Protecting Your Data: A Guide to Windows Firewall

Network Uptime Exclusives

Secrets of Network Cartography: A Comprehensive Guide to nmap
Under the Surface of Azeroth: A Network Baseline and Security Analysis of Blizzard's World of Warcraft
Protecting Your Data: A Guide to Windows Firewall
Freebie Software List
Technical Resource Library
comp.dcom.lans.ethernet FAQ
comp.dcom.lans.token-ring FAQ

Links

Archives by Category

Case Studies
Columns
General Information
Links
Newsletter Archives
Questions and Answers
Tip-of-the-Moment
Tutorials

Network Analysis Links

Laura Chappel's Protocol Analysis Institute
Tek-Tips Forums
SANS Internet Storm Center
Internet Traffic Report
DNSStuff.com
IEEE OUI and Company_id Assignments
Download IEEE 802 Specifications

You are reading:
Protecting Your Data: A Guide to Windows Firewall

Exceptions / Add a Program / Change Scope

The Windows firewall allows each application exception to be configured with a scope parameter. This scope parameter allows an application exception, but only to the computers that you specify. For example, a single application could be accessed by the computers on your local home network, but not by any other computers on the Internet.

Any computer - The default scope is "Any computer (including those on the Internet)." This allows the application exception to apply to all computers everywhere. This option provides the widest possible scope, and it's automatically applied to all new exceptions.

My network only - Another scope option would be the restriction of the application to "My network (subnet) only." This scope might be applied to sensitive applications such as file and print sharing. This scope would allow access to file and print sharing on your local home network, but would restrict your files and printers from users on the Internet.

Custom list - The custom list is for very specific scopes that would include a single computer or a range of computers. A single IP address of a remote device can be added, or an entire subnet of IP addresses can be included by separating the IP address and subnet mask pair with a forward-slash.

This custom scope would be useful in larger environments where many different subnets existed and restrictions were still required outside of the organization. This would allow the internal computers on a large network to access your computer but still restrict users from outside the organization.

These scope options are used in all of the Windows Firewall application exceptions. The scope can be changed or removed from the application type by editing the corresponding Windows Firewall exception.

Network Uptime

You are reading:Protecting Your Data: A Guide to Windows Firewall

Exceptions / Add a Program / Change Scope

You are reading:
Protecting Your Data: A Guide to Windows Firewall