Appendix C: Configuring Windows Firewall Settings for Windows Vista
Windows Vista offers several ways to configure Windows Firewall: By using Group Policy settings, by editing the Unattend.xml file prior to deployment, by writing scripts that call the Netsh firewall command, and manually by using the Windows Firewall control panel tool.
For Windows Vista, configure Windows Firewall policy in either of two places. Like Windows XP with SP2, configure Windows Firewall from the Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall node. For a description of these policies, see the Microsoft TechNet document, “Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2: Deploying Windows Firewall Settings With Group Policy,” at http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/depfwset/wfsp2wgp.mspx.
In addition, Windows Vista adds the ability to configure Windows Firewall rules using the Computer Configuration\Windows Settings\Security Settings\Windows Firewall With Advanced Security node. From this node, configure Windows Firewall settings and rules as well as IPSec connection settings. These settings apply only to Windows Vista computers—not to computers running Windows XP with SP2 computers.