It also has a nice feature to display the originating Group Policy Object name from which the particular rule came. It displays just the rules which are applied and nothing else. Therefore I use the Monitoring node of the Windows Firewall console itself, which provides the best view of actual firewall settings and rules currently in effect. Windows Firewall can receive many separate settings from local registry configuration, from local Group Policy Object ( gpedit.msc) or from several domain based GPOs which all combine together to provide the resulting firewall configuration and rule list.Īlthough you can always use the gpresult /h reporting tool to troubleshoot domain based GPO deployment, this does not record the firewall settings comming from local registry and from the local GPO.
Windows Firewall with Advanced Security console (the wf.msc) has a very useful node called Monitoring.