Windows Firewall with Advanced Security Learning Roadmap

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

Windows Firewall with Advanced Security helps secure your computer and its communications from threats on the network. It combines the features of a host-based, stateful firewall, and a complete, standards-compliant IPsec protocol stack that can be used to protect your network packets as they traverse the network.

If you are new to Windows Firewall with Advanced Security, this topic can help you identify what you need to learn to fully understand and use all of the features available in Windows Firewall with Advanced Security. It includes prerequisite topics that cover a variety of networking fundamentals. You must understand the prerequisite topics first, because the topics for Windows Firewall with Advanced Security build upon them and assume an understanding of them. Afterwards, you can begin learning about Windows Firewall with Advanced Security by reading the documents in the Level 100, 200, and 300 sections.

We recommend that you read the topics in the order listed.

  • Prerequisites

  • Level 100

  • Level 200

  • Level 300

Prerequisites

This section contains links to a variety of topics and books that contain background information that will help you fully understand how Windows Firewall with Advanced Security works.

Level 100

The following topics contain introductory information about Windows Firewall with Advanced Security.

Level 200

The following topics contain intermediate information about Windows Firewall with Advanced Security.

  • Step 1: Learn how to create an effective design for a Windows Firewall with Advanced Security implementation.

    See Windows Firewall with Advanced Security Design Guide (http://technet.microsoft.com/en-us/library/cc732024(WS.10).aspx).

    This topic discusses in detail the process of designing firewall and server and domain isolation scenarios that meet your organization’s requirements for network security.

    Your goal is to understand the information must be gathered, the kinds of decisions that must be made, and the design options for the various firewall and isolation scenarios.

  • Step 2: Learn how to deploy your Windows Firewall with Advanced Security design.

    See Windows Firewall with Advanced Security Deployment Guide (http://technet.microsoft.com/en-us/library/cc972925(WS.10).aspx).

    This topic discusses how to effectively implement your design by providing procedures that answer the “how” questions that go along with the “what”, “when”, and “why” questions that you answered in the Design Guide.

    Your goal is to understand how to create comprehensive firewall and IPsec policies that can be deployed to the computers in your organization to implement effective host firewall and isolation strategies.

  • Step 3: Practice with your design and deployment in a test lab before putting it into production.

    See Setting Up IPsec Domain and Server Isolation in a Test Lab (http://www.microsoft.com/downloads/details.aspx?FamilyId=5ACF1C8F-7D7A-4955-A3F6-318FEE28D825&displaylang=en).

    This topic contains procedures that demonstrate how to set up IPsec domain and server isolation in a limited test environment, which you can use as a basis for your own deployment.

    Your goal is to understand the reasons for using a lab environment to configure and test your server and domain isolation policies, and how to get the most information from your lab setup to make your production deployment more successful.

  • Step 4: Learn basic troubleshooting procedures for Windows Firewall with Advanced Security.

    See Windows Firewall with Advanced Security Troubleshooting Guide: Diagnostics and Tools (http://technet.microsoft.com/en-us/library/cc722062(WS.10).aspx).

    This topic describes common troubleshooting situations and the tools you can use to help diagnose and resolve connectivity problems related to Windows Firewall and IPsec.

    Your goal is to understand the kinds of problems that commonly occur when using firewall and connection security rules in your network, and the tools that you can use to diagnose and resolve those problems.

Level 300

The following topics contain advanced information about Windows Firewall with Advanced Security.

  • Step 1: Learn the details of the IPsec protocols and packets, and how they are processed by Windows.

    See chapter 18 “Internet Protocol Security (IPsec)” of the Windows Server 2008 TCP/IP Protocols and Services Microsoft Press book (http://go.microsoft.com/fwlink/?linkid=153195)

    This topic provides details of the IPsec protocols and examines the structure of IPsec packets.

    Your goal is to understand the different types of IPsec headers and trailers, and packet processing for IPsec-protected packets.

  • Step 2: Learn about advanced features in Windows Firewall with Advanced Security.

    See the Windows Firewall Technical Reference (http://go.microsoft.com/fwlink/?linkid=161824).

    These topics describe advanced details of the Windows implementation of Windows Firewall with Advanced Security, and contain reference material. Read them as appropriate for your Windows Firewall and IPsec environment

Additional Resources

To share your suggestions for resources to help others learn about Windows Firewall with Advanced Security, see Community Suggestions for Ramping up on Windows Firewall with Advanced Security (http://go.microsoft.com/fwlink/?LinkId=214939).

Feedback

Your feedback is valuable and welcome! Please rate this content using the stars in the upper-right of your browser window, or send your comments and suggestions to Windows Firewall with Advanced Security Documentation Feedback (wfasdoc@microsoft.com). The author will review your comments and use them to help improve this documentation. Your e-mail address will not be saved or used for any other purposes.