Windows 7 Firewall Group Policy

sschmidlap

Hey everybody, while I am here today thought I might as well ask for your feedback and opinions on the Windows Vista and 7 firewalls. I have Vista Business and Windows 7 Pro client machines all with SP1. I have a GPO for the Vista and Windows 7 firewall settings that I manage using the RSAT tool. The GPO is on a Server 2003 R2 domain controller. I currently don't have any Server 2008 machines in the domain. So here is my beef. I end up with multiple entries for File and Print Sharing, BITS, etc. The exception list just looks "messy" to me. I tried to clean it up best I could. Here is an example. I know multiple networks and different firewall settings per network location can cause this so I just took the BITS exception and focused on that trying to make it appear just once in the list. I added the predefined inbound rules for BITS and I edited the rules to only apply to the domain profile. I did not add any outbound rules. And that's it. Yet, when I check the Exceptions tab I have 2 entries for BITS. The first has the checkmark, is greyed out, and shows Yes for Group Policy. PERFECT! That is exactly what I want. Yet, the next entry shows BITS with no check mark and No for Group Policy. Do you know why that second BITS exception is still showing up and how I can get rid of it? Basically what I am trying to achieve is what I achieved beautifully for my XP client machines and that was to configure the GPO so that the only entries at all that showed up in the exception list were the actual exceptions controlled by Group Policy.