0

When defining new firewall rules with Group Policies in Windows Server 2008:

  • Does adding a single rule to allow traffic disable all other rules that were present locally on the client computer?
  • Does it inherit on a individual rule basis. For example does a single rule over ride a single rule on the client computer (or maybe the other way?)
  • Does this behavior depend on some base setting?

Also, any other gotchas when starting out with this would be appreciated if they pop into your head.

Kyle Brandt
  • 83,619
  • 74
  • 305
  • 448

1 Answers1

2

GPO rules are merged (by default) to local rules. Rules where local and GPO conflict, GPO wins.

I haven't had any problems with it; but I meticulously planned each setting and rule in my Firewall GPOs, being sure to fully understand the implications of each setting before touching it.

Chris S
  • 77,945
  • 11
  • 124
  • 216