Question

You have a new laptop that is running Windows 10 or windows 11 or Linux. You notice a security message that indicates that Firewall has been disabled. The laptop is currently connected to your organization's network, and the Domain network profile settings are in effect. You plan to travel this week, and you will connect the laptop to various airport Wi-Fi hotspots. You need to enable Firewall for any public network. Your task is to configure the Firewall of your choice as follows:

1. Turn on Firewall for the Public network profile only.
2. In addition to the programs and ports currently allowed or blocked, block firefox only for the Public network profile. 3. Block any traffic from the ip address of 192.162.1.1 for all type of profile
4. show step-by-step how to set up a VPN of your choice
Submit a brief written report that documents the above steps. Screenshots must be included showing all the required elements and their configuration settings (at least enough for me to see that it was done properly - imagine that you are documenting this for a colleague so that they would be able to follow your instructions and deploy an exact copy of what you have done). After finishing those steps, answer the following questions:
- Why a firewall is a good place to implement a VPN?
- Why not implement a VPN at the actual server(s) being accessed?

Answer 1

To configure the Firewall settings on Windows 10 or Linux, you can follow these steps: Turn on Firewall for the Public network profile only, block Firefox for the Public network profile, and block traffic from the IP address 192.162.1.1. Implementing a VPN at the firewall level provides an extra layer of protection and ensures that all traffic passing through the firewall is encrypted and secure. Implementing a VPN at the actual server(s) being accessed would be cumbersome and time-consuming.

Step-by-step explanation:

Configuring Firewall for Public Network Profile

1. Open the Windows Defender Firewall settings by searching for 'Windows Defender Firewall' in the Start Menu.
2. Click on 'Advanced settings' on the left-hand side.
3. In the 'Windows Defender Firewall with Advanced Security' window, select 'Windows Defender Firewall Properties' from the right-hand side.
4. Under the 'Domain Profile' tab, select 'Firewall state' to 'On (recommended)'.
5. Switch to the 'Public Profile' tab and select 'Firewall state' to 'On (recommended)' as well.
6. To block Firefox for the Public network profile, go to the 'Outbound Rules' section and click 'New Rule'.
7. Select 'Program' and browse to find the Firefox executable file.
8. Choose 'Block the connection' and apply this rule only for the 'Public' profile.
9. Click 'Finish' to save the rule.
10. To block traffic from the IP address 192.162.1.1 for all profiles, go to the 'Inbound Rules' section and create a new rule.
11. Select 'Custom' rule type and click 'Next'.
12. Choose 'All programs' and continue to the next step.
13. Under 'Remote IP address', select 'These IP addresses' and add 192.162.1.1 to the list.
14. Block connections in the next step and apply this rule for all profiles.
15. Save the rule and exit the Firewall settings.

Why a Firewall is a Good Place to Implement a VPN?

A firewall is a good place to implement a VPN because it acts as a barrier between the internal network and external networks. By implementing a VPN at the firewall level, it ensures that all traffic passing through the firewall is encrypted and secure, providing an extra layer of protection.

Why Not Implement a VPN at the Actual Server(s) Being Accessed?

Implementing a VPN at the actual server(s) being accessed would require configuring and managing VPN connections on each individual server. This can be cumbersome and time-consuming, especially in large server environments. By implementing the VPN at the firewall level, all traffic is covered and there is no need to configure VPN connections on each server.