Host Based Firewall Management
On all Manage OS VMs, a host based firewall is running in addition to the Distributed Firewall. This provides an additional layer of protection.
Configure firewall rules for Managed Windows
On Managed Windows the host based Firewall and all profiles are enabled and active.
Inbound connections that do not match a rule are blocked, and Outbound connections that do not match a rule are allowed.
The customer has the possibility to add custom rules to the ruleset, this can be done on the machine directly in the Temp Admin state.
Add custom Rule
Custom Rules can be added with the Snapin Windows Firewall with Advanced Security or PowerShell.
New-NetFirewallRule -DisplayName 'Application Alpha' -Description 'Customer Application Alpha, TCP Port 445' -Direction Inbound –LocalPort 445 -Protocol TCP -Action Allow