Filters traffic based on certain high-level security constraints, like whether or not the traffic is encrypted. Connection Security rules will have to be created in order for traffic to pass the rule.
MSFT_NetNetworkLayerSecurityFilter properties
MSFT_NetNetworkLayerSecurityFilter has 24 properties (6 Local, 18 Derived)
'Whether to require Authentication. NoEncapsulation means that authentication is still required, but only once at the beginning of the traffic flow, instead of on every packet.'
Values
['NotRequired', 'Required', 'NoEncapsulation']
Authentication property is in 1 class (MSFT_NetNetworkLayerSecurityFilter) of ROOT\StandardCimv2\MS_409 and in 6 namespaces
'SDDL string describing Local Users that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required).'
LocalUsers property is in 1 class (MSFT_NetNetworkLayerSecurityFilter) of ROOT\StandardCimv2\MS_409 and in 2 namespaces
'Whether to allow this rule to take precedence over Block rules. This setting may only be applied on Allow rules that require Authentication with specific RemoteUsers and/or RemoteMachines.'
OverrideBlockRules property is in 1 class (MSFT_NetNetworkLayerSecurityFilter) of ROOT\StandardCimv2\MS_409 and in 2 namespaces
'SDDL string describing Remote Machines that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required).'
RemoteMachines property is in 1 class (MSFT_NetNetworkLayerSecurityFilter) of ROOT\StandardCimv2\MS_409 and in 2 namespaces
'SDDL string describing Remote Users that are allowed by this rule. If this is empty, all users are allowed. If LocalUsers/RemoteUsers/RemoteMachines are specified, then they apply conjunctively, and this is an ''Allow-Bypass'' rule and ProtectionLevel must be set above None (so that authentication is required).'
RemoteUsers property is in 1 class (MSFT_NetNetworkLayerSecurityFilter) of ROOT\StandardCimv2\MS_409 and in 2 namespaces
Derived properties (18) of MSFT_NetNetworkLayerSecurityFilter class
'Filters traffic based on certain high-level security constraints, like whether or not the traffic is encrypted. Connection Security rules will have to be created in order for traffic to pass the rule.'
✗
✓
✓
✗
✓
LOCALE
'MS_409'
✗
✗
✓
✗
✓
MSFT_NetNetworkLayerSecurityFilter System properties