I have a Domain Controller, and I wish to establish network Isolation with Windows Firewall, Connection Security Rules.
- When the DC Authentication is set to Request Inbound, Request Outbound, using the Default method.
- And the workstation Authentication is set to Require Inbound, and Request Outbound using the Default method.
- The connection works, I can see in Windows Firewall > Monitoring > Security Associations > Main and Quick mode that there are connections.
However when DC Authentication is set to Require Inbound. Require Outbound, using the Default method. I cannot see any connections in the Main and Quick modes.
So, I don't see what security I gain when DC is using Request Inbound Request Outbound. Because any workstation can connect to it, even if that workstation has no connection security rule.
I think in order to get Network Isolation for the DC, the Authentication needs to be set at Require Inbound Require Outbound. Am I correct?
I am just hoping that Network Isolation is achievable, it seems to promise that nobody outside the domain can talk to the DC. Hence, no data leaks, no RATs etc.
