Windows Vista Firewall - Security.
Prior to Windows Vista, versions of Windows desktop editions (95, 98, NT, 2000 and
XP), security, access and change control was some what limited or to open. Not anymore.
Windows Vista excels in security and is considered by many to be the most important
WOW factor in Vista. Security features such as User
Account Control(UAC), Firewall with Advanced Security and Windows Defender, help protect important operating system
files and personal data from malicious attacks by hackers and/or crackers.
Windows Vista Firewall with Advanced Security.
Windows XP SP2 introduced the first built-in entry level Windows desktop firewall.
The firewall was effective but lacked many advanced management features that you
would expect to find in a modern day firewall product. With Windows Vista, Microsoft
has included an advanced management security console to help advanced
users configure and fine tune their firewall security settings.
With Windows Firewall with Advanced Security, you can now configure Inbound and
Outbound Rules, Block or Allow incoming or outgoing connections based off Protocols
and Ports and/or Programs and Services. The Inbound and Outbound Rules can be enforced
on predefined profiles, Public, Private, Domain or all Profiles.
The default Inbound rule settings is to block all connections that do not have rules
that allow the connection unless the incoming request is a response from the client.
The default Outbound rule is to allow all outbound connections unless you have explicitly
block an Outbound connection.
Creating Inbound and Outbound rules are quick and easy with the new Rules wizard.
Let's do an example.
We are going to create an Outbound rule that is going to block an application from
making outbound connections. We are going to block Internet Explorer from accessing
all outbound connections.
 Open
Windows Firewall with Advanced Security.
Click Start, in the search box, type mmc and press enter.
You might be prompted for the Administrative Password or click continue for UAC.
 With
the mmc console open, click File, Add/Remove Snap-in...
 With
the add and Remove Snap-In dialog, click Windows Firewall with Advanced Security
and click Add. On the following dialog box, ensure local computer is selected and
click Finish. Click Ok.
 Expand
Windows Firewall with Advanced Security and click OutBound Rules.
 Right
click Outbound Rules and click New Rule.
The new Outbound Rules Wizard starts.
 Under:
What type of rule would you like to create, ensure Program is selected. Click Next.
 On
the following page (Program Page), ensure: This program path is selected. Browse
to the path of Internet Explorer.
The default Internet Explorer path is: %ProgramFiles%\Internet Explorer\iexplore.exe
 On
the following page (Action Page), ensure Block the Connection is selected and click
Next.
 On
the following page (Profile Page), ensure the Domain, Public and Private fields
are all checked. Click Next.
 On
the following page (Name Page), enter the name of the rule. Always enter a meaningful
name that is identifiable on sight. example: Block_InternetExplorer. You can also
provide a description or a note in the description field. Click Finish.
Now open Internet Explorer and try and surf the internet. If all went well, you
should not be able to surf.
With this small example you can see the ease of use and the power of Windows Firewall
with Advanced Security.
 Note:
To delete this rule, select the rule from the Outbound Rules, right click and click
Delete. Close Internet Explorer, Open Internet Explorer and you can surf the Internet.
Remember: As it's name states, Windows Firewall with Advanced Security, is an advanced
and powerful security tool. Ensure you know what you are doing and the implications
of what you are doing prior to rule changes.
|