Lesson 4: Windows Firewall: Your System’s Best Defense
If you have your computer connected to a network, or directly to your Internet connection, then having a firewall is an absolute necessity. In this lesson we will discuss the Windows Firewall – one of the best security features available in Windows!
SCHOOL NAVIGATION
- Securing User Accounts and Passwords in Windows
- Preventing Disaster with User Account Control
- Windows Defender and a Malware-Free System
- Windows Firewall: Your System’s Best Defense
- Using Windows Firewall with Advanced Security
- Using the SmartScreen Filter to Screen Out Suspicious Websites and Applications
- Using the Action Center for Extra Security and Maintenance
- Keep Your System Updated for Security and Stability
- Beyond Defender: Third Party Security Products in Windows
- General Security Tips for Windows Users
The Windows Firewall made its debut in Windows XP. Prior to that, Windows system needed to rely on third-party solutions or dedicated hardware to protect them from network-based attacks. Over the years, Microsoft has done a great job with it and it is one of the best firewalls you will ever find for Windows operating systems. Seriously, it is so good that some commercial vendors have decided to piggyback on it!
Let’s talk about what you will learn in this lesson. First, you will learn about what the Windows Firewall is, what it does, and how it works. Afterward, you will start to get your hands dirty and edit the list of apps, programs, and features that are allowed to communicate through the Windows Firewall depending on the type of network you are connected to.
Moving on from there, you will learn how to add new apps or programs to the list of allowed items and how to remove the apps and programs that you want to block. Last but not least, you will learn how to enable or disable the Windows Firewall, for only one type of networks or for all network connections.
By the end of this lesson, you should know enough about the Windows Firewall to use and manage it effectively.
What is the Windows Firewall?
Windows Firewall is an important security application that’s built into Windows. One of its roles is to block unauthorized access to your computer. The second role is to permit authorized data communications to and from your computer.
Windows Firewall does these things with the help of rules and exceptions that are applied both to inbound and outbound traffic. They are applied depending on the type of network you are connected to and the location you have set for it in Windows, when connecting to the network. Based on your choice, the Windows Firewall automatically adjusts the rules and exceptions applied to that network.
This makes the Windows Firewall a product that’s silent and easy to use. It bothers you only when it doesn’t have any rules and exceptions for what you are trying to do or what the programs running on your computer are trying to do.
If you need a refresher on the concept of network locations, we recommend you to read our How-To Geek School class on Windows Networking.
Another benefit of the Windows Firewall is that it is so tightly and nicely integrated into Windows and all its networking features, that some commercial vendors decided to piggyback onto it and use it in their security products. For example, products from companies like Trend Micro or F-Secure no longer provide their proprietary firewall modules but use the Windows Firewall instead.
Except for a few wording differences, the Windows Firewall works the same in Windows 7 and Windows 8.x. The only notable difference is that in Windows 8.x you will see the word “app” being used instead of “program.”
Where to Find the Windows Firewall
By default, the Windows Firewall is turned on and you don’t need to do anything special in order for it work. You will see it displaying some prompts once in a while but they show up so rarely that you might forget that is even working.
If you want to access it and configure the way it works, go to the Control Panel, then go to “System and Security” and select “Windows Firewall.”
Now you will see the Windows Firewall window where you can get a quick glimpse on whether it is turned on and the type of network you are connected to: private networks or public network.
For the network type that you are connected to, you will see additional information like:
- The state of the Windows Firewall
- How the Windows Firewall deals with incoming connections
- The active network
- When the Windows Firewall will notify you
You can easily expand the other section and view the default settings that apply when connecting to networks of that type.
If you have installed a third-party security application that also includes a firewall module, chances are that the Windows Firewall has been disabled, in order to avoid performance issues and conflicts between the two security products. If that is the case for your computer or device, you won’t be able to view any information in the Windows Firewall window and you won’t be able to configure the way it works.
Instead, you will see a warning that says: “These settings are being managed by vendor application – Application Name.” In the screenshot below you can see an example of how this looks.
How to Allow Desktop Applications Through the Windows Firewall
Windows Firewall has a very comprehensive set of rules and most Windows programs that you install add their own exceptions to the Windows Firewall so that they receive network and Internet access. This means that you will see prompts from the Windows Firewall on occasion, generally when you install programs that do not add their own exceptions to the Windows Firewall’s list.
In a Windows Firewall prompt, you are asked to select the network locations to which you allow access for that program: private networks or public networks. By default, Windows Firewall selects the checkbox that’s appropriate for the network you are currently using.
You can decide to allow access for both types of network locations or just to one of them. To apply your setting press “Allow access.” If you want to block network access for that program, press “Cancel” and the program will be set as blocked for both network locations.
At this step you should note that only administrators can set exceptions in the Windows Firewall. If you are using a standard account without administrator permissions, the programs that do not comply with the Windows Firewall rules and exceptions are automatically blocked, without any prompts being shown.
You should note that in Windows 8.x you will never see any Windows Firewall prompts related to apps from the Windows Store. They are automatically given access to the network and the Internet based on the assumption that you are aware of the permissions they require based on the information displayed by the Windows Store.
Windows Firewall rules and exceptions are automatically created for each app that you install from the Windows Store. However, you can easily block access to the network and the Internet for any app, using the instructions in the next section.
How to Customize the Rules for Allowed Apps
Windows Firewall allows any user with an administrator account to change the list of rules and exceptions applied for apps and desktop programs. In order to do this, first start the Windows Firewall.
On the column on the left, click or tap “Allow an app or feature through Windows Firewall” (in Windows 8.x) or “Allow a program or feature through Windows Firewall” (in Windows 7).
Now you see the list of apps and programs that are allowed to communicate through the Windows Firewall. At this point, the list is grayed out and you can only view which apps, features, and programs have rules that are enabled in the Windows Firewall.
Next Page: Allowing Apps Through the Firewall
Lesson 4: Windows Firewall: Your System’s Best Defense
You will notice that some entries have check marks on the left side of their name. This means that the rule for that app, program or feature is enabled and used by the Windows Firewall to allow or block access.
On the right, there are two columns: Private and Public. If a check mark is found in the Private column it means that network access is given to that app, program, or feature when you are connected to networks that are set as “private.” If a check mark is found in the Public column it means that network access is given to that app, program or feature when you are connected to networks that are set as “public.”
To change anything in this list, you need to press the “Change settings” button.
The list is no longer grayed out and you can edit any of the existing entries. You can select any item for which you want to change the rules applied by Windows Firewall. To learn more about it, press the “Details” button.
You will see a small window that shows a description of the selected item or, if you have selected a program, the path where it is installed and its name. When you’re finished, press “OK.”
For some items, the “Details” button is grayed out. That’s because there’s no additional information stored by the Windows Firewall and there are no details available to display. You will encounter this especially when selecting Windows Store apps.
If you want to block access to the network for an app, program, or feature, select it and then uncheck the box near its name (to block access to any network) or one of the check boxes on the right (Private or Public), depending on the types of networks you want to block access to.
Alternatively, if you want to give network access to an app, program, or feature that doesn’t have it, enable the checkbox near its name and then set the types of networks you give it access to.
When you’re done setting things up, press “OK.”
How to Add Apps & Programs to the Allowed List
In the rare event that an app or program that you want to give network access to is not in this list, you can easily add it. First, make sure that the list of allowed apps, programs, and features is editable, using the procedure described in the previous section, then click or tap “Allow another app” (in Windows 8.x) or “Allow another program” (in Windows 7).
In the “Add an app”/”Add a Program” window, look for the app or program that you want to add and select it. If you can’t find it, press “Browse,” go to its location and select its executable, then click or tap the “Add” button.
You are back to the list of items allowed through the Windows Firewall. The program or app that you just added is now selected and you can edit the types of networks it can access.
When you’re done adding programs and apps, press “OK” to apply your settings.
How to Remove Apps and Programs from the Allowed List
You can also remove apps or desktop programs from the list of items allowed through the Windows Firewall. When you remove an app or program, it becomes blocked by default and the next time you use it, you will see a prompt from the Windows Firewall, requesting your approval for giving network access to it.
First, make sure that the list of allowed apps, programs, and features is editable, using the procedure shared earlier in this lesson, then select the app or program that you want to delete and press “Remove.”
You are asked to confirm your choice. Press “Yes” and the selected app or program is removed from the list of items allowed through the Windows Firewall.
Press “OK” to save your changes.
How to Enable or Disable the Windows Firewall
In order to enable or disable the Windows Firewall, you must first open it, then look on the left column and click or tap the link that says “Turn Windows Firewall on or off.”
The “Customize Settings” window is now opened. Here you can set how to turn on or off the Windows Firewall: turn it on or off just for private networks, for public networks, or for both types of networks.
For example, you can set the Windows Firewall to be turned off when you are connected to trusted private networks like the one in your home and to be turned on when you are connected to untrusted public networks. While having this kind of flexibility is great, not that many people understand the concept of network locations, what is different about them, and what profile to assign to each network connection you make. If you are such a user, we recommend you to read our How-To Geek School class on Windows Networking.
To recap, if you want to enable the Windows Firewall only for private networks, then select “Turn on Windows Firewall” in the “Private network settings” section. If you want to enable it only for public networks, then select “Turn on Windows Firewall” in the “Public network settings” section. If you want it to turn it on for all types of networks select this setting in both sections and press “OK.”
The same goes for disabling the Windows Firewall. Select “Turn off Windows Firewall” in both sections if you want to disable it completely or select this setting only for the type of networks where you don’t want to use it. When done, press “OK” to save your settings.
Coming up next …
In the next lesson we will get into even more detail about the Windows Firewall and learn how to use the Windows Firewall with Advanced Security. What is this? What can you do with it? Why should you bother using it? To learn the answers to these questions, you will have to come back for the next lesson.
Next Page: Using Windows Firewall with Advanced Security
No comments:
Post a Comment