Use these options to define who can make changes to Windows Firewall properties and profiles.
 | To get to this dialog box |
From the Windows Firewall with Advanced Security MMC snap-in, in Overview, click Windows Firewall properties.
Select the tab that corresponds to the firewall profile you want to configure.
In Settings, click Customize.
Display a notification when a program is blocked
Select this option to have Windows Firewall with Advanced Security display a notification to the user when a program is blocked from receiving inbound connections. The notification appears when all of the following conditions are true:
- This option is selected.
- There is no existing block or allow rule for this program. If a block rule exists, then the program is blocked without displaying the notification to the user.
- The program is blocked by the default behavior of Windows Firewall.
The user is given the option to unblock the program, as long as the user has network operator or administrator permissions. Selecting the option to unblock the program automatically creates an inbound program rule for the program that was blocked.
Allow unicast response to multicast or broadcast requests
This option is useful if you need to control whether this computer receives unicast responses to its outgoing multicast or broadcast messages. If you enable this setting, and this computer sends multicast or broadcast messages to other computers, Windows Firewall with Advanced Security waits as long as 4 seconds for unicast responses from the other computers and then blocks all later responses. If you disable this setting, and this computer sends a multicast or broadcast message to other computers, Windows Firewall with Advanced Security blocks the unicast responses sent by those other computers.
Rule merging
Use these options when using Group Policy to configure firewall and connection security rules on the local computer. Disabling the options prevents a local user with network operator or administrator permissions from creating firewall or connection security rules that might conflict with the rules deployed by Group Policy.
Allow local firewall rules
Select this option when, in addition to firewall rules applied by Group Policy that are specific to this computer, you want to allow administrators to be able to create and apply local firewall rules on this computer. When you clear this option, administrators can still create rules, but locally defined rules are not applied. This setting is available only when you are configuring the policy through Group Policy.
Allow local connection security rules
Select this option when, in addition to connection security rules applied by Group Policy that are specific to this computer, you want to allow administrators to create and apply local connection security rules on this computer. When you clear this option, administrators can still create rules, but locally defined rules are not applied. This setting is available only when configuring the policy through Group Policy.