Creating Rules that Block Unwanted Outbound Network Traffic

Updated: December 7, 2009

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

By default, Windows Firewall with Advanced Security allows all outbound network traffic. If your organization prohibits specific network programs on organization computers, you can help enforce that prohibition by blocking the network traffic that the programs require to operate correctly.

By default, inbound network traffic to a computer that does not match a rule is blocked, but nothing prevents outbound traffic from leaving a computer. To block the network traffic for prohibited programs, you must create an outbound rule that blocks traffic with specific criteria from passing through Windows Firewall with Advanced Security. Alternatively, you can change the default outbound action to block, and then create outbound allow rules to allow required traffic. This is the technique demonstrated in this section.

Steps for blocking outbound network traffic and creating rules that allow permitted outbound network traffic

In this section of the guide, you configure the default outbound behavior to block outbound network traffic. You then create a rule that permits outbound Telnet traffic.

Step 1: Configuring the Default Outbound Firewall Behavior to Block

Step 2: Allowing Network Traffic for a Program by Using an Outbound Rule

Next topic: Step 1: Configuring the Default Outbound Firewall Behavior to Block