Image
image


Windows Firewall

AskTheComputerTech.com - Learning Series

windows 7 logo

pc tool kit windows 7

windows vista logo

Windows Firewall Guide

In this guide we are going to answer some common computer firewall questions and we will also be showing you how to disable and enable the Windows firewall, allow a program through the firewall, and even configure some firewall policies step by step in Microsoft’s latest Windows 7 operating system.

Computer security is often one of those out of sight, out of mind critical computing aspects that in all honestly should be more in the forefront of the average computer users mind.  It is definitely wise to understand at the minimum the basics of a firewall including what exactly a firewall is, and at least understand how to perform some basic firewall configuration.   

Through each succeeding version of the Microsoft’s bread and butter operating system, the Windows firewall has been improved so it is much easier to manage in addition to offering better protection.  The latest Windows 7 firewall offers some new features and configuration options over Windows Vista and Windows XP so configuring firewall options has never been easier.

In Windows Vista and especially Windows XP firewall control was more basic, but in Windows 7 the firewall now offers some great new features including one of our favorites, separate firewall configuration settings for private networks (Home or Work) and public networks simultaneously.

We’re going to start this guide by answering common Windows firewall questions, it is best to begin here especially if you are new to firewalls because having a foundation to build upon is always the first step to understanding something well.  This way you will also be better informed before you begin tweaking with firewall options since disabling or configuring the wrong settings can compromise your computers security.


Topic Selction:


Firewall - Questions & Answers

Here we answer common firewall questions. Understanding the answers to these basic questions is the perfect starting block before you begin configuring Windows firewall settings. Since a firewall is an important security feature of modern Windows operating systems including Windows 7, Vista & XP, and even non Windows OS’s such as Mac OSX and Linux to name a few it is best to be in the know, especially if you are new to firewalls.

Question 1:  What is a firewall?

A firewall is a software or hardware layer that checks information coming from a network such as a local area network in a home or office, or wide area network such as the Internet, and then it either blocks or allows that information to pass through to your computer depending on how your firewall settings are configured.  See Figure 1.

A properly configured firewall can protect your computer from a hacker, virus, worm or other security threat.  Even if your computer doesn’t contain anything important, a worm for example which is a self-replicating program similar to a virus, could completely disable your computer.  A firewall can also protect you from a hacker who could for example use your computer to help spread a worm or virus to another computer without your knowledge.

how a firewall worksHere is a simple yet great illustration we pulled from the Windows 7 operating system that shows how a firewall works. The red arrows represent unwanted network traffic that is being blocked and the green arrow represents allowed network traffic.

Allowing a program through a firewall is a pretty straight forward process in Windows, and we will be showing you later in this guide how to perform this step by step in Microsoft’s latest Windows 7 operating system.

Figure 1:  Like a physical wall, a firewall is a protective barrier between the Internet and your computer.

Question 2:  What settings are recommended for the Windows firewall?

It is recommended that if you are connected to any network to always have the firewall enabled.  It should be on for all network locations including home and work networks, public networks and also in domain networks.  If you have multiple network connections make sure it is on for each connection too.  Also make sure the firewall is setup to block all inbound connections except those that you specifically need to allow for a program or operating system feature to function.

Question 3:  What does it mean to allow a program or port to communicate through the Window firewall?

Allowing a program through the firewall is when you unblock the program by adding it to a list of allowed programs so that it can communicate with your computer through the firewall.  For example if you look at figure 1 above the green arrow represents an allowed program or port.  In addition to allowing a program through the Windows firewall you can also add ports which are software based numbered interfaces in programs used to exchange information.

Question 4:  What are the risks of allowing programs or ports through the Windows firewall?

Allowing a program or port to communicate through the firewall is like punching a hole in the firewall, so it is best to only make an exception if it is entirely necessary for a program or operating system function to operate correctly. 

Each time you open a port or allow a program to communicate through a firewall your computer becomes a bit less secure.  So when you do allow a program or port to communicate through your firewall be aware, for this increases the chance for malware such as a virus/worm or a hacker, etc. to wreck havoc on your system.

Of course it is often required to allow a program or port to communicate through your firewall since a particular program or operating system function may not work correctly without doing so.  Just do it with a cautious approach and only open a port or allow a program if absolutely necessary.

In general it is safer to add a program to the list of allowed programs rather than to open a port using an advanced firewall profile rule. See a port stays open until you close it regardless of the fact if a program is using it or not, where an allowed program in comparison only keeps the “hole” open when needed for a specific communication.

As a general rule of thumb only allow a program or open port when you absolutely need it, and if you don’t need them anymore remove a program from the list of allowed programs or close the port.  Also never allow an unknown program to communicate through the firewall.

Question 5:  My router has a built-in firewall, should I still use the Windows Firewall?

Yes you should still have the Windows firewall enabled.  While a router based firewall is important, they only provide protection from computers on the Internet and not from computers on your own local network.

Even with a router based firewall another computer could for example contain a worm and when it connects to your local network the worm could very easily find its way into your computer or others on the local network if the Windows firewall is not enabled.

A firewall running on every computer can help control the spread of worms and so it is best to always have the firewall enabled even with a router based firewall.

Question 6:  What are some online threats the Windows firewall doesn’t protect me from?

Common things the Windows firewall doesn’t protect you from is e-mail viruses and phishing scams.

Because an email virus is attached to an e-mail message a firewall can’t determine the contents of the e-mail message and so cannot protect you.  Instead you should make sure you have an antivirus program installed and fully updated.  The general rule of thumb is to use the antivirus program to scan and delete suspicious email attachments and if you aren’t 100 percent positive an e-mail is safe never open it.

Like an email virus, the Windows computer firewall doesn’t protect you from phishing scams either.  Typically phishing scams begin with a fake email message that appears to be legitimate, but it actually directs you to a fake website that looks real to try and trick you into revealing personal or financial information such as a bank account password, etc. 

If you aren’t sure an email message is legitimate it is best to manually browse to a company’s website instead of clicking and following a link from within an email message since it could be a phishing scam.

Question 7:  Are there any other things I should take into consideration to protect my computer from threats?

In addition to making sure the Windows firewall is enabled, you should also make sure you have a good antivirus program installed and updated, ensure Windows automatic updating is enabled, and also try using an antispyware program.

An antivirus program is one of the more critical security features so, if you don’t have one make sure you install one right away.  If price is an issue there are a lot of nice free alternatives out there such as AVG Antivirus, Avira AntiVir Personal, and Avast among others.  The free ones we’ve listed all support automatic virus definition updating which should always be enabled.

Windows automatic updating is also important since Microsoft sends out critical security patches pretty often.  We typically make sure automatic updating is set to automatically download and install updates that way we don’t miss any critical patches.

Antispyware programs are also great tools for protecting your computer from spyware and other malicious software.  Microsoft Windows 7 and Windows Vista both have Windows Defender installed by default and it offers basic real-time malware protection.  We personally like to use Malwarebytes Anti-Malware to run weekly scans on our own systems for it is one of the better anti-malware tools out there.

For more information, see Windows Security Essentials.

back to topic selection


Learn How to Enable or Disable the Windows 7 Firewall Step by Step

Disabling the Windows 7 firewall is very straight forward.  Doing so in Windows Vista is pretty much the same process.

Step 1: 

Type windows firewall into the start menu instant search box and select Windows Firewall or browse to the Windows Control Panel and select Windows Firewall from the list of control panel items.

accessing the windows 7 firewall

Step 2:

Once in the Windows Firewall configuration page select Turn Windows Firewall on or off in the left hand pane.

turn windows firewall on or off

Step 3:

Finally go ahead and choose your option to enable or disable the firewall.  Note:  Remember disabling the firewall is a security risk so do so only if necessary.

customize windows 7 firewall settings

back to topic selection


Learn How to Allow a Program Through the Windows 7 Firewall Step by Step

Allowing a program through the Windows 7 firewall is also a very straight forward task. Just remember to only allow programs you trust through the firewall.

Step 1: 

Type windows firewall into the start menu instant search box and select Windows Firewall or browse to the Windows Control Panel and select Windows Firewall from the list of control panel items.

launch windows 7 firewall via start menu search

Step 2:

Once in the Windows Firewall configuration page select Allow a program or feature through Windows Firewall in the left hand pane.

allow a program or feature through windows 7 firewall

Step 3:

If you already see the program you want to allow through the firewall in the list go ahead and click the Change settings button if needed and then proceed to put the appropriate check marks next to the program you want to allow.  If you don’t see the program you want to allow in the list click the Allow another program button and proceed to Step 4 below.

Note: Notice how you can independently choose to allow a program through the firewall on either a private or public network. In our example below we have allowed Adobe Dreamweaver CS4 to communicate through the firewall on the Home/Work (Private) network only.

allow program t hrough windows 7 firewall

Step 4:

Finally in the Add a Program window look for the program you want to add, highlight it, and then click the Add button.  If you don’t see the program in the list click the browse button and then browse to the executable (.exe) file of a program you want to add.

Note: Allowing the program through both private and public network location profiles can be accomplished by clicking the Network location type button and selecting your choice.  This step is optional for it can also be performed via a checkmark as shown in Step 3. We personally like to set things via the allowed programs dialog in Step 3.

add custom program through windows firewall

back to topic selection


Conclusion:

We hope you enjoyed our Windows firewall guide. Please stay tuned for we will soon be adding details on how to configure Windows firewall policies and more.

Have additional Windows 7 firewall questions? Ask the computer tech now!



See also:


Return from Windows Firewall Learning Guide to Home Page


Contact us | View site map


image
image