Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
FSM-PO-SEC-C-Firewall_LSW
Data collected on: 2-9-2025 11:03:15
General
Details
Domainemea.tpg.ads
OwnerEMEA\poincon.7-adm
Created13-1-2023 13:30:48
Modified11-6-2025 18:02:52
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions30 (AD), 30 (SYSVOL)
Unique ID{33065a14-b098-4370-863c-7423e2063294}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
ClientsNoEnabledemea.tpg.ads/FR/Systems/Clients
ClientsNoEnabledemea.tpg.ads/MA/Systems/Clients
ClientsNoEnabledemea.tpg.ads/MG/Systems/Clients
ClientsNoEnabledemea.tpg.ads/TG/Systems/Clients
ClientsNoEnabledemea.tpg.ads/TN/Systems/Clients

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\FSM-L-SEC-GPO-Firewall_LSW
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\FR-G-ORG-OU AdminsEdit settings, delete, modify securityNo
EMEA\FR-L-SEC-Delegation Modify Group Policy Settings AccessEdit settings, delete, modify securityNo
EMEA\FSM-L-SEC-GPO-Firewall_LSWRead (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.31
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Inbound Rules
NameDescription
LSW - TCP 135
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port135
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
LSW - TCP 139
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port139
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
LSW - TCP 445
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port445
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
LSW - TCP 1025-5000
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port1025-5000
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
LSW - TCP 49152-65535
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port49152-65535
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Network Connections/Windows Defender Firewall/Domain Profile
PolicySettingComment
Windows Defender Firewall: Allow inbound remote administration exception Enabled
Allow unsolicited incoming messages from these IP addresses:*
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following in the "Allow unsolicited"
incoming messages from these IP addresses":
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
Network/Network Connections/Windows Defender Firewall/Standard Profile
PolicySettingComment
Windows Defender Firewall: Allow inbound remote administration exception Enabled
Allow unsolicited incoming messages from these IP addresses:*
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following in the "Allow unsolicited"
incoming messages from these IP addresses":
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
User Configuration (Enabled)
No settings defined.