In Windows Firewall with Advanced Security, you configure an outbound firewall rule which requires the corresponding traffic to be authenticated and optionally encrypted. This is done by either enabling “Allow only secure connections” in the user interface or by using “NETSH ADVFIREWALL” at a Command Prompt with the arguments “security=authenticate” or “security=authenc”.

A corresponding Connection Security (IPsec) rule is configured.

Attempting communication with a host that meets the criteria for the rule you created will fail.