Mapping Your Deployment Goals to a Windows Firewall with Advanced Security Design
- Windows 10
- Windows Server 2016
After you finish reviewing the existing Windows Firewall with Advanced Security deployment goals and you determine which goals are important to your specific deployment, you can map those goals to a specific Windows Firewall with Advanced Security design.
Important: The first three designs presented in this guide build on each other to progress from simpler to more complex. Therefore during deployment, consider implementing them in the order presented. Each deployed design also provides a stable position from which to evaluate your progress, and to make sure that your goals are being met before you continue to the next design.
Use the following table to determine which Windows Firewall with Advanced Security design maps to the appropriate combination of Windows Firewall with Advanced Security deployment goals for your organization. This table refers only to the Windows Firewall with Advanced Security designs as described in this guide. However, you can create a hybrid or custom Windows Firewall with Advanced Security design by using any combination of the Windows Firewall with Advanced Security deployment goals to meet the needs of your organization.
|Deployment Goals||Basic Firewall Policy Design||Domain Isolation Policy Design||Server Isolation Policy Design||Certificate-based Isolation Policy Design|
|Protect Devices from Unwanted Network Traffic||Yes||Yes||Yes||Yes|
|Restrict Access to Only Trusted Devices||-||Yes||Yes||Yes|
|Restrict Access to Only Specified Users or Devices||-||-||Yes||Yes|
|Require Encryption When Accessing Sensitive Network Resources||-||Optional||Optional||Optional|
To examine details for a specific design, click the design title at the top of the column in the preceding table.