共用方式為


Windows Firewall

Windows Firewall and Internet Connection Sharing provides a barrier between your device and network connections to help reduce attacks by hackers, viruses, and worms across networks. All networked devices, not just devices connected to the Internet, are vulnerable to these attacks. These attacks may attempt to:

  • Access personal information and data.
  • Damage hardware, software, or data.
  • Spread across networks, consuming memory or network bandwidth.

When you have added the Windows Firewall and Internet Connection Sharing component, there are several ways to enable and configure it:

  • In Target Designer before building and deploying the image.
  • With Group Policy, applied before or after building and deploying the image.
  • With the Windows Firewall Control Panel component at the device. The Windows Firewall Control Panel component must be added separately in Target Designer.
  • With NetShell commands. The NetShell component must be added separately in Target Designer.

Attempts to attack your device may start as soon as you have established network connections during First Boot. Adding and configuring the Windows Firewall and Internet Connection Sharing component in Target Designer so that it runs during First Boot processing reduces the window of vulnerability during and after First Boot.

You can configure the Windows Firewall to block all outside sources from connecting to the device, or you can open selected ports and mappings to allow specific services that you trust.

Even if your device is not intended for constant Internet or network connections, you may occasionally need to use Remote Access or Device Update Agent (DUA) to manage or update the device through your network server. By installing, enabling, and configuring Windows Firewall and Internet Connection Sharing, you can provide safer access to the device.

In This Section

Last updated on Wednesday, October 18, 2006

© 2006 Microsoft Corporation. All rights reserved.