Several changes have been done to the Windows Firewall in Windows Vista to make it more efficient and user-friendly. This article covers some of these enhancements and their benefits.
The Windows Firewall that comes with Windows XP Service Pack 2 (SP2) is a useful and efficient client-based firewall. The firewall is enabled by default to ensure that user computers are protected against threats at all times. Although useful, this firewall requires a few more features to make it more reliable and effective. These missing features have been included in the Windows Vista Firewall. Out of these new features, two major ones include:
- The new firewall comprises the ‘application-aware outbound filtering’ to enable directional control on traffic that goes to and from your computer and other user computers.
- ‘Advanced management interface’ has been included to enable administrators to create rules at a more granular level for different workstations.
If you are responsible for managing the security of a corporate network, then the good news is that you can manage the Windows Firewall in Vista from Group Policy. So, you can easily enable organizational policies such as blocking instant messaging and other unwanted services.
In Windows Vista the firewall has two interfaces-Basic and Advanced. The Basic interface is the default interface and is quite similar to the Windows XP SP2 firewall. In Basic interface, a few basic firewall settings that are usually enough for normal computer users are loaded. However, if security is of much greater importance to you, the Advance interface will be the right choice for you because this interface enables users to perform much more with their firewall configurations.
You can open Windows Firewall from the Control Panel. By default, the firewall will open with Basic Configuration. In this configuration, if the firewall detects any activity that is configured as prohibited behavior, it is blocked. There are three tabs in Basic Configuration, General, Exceptions, and Advanced. On the General tab, you can enable or disable the Windows Firewall. If you need to log on to an unsecure network, you may choose to block all your programs to ensure that your PC is completely protected. On the Exceptions tab, you may choose to block or unblock a program. You may also configure the firewall to inform you when a particular program is blocked. The Advanced tab enables you to select the network that you want the firewall to protect. On this tab, you may enable logging of successful connections and dropped packets. This data can be used later for troubleshooting. You may also configure your computer on how it should respond to ICMP requests. Finally, if required, you may click the Restore Defaults button to undo any changes and revert to the default configuration.
To open Windows Firewall in Advanced Configuration, you will have to make some changes in the system configuration. To do this, open mmc.exe (Microsoft Management Console) as an administrator, display File menu select the Available Snap-ins command. Next, add the Windows Firewall With Advanced Security. Now, you will be able to view the Advanced configuration in MMC.
The following are some of the useful configurations available using the advanced firewall interface:
- You can use multiple profiles-Domain, Public, and Private-depending on the network you are connecting to.
- Next, you can configure Internet Protocol Security (IPSec) to secure data transmissions. Here, you can choose between Key Exchange, Data Protection and Authorization methods.
- After setting up your profiles and IPSec, you may setup connection security rules. You can easily set these with the help of a friendly wizard.
- Next, you may create rules to block and allow access from certain ports and programs.
- Finally, you may check Rule Monitoring to check all your settings. You can export these settings also. The exported file is useful if you need to re-setup your firewall.