This is the built-in help made by Microsoft for the command 'Set-NetFirewallSecurityFilter', in PowerShell version 3 - as retrieved from
Windows version 'Microsoft Windows Server 2012 Standard' PowerShell help files on 2016-06-23.
For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.
Modifies security filter objects, thereby modifying the Authentication, Encryption, OverrideBlockRules, LocalUser, RemoteUser, and RemoteMachine conditions of the firewall rules.
Set-NetFirewallSecurityFilter [-AsJob [<SwitchParameter>]] [-Authentication <Authentication>] [-CimSession <CimSession[]>] [-Encryption
<Encryption>] [-GPOSession <String>] [-LocalUser <String>] [-OverrideBlockRules <Boolean>] [-PassThru [<SwitchParameter>]] [-PolicyStore
<String>] [-RemoteMachine <String>] [-RemoteUser <String>] [-ThrottleLimit <Int32>] [-Confirm [<SwitchParameter>]] [-WhatIf
[<SwitchParameter>]] [<CommonParameters>]
Set-NetFirewallSecurityFilter [-AsJob [<SwitchParameter>]] [-Authentication <Authentication>] [-CimSession <CimSession[]>] [-Encryption
<Encryption>] [-LocalUser <String>] [-OverrideBlockRules <Boolean>] [-PassThru [<SwitchParameter>]] [-RemoteMachine <String>] [-RemoteUser
<String>] [-ThrottleLimit <Int32>] -InputObject <CimInstance[]> [-Confirm [<SwitchParameter>]] [-WhatIf [<SwitchParameter>]]
[<CommonParameters>]
The Set-NetFirewallSecurityFilter cmdlet modifies the security conditions associated with the input firewall rules.
See the Get-NetFirewallSecurityFilter cmdlet for more information on the security filters.
To modify the security conditions, two methods can be used starting with the security filters returned by the Get-NetFirewallSecurityFilter
cmdlet and optional additional querying.
-- The network firewall security filter objects can be piped into the Get-NetFirewallRule cmdlet. The Get-NetFirewallRule cmdlet returns the
rules associated with the filters and pipes the rules into the Set-NetFirewallRule cmdlet, which configures the interface properties.
-- Alternatively, piping the network firewall security filter objects directly to this cmdlet modifies the Authentication, Encryption,
OverrideBlockRules, LocalUser, RemoteUser, and RemoteMachine parameters of the rules.
<
Get-NetFirewallRule
Get-NetFirewallSecurityFilter
Get-NetIPSecRule
New-NetFirewallRule
New-NetIPSecRule
Open-NetGPO
Save-NetGPO
Set-NetFirewallRule
Set-NetIPSecRule
New-GPO
<
EXAMPLE 1
PS C:\> $users = New-Object -TypeName System.Security.Principal.NTAccount ("corp.contoso.com\Administrators")
PS C:\> $SIDofSecureUserGroup = $users.Translate([System.Security.Principal.SecurityIdentifier]).Value
PS C:\> $SecureMachineGroupSDDL = "D:(A;;CC;;; $SIDofSecureUserGroup)"
PS C:\> $nfSecurityFilter = Get-FirewallRule –DisplayName "Authorize Secure Computer" | Get-NetFirewallSecurityFilter
PS C:\> Set-NetFirewallSecurityFilter –RemoteMachine $SecureMachineGroupSDDL -InputObject $nfSecurityFilter
This cmdlet can be run using only the pipeline.
PS C:\> Get-FirewallRule –DisplayName "Authorize Secure Computer" | Get-NetFirewallSecurityFilter | Set-NetFirewallSecurityFilter
–RemoteMachine $SecureMachineGroupSDDL
This cmdlet can be run without the pipeline.
PS C:\> Set-NetFirewallRule –DisplayName "Authorize Secure Computer" –RemoteMachine $SecureMachineGroupSDDL
This example modifies the user field of a particular firewall rule.
EXAMPLE 2
PS C:\> $nfSecurityFilter = Get-NetFirewallRule –DisplayGroup "*Printer*" | Get-NetFirewallSecurityFilter
PS C:\> Set-NetFirewallSecurityFilter –Authentication Request –InputObject $nfSecurityFilter
This cmdlet can be run using only the pipeline.
PS C:\> Get-NetFirewallRule –DisplayGroup "*Printer*" | Get-NetFirewallSecurityFilter | Set-NetFirewallSecurityFilter –Authentication Request
This example modifies the security condition associated with the Printer firewall rules by requesting authenticated traffic.