This article describes how the Windows Firewall exception settings in the Group Policy administrative template work together with the Windows Firewall Control Panel program in Windows Vista.
Group Policy settings
You can configure the Windows Firewall settings in the Group Policy administrative template and then apply the settings to a Windows Vista-based computer. The settings that you use to configure exceptions appear on the Exceptions tab in the Windows Firewall Control Panel program. When you enable a setting in the Group Policy administrative template, the setting generates an enabled firewall rule that has the "Allow" action. When you disable a setting, this action generates an enabled firewall rule that has the "Block" action.
Windows Firewall Control Panel program settings
If you enable or disable an exception by using the settings in Group Policy, the check box for the exception entry is selected in the Windows Firewall Control Panel program. A selected check box indicates only that some action has been taken in that exception. The selection does not indicate what specific action is configured in the exception. The selected check box could indicate any of the following settings:
Windows Firewall: Allow inbound file and printer sharing exception
Windows Firewall: Allow inbound remote administration exception
Windows Firewall: Allow inbound Remote Desktop exception
Windows Firewall: Allow inbound UPnP framework exceptions
Windows Firewall: Allow ICMP exceptions
Full exception settings
To view the full exception settings, use the "Windows Firewall with Advanced Security" snap-in. This snap-in is available in the Administrative Tools folder.
For more information about how to configure Windows Firewall settings in Windows Vista, visit the following Microsoft TechNet Web site: