Windows Firewall: Protect all network connections

Information

Turns on Windows Firewall.

If you enable this policy setting Windows Firewall runs and ignores the 'Computer Configuration\Administrative Templates\Network\Network Connections\Prohibit use of Internet Connection Firewall on your DNS domain network' policy setting.

If you disable this policy setting Windows Firewall does not run. This is the only way to ensure that Windows Firewall does not run and administrators who log on locally cannot start it.

If you do not configure this policy setting administrators can use the Windows Firewall component in Control Panel to turn Windows Firewall on or off unless the 'Prohibit use of Internet Connection Firewall on your DNS domain network' policy setting overrides.

Solution

Policy Path: Network\Network Connections\Windows Firewall\Domain Profile
Policy Setting Name: Windows Firewall: Protect all network connections

See Also

https://blogs.technet.microsoft.com/secguide/2016/10/17/security-baseline-for-windows-10-v1607-anniversary-edition-and-windows-server-2016/

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7(12), CSCv6|9.2

Plugin: Windows

Control ID: dc49f9ee3f9fad7320454d254d6af05db6b4a2463d34c6041e72f93b6b8ff6ab