{"id":265,"date":"2021-09-16T10:50:33","date_gmt":"2021-09-16T14:50:33","guid":{"rendered":"https:\/\/www.anthonyfontanez.com\/?p=265"},"modified":"2021-09-16T10:50:36","modified_gmt":"2021-09-16T14:50:36","slug":"windows-firewall-the-series","status":"publish","type":"post","link":"https:\/\/anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-the-series\/","title":{"rendered":"Windows Firewall: The Series"},"content":{"rendered":"\n<p>I&#8217;ve had an idea for a while now to write a series of posts covering configuration of the Windows Firewall, including topics such as:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Basic configuration of various types of endpoints<\/li><li>How to utilize IPSec to control access using Kerberos identities instead of IP addresses<\/li><li>Certificate-based authentication<\/li><li>How to safely and securely make all of your infrastructure internet-facing and accessible. Yes, everything. Even Domain Controllers.<\/li><\/ul>\n\n\n\n<p>I&#8217;ll be going over a number of topics; this page will serve as the index for all of them.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a rel=\"noreferrer noopener\" href=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-1-the-basics--securing-clients\/\" data-type=\"URL\" data-id=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-1-the-basics--securing-clients\/\" target=\"_blank\">Part 1: The Basics &amp; Securing Clients<\/a><\/li><li><a rel=\"noreferrer noopener\" href=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-2-securing-servers--domain-controllers\/\" data-type=\"URL\" data-id=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-2-securing-servers--domain-controllers\/\" target=\"_blank\">Part 2: Securing Servers &amp; Domain Controllers<\/a><\/li><li><a rel=\"noreferrer noopener\" href=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-3-domain-ipsec-configuration\/\" data-type=\"URL\" data-id=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-3-domain-ipsec-configuration\/\" target=\"_blank\">Part 3: Domain IPSec Configuration<\/a><\/li><li><a rel=\"noreferrer noopener\" href=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-4-identity-based-access-control-via-kerberos\/\" data-type=\"URL\" data-id=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-4-identity-based-access-control-via-kerberos\/\" target=\"_blank\">Part 4: Identity-based access control via Kerberos<\/a><\/li><li><a rel=\"noreferrer noopener\" href=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-5-bootstrapping-kerberos-via-certificate-authentication\/\" data-type=\"URL\" data-id=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-5-bootstrapping-kerberos-via-certificate-authentication\/\" target=\"_blank\">Part 5: Bootstrapping Kerberos via Certificate Authentication<\/a><\/li><li><a href=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-6-azure-ad-joined-clients\/\" data-type=\"URL\" data-id=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-6-azure-ad-joined-clients\/\" target=\"_blank\" rel=\"noreferrer noopener\">Part 6: Azure AD Joined Clients<\/a><\/li><li><a rel=\"noreferrer noopener\" href=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-7-final-thoughts\/\" data-type=\"URL\" data-id=\"https:\/\/www.anthonyfontanez.com\/index.php\/2021\/09\/16\/windows-firewall-part-7-final-thoughts\/\" target=\"_blank\">Part 7: Final Thoughts<\/a><\/li><\/ul>\n\n\n\n<p>A number of assumptions are made about existing infrastructure. Below, I&#8217;ve listed these and parts they are relevant to.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Active Directory Domain Services infrastructure (all parts)<\/li><li>Various domain-joined servers and clients (all parts)<\/li><li>Publicly-resolvable domain DNS (parts 5 and 6)<\/li><li>Domain Controllers with publicly-accessible IP addresses (parts 5 and 6)<\/li><li>Active Directory Certificate Services infrastructure (parts 5 and 6)<\/li><li>Azure AD Connect (part 6)<\/li><li>Intune-managed Azure AD joined clients (part 6)<\/li><li>Intune Certificate Connector (part 6)<\/li><\/ul>\n\n\n\n<p>In this series, I make reference to my lab configuration many times. Please see <a rel=\"noreferrer noopener\" href=\"https:\/\/ajf8729.com\/lab-configuration\/\" target=\"_blank\">https:\/\/ajf8729.com\/lab-configuration\/<\/a> for more information.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I&#8217;ve had an idea for a while now to write a series of posts covering configuration of the Windows Firewall, including topics such as: Basic<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6,7],"tags":[2,3],"class_list":["post-265","post","type-post","status-publish","format-standard","hentry","category-active-directory","category-security","tag-active-directory","tag-security"],"jetpack_featured_media_url":"","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/anthonyfontanez.com\/index.php\/wp-json\/wp\/v2\/posts\/265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/anthonyfontanez.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/anthonyfontanez.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/anthonyfontanez.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/anthonyfontanez.com\/index.php\/wp-json\/wp\/v2\/comments?post=265"}],"version-history":[{"count":11,"href":"https:\/\/anthonyfontanez.com\/index.php\/wp-json\/wp\/v2\/posts\/265\/revisions"}],"predecessor-version":[{"id":400,"href":"https:\/\/anthonyfontanez.com\/index.php\/wp-json\/wp\/v2\/posts\/265\/revisions\/400"}],"wp:attachment":[{"href":"https:\/\/anthonyfontanez.com\/index.php\/wp-json\/wp\/v2\/media?parent=265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/anthonyfontanez.com\/index.php\/wp-json\/wp\/v2\/categories?post=265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/anthonyfontanez.com\/index.php\/wp-json\/wp\/v2\/tags?post=265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}