Customize Settings for a Firewall Profile
Applies To: Windows Server 2008
Settings
Use these options to define who can make changes to firewall properties and profiles.
Allow local firewall rules
Select this option when, in addition to firewall rules applied by Group Policy that are specific to this computer, you want to allow administrators to create firewall rules on this computer. When you clear this option, administrators can still create rules, but the rules will not be applied. This setting is available only when configuring the policy through Group Policy.
Allow local connection security rules
Select this option when, in addition to connection security rules applied by Group Policy that are specific to this computer, you want to allow administrators to create connection security rules on this computer. When this option is cleared, administrators can still create rules, but the rules will not be applied. This setting is available only when configuring the policy through Group Policy.
Display a notification when a program is blocked
Select this option to have Windows Firewall with Advanced Security display notifications to the user when a program is blocked from receiving inbound connections.
Allow unicast response to multicast or broadcast requests
This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. If you enable this setting, and this computer sends multicast or broadcast messages to other computers, Windows Firewall with Advanced Security waits as long as three seconds for unicast responses from the other computers and then blocks all later responses. If you disable this setting, and this computer sends a multicast or broadcast message to other computers, Windows Firewall with Advanced Security blocks the unicast responses sent by those other computers.
Note
This setting has no effect if the unicast message is a response to a Dynamic Host Configuration Protocol (DHCP) broadcast message sent by this computer. Windows Firewall with Advanced Security always permits those DHCP unicast responses. However, this setting can interfere with the correct operation of any of the out-of-box discovery protocols that use broadcasts: for example, NetBIOS, SSDP, and WSDAPI.