kukurudzirwa mumamiriro ezvinhu apo chiyero chepamusoro chekudzivirira uye kugadzirisa kunodiwa.Semuyenzaniso, pamaseva eWindows, makomputa ari munzvimbo dzemakambani, kana nharaunda dzine kuchengetedzwa kwakasimba. Inokutendera kuti utsanangure mitemo yetsika zvichienderana nemamiriro ezvinhu, mushandisi, application, ports kana IP kero inobatanidzwa., kuve yakakosha kune vatariri, matekiniki uye vashandisi vepamberi.

Ndinowana nekushandisa sei wf.msc console?

wf.msc

Kuti uvhure wf.msc, tevera matanho aya:

Dzvanya Win + R kuvhura iyo "Run" dialog.
Nyora wf.msc uye tinya pinda.

Iyo Windows Firewall ine Advanced Security console ichavhura. Iyi interface inowanzo patsanurwa kuita pani yekufambisa, yepakati pane, uye nekukurumidza zviito. Inopa sarudzo dzese dzekugadzira, kugadzirisa, uye kutonga mitemo ye firewall, pamwe nekubatanidza uye yekutarisa mitemo.

Kugadzirisa zita remaapplication eAroid: Ini ndinopa zita uye kugadzirisa sei zita remaapplication?

Kubva pane console unogona:

Ona mitemo yese inoshanda uye chimiro chayo.
Gadzira tsika mitemo yemashandisirwo, madoko, maprotocol, IP kero, nezvimwe.
Gadzirisa firewall maitiro zvichibva pane network profile.
Gonesa kana kudzima mitemo kwenguva pfupi kana zvachose.
Export and import settings (.wfw).
Ongorora zviitiko kuti uone kuedza kusina mvumo.

Main firewall components uye profiles mu wf.msc

Iyo Windows Firewall, yakarongeka kuburikidza newf.msc, inoshanda nemaprofiles anoshandisa marongero akasiyana zvichienderana netiweki iyo komputa yakabatana:

Domain profile: Inoshanda kana yabatanidzwa kune Active Directory domain, yakajairika mumakambani.
Yakavanzika nhoroondo: Kumba kana network yakavimbika, senge hofisi diki kana imba LAN.
Ruzhinji rwevanhu: Kune akavhurika network, seyeruzhinji Wi-Fi, ine njodzi huru.

Imwe neimwe nhoroondo inogona kuve neyayo mitemo uye marongero.Semuenzaniso, kubvumira RDP chete pane iyo domain profile, kuvharira zviteshi pane yeruzhinji profil, kana kushandisa zvakatemwa zvirambidzo pane yakavanzika mbiri.

Mhando dzemitemo inogona kugadzirwa muwf.msc

WF.msc inopa marudzi akasiyana emitemo, imwe neimwe yakarongedzwa kune chimwe chinangwa:

Mitemo yePurogiramu: Bvumira kana kuvharira traffic kune chaiwo maapplication kana maitiro.
Port mitemo: Ivo vanodzora kuvhurwa uye kuvharika kweakakosha TCP / UDP ports yemasevhisi.
Predefined rules: Zvirongwa zvakajairika zveanozivikanwa Windows masevhisi.
Custom Rules: Iyo yakanyanya kuchinjika sarudzo, kusanganisa maitiro akadai sechirongwa, chiteshi, IP uye chimiro.

Izvi zvakasiyana-siyana zvinobvumira firewall kuti ienderane kune chero mamiriro ezvinhu, kubva pakuvhara masevhisi ane njodzi kusvika kuvharira kuwana kune chaiwo makomputa kana IP siyana.

Yepamberi kutonga kwekutonga: kugadzira, kugadzirisa, uye kudzima

Kugadzira mitemo yezvinouya kana kubuda ndeimwe yemasimba ewf.msc. Maitiro acho anotungamirwa nea intuitive wizard, kwaunosarudza rudzi rwekutonga, tsanangura chikumbiro kana chiteshi, tsanangura iyo IP renji, isa chiito (kubvumira kana kuvharira), uye sarudza iyo network network.

Semuenzaniso, kubvumidza chete RDP kubatana kubva kune chaiyo IPs, gadzira mutemo paTCP port 3389, igumire kune iwo maIPs, uye ishandise iyo chete kune domain kana yakavanzika profiles. Izvi zvinowedzera kuchengetedzeka uye zvinoderedza njodzi yekuwanikwa isina mvumo.

Dual-booting Windows neLinux: Maitiro ekusarudza iyo Default Operating System

Kana application ichishandisa akawanda madoko, kugadzira-program-based mitemo inobatsira, sezvo firewall ichizozvigadzirisa pazviteshi zvese zvakashandiswa.

Kuongorora uye kuongorora mu wf.msc

Chimwe chinhu chakakosha kutarisa traffic uye kuongorora chiitiko.Izvi zvinokutendera kuti uone zvinotenderwa kana zvakavharika zvinongedzo, kuitira kuti uongorore zvinogona kutyisidzira kana kukanganisa.

Kubva pane koni, unogona kuona matanda ekuongorora, gonesa mapakeji matanda, uye %SYSTEMROOT%\System32\logfiles\firewall\pfirewall.log uye ongorora kuedza kunofungidzirwa kubatanidza.

Iri basa rinobatsira kuona anomalies, kururamisa shanduko, uye kutevedzera mitemo yekuchengetedza.

Kutumira kunze uye kupinza mitemo yefirewall

Kutumira kunze uye kuunza marongero muwf.msc inobvumidza iwe kubata akawanda machina ane masisitimu akafanana kana kudzokorora mitemo munzvimbo dzakasiyana siyana.

Shandisa "Export Policy" sarudzo kugadzira .wfw mafaira, anogona kubva kunze kwenyika kune mamwe masisitimu. Iyi nzira inochengetedza nguva, inovimbisa kuenderana, uye inofambisa manejimendi epakati kuburikidza nemapoka marongero munzvimbo dzedunhu.

Dzimwe nzira uye dzimwe nzira dzekugadzirisa firewall

Pamusoro pe wf.msc, kune dzimwe sarudzo dzekugadzirisa Windows firewall:

Basic configuration kubva kuControl Panel: kugonesa / kudzima uye nyore kusarudzika.
PowerShell: pamwe module NetSecurity uye cmdlets senge New-NetFirewallRule inopa kutonga kwakazara kuburikidza nemirairo mutsara kana otomatiki zvinyorwa.
Netsh inoraira: ichiri kushanda kunyangwe isingachashandi kana ichienzaniswa nePowerShell, ivo vanobvumira magadzirirwo epamberi.
Group Policy (GPMC): yekuiswa kwepakati kwemitemo pamakomputa akawanda, kunyanya munzvimbo dzemabhizinesi.

Nzira yekugadzira mitemo ye firewall uchishandisa PowerShell

Vazhinji maneja vanosarudza PowerShell kuti iite otomatiki mabasa nekuti inovabvumidza kugadzira, kugadzirisa, uye kudzima mitemo mumabhechi uye nenzira inogoneka.

Ona ese aripo cmdlets:
Get-Command -Module NetSecurity
Vhura firewall pane ese profiles:
Set-NetFirewallProfile -All -Enabled True
Gadzira mutemo wekubvumira RDP chete kubva kune chaiyo IP:
New-NetFirewallRule -DisplayName "AllowRDP" -RemoteAddress 10.0.0.2 -Direction Inbound -Protocol TCP -LocalPort 3389 -Action Allow
Bvumira RDP kubva kumhando dzeIPs:
$allowedips = @("10.0.0.2-10.0.0.254")
New-NetFirewallRule -DisplayName "AllowRDP" -RemoteAddress $allowedips -Direction Inbound -Protocol TCP -LocalPort 3389 -Action Allow

PowerShell nokudaro inova chishandiso chine simba chezvikuru-zvikuru otomatiki uye manejimendi, zvichiita kuti zvive nyore kugadzirisa kuti wf.msc chii uye nzira yekuisimudzira munzvimbo dzebhizinesi.

Kuisa miganhu muushamwari

Kubatanidza wf.msc neGroup Policy (GPO)

Mumasangano ane makomputa akawanda, batanidza firewall nemapoka marongero (GPO) Zvakakosha. Centralized manejimendi kuburikidza neGPMC inobvumira mitemo uye zvigadziriso kuti zviendeswe kune yese network, kuve nechokwadi chekuenderana uye kuderedza zvikanganiso zvemanyorero.

Kubva kuGPMC, mitemo inotsanangurwa kune akasiyana profiles, firewall inogoneswa kana kuvharwa, uye kuongororwa kunogadziriswa. Izvi zvinoita kuti zvinyatsoita kupindura kutyisidzira uye kuchengetedza yunifomu yekuchengetedza mutemo musangano rese..

Nzvimbo uye mazita e .msc mafaira muWindows

Faira wf.msc ndeimwe yemafaira e.msc akawanda anopa nzira yekudimbudzira yekuwana maturusi ekutonga muWindows:

compmgmt.msc: Team management.
services.msc: Maneja webasa.
events.msc: Zviitiko muoni.
diskmgmt.msc: Disk management.
gpedit.msc: Group Policy Editor.
lusrmgr.msc: Kutarisira vashandisi vemunharaunda uye mapoka.
taskschd.msc: Basa Rinoronga.
perfmon.msc: Performance monitor.
wmimgmt.msc: WMI Kudzora.
wf.msc: Firewall ine kuchengetedzwa kwepamusoro.

Zvishandiso izvi zvinogonesa centralized uye advanced system management, zvichibvumira kutonga kwakanaka kwekuchengetedza komputa uye kuita. Kuti udzidze maitiro ekumisikidza yakatarwa mitemo mu wf.msc, unogona kubvunza chinyorwa chedu Gadzirisa kure kure desktop kuburikidza neWindows Firewall.

Rondedzero yeanonyanya kubatsira MSC mirairo muWindows

compmgmt.msc: Team management.
services.msc: Maneja webasa.
eventvwr.msc: Zviitiko muoni.
diskmgmt.msc: Disk management.
gpedit.msc: Group policy editor.
lusrmgr.msc: Mushandisi uye boka manejimendi.
taskschd.msc: Basa Rinoronga.
perfmon.msc: Performance monitor.
wmimgmt.msc: WMI Kudzora.
wf.msc: Firewall ine kuchengetedzwa kwepamusoro.

Kugadzirisa zvikanganiso zvine chekuita newf.msc, senge firewall manejimendi kutadza, tinokurudzira kubvunza chinyorwa chedu pa. Zvekuita kana usingakwanise kubatidza Windows 10 firewall.

Isaac

Anofarira munyori nezve nyika yemabytes uye tekinoroji zvakazara. Ini ndinoda kugovera ruzivo rwangu kuburikidza nekunyora, uye ndizvo zvandichaita mune ino blog, kukuratidza zvinhu zvese zvinonyanya kufadza nezve gadget, software, hardware, tekinoroji maitiro, nezvimwe. Chinangwa changu ndechekukubatsira kufamba munyika yedhijitari nenzira iri nyore uye inonakidza.