Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
IT-PO-WIN-C-Firewall Enabled Computer
Data collected on: 2-9-2025 10:26:01
General
Details
Domainemea.tpg.ads
OwnerEMEA\padiglione.5-adm
Created13-5-2022 17:54:18
Modified9-2-2023 15:25:48
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions39 (AD), 39 (SYSVOL)
Unique ID{02f71afb-00ad-45c3-9882-a092f0177761}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
ClientsYesEnabledemea.tpg.ads/IT/Systems/Clients

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\IT-L-SEC-Firewall Enabled Computers
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\IT-L-SEC-Firewall Enabled ComputersRead (from Security Filtering)No
EMEA\padiglione.5-admEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.29
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOn
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsYes
Allow unicast responsesYes
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Inbound Rules
NameDescription
MSTeams
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%LocalAppData%\Microsoft\Teams\current\Teams.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
ProtocolAny
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
Avaya One-x
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramC:\Program Files (x86)\Avaya\Avaya one-X Communicator\onexcui.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
ProtocolAny
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
MSTeams_2
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%LocalAppData%\Microsoft\Teams\Update.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
ProtocolAny
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
Remote Desktop - Shadow (TCP-In)Inbound rule for the Remote Desktop service to allow shadowing of an existing Remote Desktop session. (TCP-In)
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\RdpSa.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalTrue
GroupRemote Desktop
Remote Desktop - User Mode (UDP-In)Inbound rule for the Remote Desktop service to allow RDP traffic. [UDP 3389]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol17
Local port3389
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
Servicetermservice
Allow edge traversalFalse
GroupRemote Desktop
Remote Desktop - User Mode (TCP-In)Inbound rule for the Remote Desktop service to allow RDP traffic. [TCP 3389]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port3389
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
Servicetermservice
Allow edge traversalFalse
GroupRemote Desktop
Outbound Rules
NameDescription
MSTeams
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%LocalAppData%\Microsoft\Teams\current\Teams.exe
ActionAllow
SecurityRequire authentication
Authorized computers
ProtocolAny
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Group
Avaya One-x
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramC:\Program Files (x86)\Avaya\Avaya one-X Communicator\onexcui.exe
ActionAllow
SecurityRequire authentication
Authorized computers
ProtocolAny
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Group
MSTeams_2
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%LocalAppData%\Microsoft\Teams\Update.exe
ActionAllow
SecurityRequire authentication
Authorized computers
ProtocolAny
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Group
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/IPv6 Configuration
PolicySettingComment
IPv6 Configuration PolicyEnabled
IPv6 ConfigurationEnable all IPv6 components (default)
Network/Network Connections/Windows Defender Firewall/Domain Profile
PolicySettingComment
Windows Defender Firewall: Allow ICMP exceptionsEnabled
Allow outbound destination unreachableEnabled
Allow outbound source quenchEnabled
Allow redirectEnabled
Allow inbound echo requestEnabled
Allow inbound router requestEnabled
Allow outbound time exceededEnabled
Allow outbound parameter problemEnabled
Allow inbound timestamp requestEnabled
Allow inbound mask requestEnabled
Allow outbound packet too bigEnabled
PolicySettingComment
Windows Defender Firewall: Allow inbound file and printer sharing exceptionEnabled
Allow unsolicited incoming messages from these IP addresses:10.117.1.0/24,10.117.129.0/24,10.50.0.13,10.50.0.14,10.117.96.0/24,10.204.8.182,10.117.210.0/24,10.117.192.0/24,10.117.132.0/24,10.117.3.0/24,10.117.196.0/23
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following in the "Allow unsolicited"
incoming messages from these IP addresses":
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
PolicySettingComment
Windows Defender Firewall: Allow inbound remote administration exception Enabled
Allow unsolicited incoming messages from these IP addresses:10.0.64.0/23,10.30.1.0/24,10.117.1.0/24,10.117.129.0/24,10.117.5.0/24,10.117.202.0/28,10.117.210.0/24,10.117.192.0/24,10.117.132.0/24,10.117.3.0/24,10.117.196.0/23
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following in the "Allow unsolicited"
incoming messages from these IP addresses":
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
PolicySettingComment
Windows Defender Firewall: Allow inbound Remote Desktop exceptionsEnabled
Allow unsolicited incoming messages from these IP addresses:*
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following in the "Allow unsolicited"
incoming messages from these IP addresses":
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
PolicySettingComment
Windows Defender Firewall: Allow local program exceptionsEnabled
Windows Defender Firewall: Define inbound program exceptionsEnabled
Define program exceptions:
%LocalAppData%\Microsoft\Teams\current\Teams.exe
%LocalAppData%\Microsoft\Teams\Update.exe
C:\Program Files (x86)\Avaya\Avaya one-X Communicator\onexcui.exe
Specify the program to allow or block.
Syntax:
<Path>:<Scope>:<Status>:<Name>
<Path> is the program path and file name
<Scope> is either "*" (for all networks) or
a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
<Status> is either "enabled" or "disabled"
<Name> is a text string
Example:
The following definition string adds the
TEST.EXE program to the program exceptions list
and allows it to receive messages from 10.0.0.1,
or any system on the 10.3.4.x subnet:
%programfiles%\test.exe:10.0.0.1,10.3.4.0/24:enabled:Test program
PolicySettingComment
Windows Defender Firewall: Prohibit notificationsDisabled
Windows Defender Firewall: Prohibit unicast response to multicast or broadcast requestsDisabled
Windows Defender Firewall: Protect all network connectionsEnabled
Network/Network Connections/Windows Defender Firewall/Standard Profile
PolicySettingComment
Windows Defender Firewall: Allow ICMP exceptionsEnabled
Allow outbound destination unreachableEnabled
Allow outbound source quenchEnabled
Allow redirectEnabled
Allow inbound echo requestEnabled
Allow inbound router requestEnabled
Allow outbound time exceededEnabled
Allow outbound parameter problemEnabled
Allow inbound timestamp requestEnabled
Allow inbound mask requestEnabled
Allow outbound packet too bigEnabled
PolicySettingComment
Windows Defender Firewall: Allow inbound file and printer sharing exceptionEnabled
Allow unsolicited incoming messages from these IP addresses:10.117.1.0/24,10.117.129.0/24,10.50.0.13,10.50.0.14,10.117.96.0/24,10.204.8.182,10.117.210.0/24,10.117.192.0/24,10.117.132.0/24,10.117.3.0/24,10.117.196.0/23
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following in the "Allow unsolicited"
incoming messages from these IP addresses":
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
PolicySettingComment
Windows Defender Firewall: Allow inbound remote administration exception Enabled
Allow unsolicited incoming messages from these IP addresses:10.117.1.0/24,10.117.129.0/24,10.50.0.13,10.50.0.14,10.117.96.0/24,10.204.8.182,10.117.210.0/24,10.117.192.0/24,10.117.132.0/24,10.117.3.0/24,10.117.196.0/23
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following in the "Allow unsolicited"
incoming messages from these IP addresses":
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
PolicySettingComment
Windows Defender Firewall: Allow inbound Remote Desktop exceptionsEnabled
Allow unsolicited incoming messages from these IP addresses:*
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following in the "Allow unsolicited"
incoming messages from these IP addresses":
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
PolicySettingComment
Windows Defender Firewall: Allow local program exceptionsEnabled
Windows Defender Firewall: Define inbound program exceptionsEnabled
Define program exceptions:
%LocalAppData%\Microsoft\Teams\current\Teams.exe
%LocalAppData%\Microsoft\Teams\Update.exe
C:\Program Files (x86)\Avaya\Avaya one-X Communicator\onexcui.exe
Specify the program to allow or block.
Syntax:
<Path>:<Scope>:<Status>:<Name>
<Path> is the program path and file name
<Scope> is either "*" (for all networks) or
a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
<Status> is either "enabled" or "disabled"
<Name> is a text string
Example:
The following definition string adds the
TEST.EXE program to the program exceptions list
and allows it to receive messages from 10.0.0.1,
or any system on the 10.3.4.x subnet:
%programfiles%\test.exe:10.0.0.1,10.3.4.0/24:enabled:Test program
PolicySettingComment
Windows Defender Firewall: Protect all network connectionsEnabled
User Configuration (Disabled)
No settings defined.