Windows Firewall: Do not allow exceptions

Specifies that Windows Firewall blocks all unsolicited incoming messages. This policy setting overrides all other Windows Firewall policy settings that allow such messages. If you enable this policy setting in the Windows Firewall component of Control Panel the “Block all incoming connections” check box is selected and administrators cannot clear it. You should also enable the “Windows Firewall: Protect all network connections” policy setting; otherwise administrators who log on locally can work around the “Windows Firewall: Do not allow exceptions” policy setting by turning off the firewall. If you disable this policy setting Windows Firewall applies other policy settings that allow unsolicited incoming messages. In the Windows Firewall component of Control Panel the “Block all incoming connections” check box is cleared and administrators cannot select it. If you do not configure this policy setting Windows Firewall applies other policy settings that allow unsolicited incoming messages. In the Windows Firewall component of Control Panel the “Block all incoming connections” check box is cleared by default but administrators can change it.

You May Also Like

More From Author

2Comments

Add yours
  1. 1
    Registry path is:

    HKEY_LOCAL_MACHINE -> SOFTWARE -> Policies -> Microsoft -> WindowsFirewall -> DomainProfile # DoNotAllowExceptions

  2. 2
    The Administrative Template path is:

    Network -> Network Connections -> Windows Firewall -> Domain Profile

Comments are closed.