Apply the following default firewall rules on the policy used by Active Directory server:
- Allow solicited ICMP replies
- Allow solicited TCP/UDP replies
- IDENT
- Remote Access RDP
- DHCP Server
- DNS Server
- ICMP Echo Request
- NetBios Name Service
- WINS
- WINS Registration
- WINS Replication
- Domain Client (UDP)
- Domain Controller (UDP)
- Domain Client (TCP)
- Domain Controller (TCP)
Applying firewall rules to allow specific traffic blocks any traffic without an allow rule. For example, assigning the above rules makes the firewall only allow the traffic explicitly allowed by these rules. All other traffic will be blocked.
Always assign a rule for any traffic you wish to allow and test the firewall rules before deploying them. For more information, refer to the Help Center article, Set up the Workload Security firewall.
Always assign a rule for any traffic you wish to allow and test the firewall rules before deploying them. For more information, refer to the Help Center article, Set up the Workload Security firewall.