Network Location Types

Applies To: Windows Server 2008

Windows Vista® and Windows Server® 2008 classify the networks to which your computer is connected by location type. Each time your computer is connected to a new network, you are prompted to select the network location type. The type you specify will determine the network security settings that are applied to network traffic to and from that network.

When you move your computer from one network type to another, the operating system automatically adjusts the network security settings to those appropriate for the network location type of the new network. When you make changes to the security settings of a network location type, those changes apply to all networks of that location type.

The following are the network location types:

  • Public. A network that is shared with the public, such as a wireless network at an airport or coffee shop, or a computer directly attached to the Internet, with no security device between the computer and the network. By default, the security applied by Windows Firewall to the connection to a public network is very restrictive; all sharing and discovery is disabled.

    When you connect to a network for the first time, it is configured as a Public network location type until you specify otherwise.

  • Private. A network that cannot be directly accessed by the public, and has a gateway between it and the Internet. This could be a home or home-office network with a few computers and a broadband router that provides a connection to the Internet. By default, the security applied by Windows Firewall to a private network is less restrictive; discovery and sharing is enabled to computers on the local network.

    Although the user interface (UI) displays Home and Work in some windows, both choices correspond to the Private network location type.

  • Domain. A network managed by an administrator that uses an Active Directory domain controller to apply Group Policy to client computers. The Windows Firewall settings in a domain network can be configured by the network administrator to meet the organization's security requirements. The administrator can choose which Discovery and Sharing settings, as well as other Windows Firewall settings, can be changed by any user.

    The Domain network location type is automatically applied to your computer if it is joined to an Active Directory domain. If your computer is joined to a domain, then you cannot change the network location type.

You must have administrative credentials on the computer to change the network location type.

The settings that persist for each network location type are primarily for Windows Firewall with Advanced Security, and include firewall settings that can affect the following:

  • File and printer sharing

  • Media Center Extender

  • Windows Connect Now devices

  • Plug and Play Extensions (PnP-X)

  • Network Explorer

  • Peer to peer discovery

Other applications might also query the network location type and alter their performance accordingly.

Additional references