Network security is a crucial aspect of maintaining the integrity, confidentiality, and availability of data within an organization. In a Windows environment, there are several tools and techniques available to enhance network security. This article will guide you through practical examples using Windows built-in tools like CMD and PowerShell to secure your network.

1. Enabling Windows Firewall

The Windows Firewall is a built-in feature that helps protect your computer by blocking unauthorized access. To ensure it is enabled, follow these steps:

Using CMD:

netsh advfirewall set allprofiles state on

Using PowerShell:

Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True

2. Configuring Firewall Rules

You can create specific firewall rules to allow or block traffic based on your security requirements.

Using CMD:

netsh advfirewall firewall add rule name="Block Telnet" protocol=TCP dir=in localport=23 action=block

Using PowerShell:

New-NetFirewallRule -DisplayName "Block Telnet" -Direction Inbound -Protocol TCP -LocalPort 23 -Action Block

3. Monitoring Network Connections

Monitoring active network connections can help identify unauthorized access or suspicious activity.

Using CMD:

netstat -an

Using PowerShell:

Get-NetTCPConnection

4. Configuring Network Security Policies

Implementing security policies can help enforce certain security standards across your network.

Using CMD:

secedit /configure /db secedit.sdb /cfg C:\Windows\security\templates\hisecws.inf /overwrite

Using PowerShell:

Import-Module SecurityPolicy
Invoke-SecurityPolicy -Path "C:\Windows\security\templates\hisecws.inf"

5. Enabling Network Level Authentication (NLA) for Remote Desktop

NLA adds an extra layer of security for Remote Desktop connections.

Using CMD:

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 1 /f

Using PowerShell:

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" -Name "UserAuthentication" -Value 1

6. Updating Windows Defender Definitions

Keeping Windows Defender up to date is essential for protecting against the latest threats.

Using CMD:

"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -SignatureUpdate

Using PowerShell:

Update-MpSignature

7. Enabling and Configuring BitLocker

BitLocker encrypts your drives to protect data from unauthorized access.

Using CMD:

manage-bde -on C: -RecoveryPassword

Using PowerShell:

Enable-BitLocker -MountPoint "C:" -RecoveryPasswordProtector

Conclusion

By utilizing these built-in Windows tools and commands, you can significantly enhance the security of your network. Regularly monitoring and updating your security configurations will help protect your systems from unauthorized access and potential threats.