Hello. Thanks for visiting.

Have questions about Server Intellect?

I'm here to help.

Call us toll free at 1-855-850-HOST(4678)

Coupon code copied
Server Intellect
(855) 850-HOST

Toll Free 24/7/365        (4678)

Get help from a Microsoft Certified Engineer.

Intellect Connect

Technical problem with your Windows Hosting?

Let our Microsoft Certified experts handle the problem for you.
Chat Now

Windows Firewall with Advanced Security (WFAS) Profiles

Windows Firewall with Advanced Security in Server 2008 allows for extended configuration and fine-tuning compared to the Server 2003 Windows Firewall.

Some of the new features include a New GUI Interface, Bi-directional filtering, IPSec-like rules, and more advanced options in general.

  • New GUI Interface
  • Bi-directional filtering
  • IPSec-like rules and more advanced options in general

One of the differences between Windows Firewall and Windows Firewall with Advanced Security (WFAS) is that the old Windows Firewall only allowed you to configure a single profile of rules. WFAS comes with three Profiles to group rules together based on the current connection status. The three default profiles are Public, Private, and Domain. These different profiles allow you to take several inbound & outbound rules and apply that group of firewall rules to your server based on your server’s connection to the network (eg. the corporate LAN vs. the Internet).

While this may seem over-complicated at first, it really is a simple way to apply different firewall rule sets depending on the server’s current connection.

The majority of servers will use the Public profile, as they are Publicly accessible on the Internet. Compare this to a server at your office which is not publicly accessible, that server would typically use the Private or Domain profile with many ports open to allow various programs to communicate. If you suddenly needed to connect that server to the Internet directly, you could have a more strict Public firewall profile which only allows essential ports to protect the server further compared to the Private or Domain profiles.

  • The public profile is applied whenever a computer is connected to a public network.
  • The private profile is applied whenever a computer is connected only to a private network and is not part of an Active Directory domain.
  • The domain profile is applied whenever a computer is connected only to a private network and is part of an Active Directory domain.

To Determine what Profile WFAS is using, open WFAS by going to Start > Administrative Tools > Windows Firewall with Advanced Security

The overview section tells you which Profile is currently Active. (eg. Public Profile is Active)

In the example below, you can see that the Public Profile is marked as the Active profile. Only the rules in the Public Profile would be applied at this time.


You cannot manually set which Profile the server uses. The profile is determined by the network connection the server is using at that time. If your server is connected to both a Public and Private network, it still only uses the Public profile as this is typically more strict for a publicly facing server.

Interested in letting our experts solve your IT problems for you?
Get a free, no-obligations consultation with one of our experts today!

Call us at (855) 850-HOST

Chat Now

Start Your Order


This form does not accept free e-mail accounts. Please enter a business e-mail to submit it.

Submit Form Cancel

Please wait...

Submitting your info. This may take less than a minute.