Windows 7 Security Features
Security Policies
Other Security Policies
- Windows Firewall with Advanced Security is used to configure the firewall in Windows 7. This
policy lets you configure both inbound and outbound rules for packets. In addition, you can
configure specific computer-to-computer rules. In Windows 7, this area can also be used to configure IP Security (IPsec) rules.
- The Network List Manager Policies are used to control how Windows 7 categorizes networks
to which it is connected and how users can interact with the process. For example, unidentified
networks can be automatically defined as either public or private, and the user can restrict the
ability of other users to change it. These policies also control whether users can rename networks
that they connect to.
- The Public Key Policies has a settings for the Encrypting File System (EFS), BitLocker Drive
Encryption, and certif cate services. You can add recovery agents for EFS files or BitLocker
encrypted drives. A recovery agent is allowed to decrypt files protected by EFS or BitLocker.
More detailed information about EFS and BitLocker Drive Encryption is provided later in this
chapter.
- TIP Security Policies on Local Computer are used to control encrypted network communi-
cation. By default, network communication is not encrypted. However, you can configure encrypted network communication for certain hosts or communication on certain port numbers.
This policy is depreciated in Windows 7 and included only for backward compatibility with
Windows 2000 and Windows XP. When configuring IPsec rules, you should use Windows Firewall with Advanced Security.
- Advanced Audit Policy Configuration is a simplified way to configure advanced audit policies in Windows 7. These policies first appeared in Windows Vista, but needed to be edited at a command-line.