Secure Server Access with Windows Defender Firewall

1.25 hours
  • 3 Learning Objectives

About this Hands-on Lab

You are working on securing your Windows Servers, and as part of the effort, you want to configure a domain isolation policy between the employee workstations and the application servers. You want to make sure that the employees can only log into an application server from a domain-joined client workspace. In order to do this, in this hands-on lab, you are going to configure a Group Policy to enforce Windows Defender Firewall rules between client and server VMs.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Configure the Active Directory Domain Services Environment
Configure Group Policy for Windows Defender Firewall Rules
  • Create a Group Policy Object and link it to the server organizational unit
    • Edit the policy to Require authentication for inbound connections and request authentication for outbound connections to the server VM
  • Create a Group Policy Object and link it to the client organizational unit
    • Edit the policy to Request authentication for inbound and outbound connections to the client VM
  • Update the Group Policies on the virtual machines
Confirm Firewall Rules Have Been Applied
  • Confirm that you can only directly remote into the client VM and not the server VM
  • From the client VM, confirm that you can remote into the server VM using the private IP address or the Fully Qualified Domain Name (FQDN)

Additional Resources

Lab Prerequisites

You should be familiar with the following to use this hands-on lab:

  • Active Directory Domain Services
  • Group Policy
  • Windows Defender Firewall

Lab Setup

This lab will require the use of an Active Directory domain, so the first thing that will need to be done will be to configure the domain. Because this environment will be set up on Azure Virtual Machines, there will be a few Azure-specific steps that will need to be taken and will be delineated in the lab objectives.

Lab Files

The lab files needed for configuring the Active Directory Domain Services environment can be accessed via the GitHub repository for this lab.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?