Windows 7 : Working with the Windows Firewall (part 2) - Configuring Security for the Basic Windows Firewall & Troubleshooting the Basic Windows Firewall

3/14/2011 6:37:29 PM

2. Configuring Security for the Basic Windows Firewall

The basic Windows Firewall provides essential firewall security for your computer. You can use the basic firewall to protect your computer from many types of attacks. In Control Panel, you can configure the basic firewall by clicking System and Security and then clicking Windows Firewall.

As Figure 1 shows, the main page in Windows Firewall provides an overview of the firewall configuration and status. You can use this information to tell at a glance whether the firewall is on or off, whether notifications are displayed when a program is blocked, and to which type of network you are currently connected. The network type determines which firewall profile is currently being applied. There are separate profiles for:

  • Home or work (private) networks

  • Public networks

  • Domain networks

In the left pane are links for accessing management settings, including:

  • Allow a program or feature through Windows Firewall

  • Change notification settings

  • Turn Windows Firewall on or off

  • Restore defaults

  • Advanced settings

Figure 1. Viewing the status of Windows Firewall

Clicking either “Change notification settings” or “Turn Windows Firewall on or off” opens the Customize Settings page. You can use the options on the Customize Settings page to turn the firewall on or off (see Figure 2) for each profile. To turn the firewall on, click “Turn on Windows Firewall.” This setting allows the firewall to block incoming connections. To turn the firewall off, click “Turn off Windows Firewall (not recommended).” This setting turns the firewall off and makes your computer vulnerable to remote attacks through network and Internet connections.

Figure 2. Turning the firewall on or off

When you are connecting to networks that are less secure, you may want to turn the firewall on and block all incoming connections to your computer. To do this, select the “Turn on Windows Firewall” option and the “Block all incoming connections...” checkbox. This setting ignores all settings in the firewall configuration and blocks every connection to your computer. You can turn off notifications by selecting the “Notify me when Windows Firewall blocks a new program” checkbox.

Back on the Windows Firewall main page, clicking “Allow a program or feature through Windows Firewall” opens the Allowed Programs page. This page, shown in Figure 3, allows you to control how programs communicate through Windows Firewall. Many Windows components commonly used for networking have exceptions listed in the Program or Port list. By default, you can view the configured exceptions but cannot make changes. To modify the settings, click Change Settings.

Figure 3. Configuring firewall exceptions


Keep in mind that changing or disabling the default configuration of Windows Firewall may leave your computer in a vulnerable state. Take considerable care when changing these configuration settings.

You can enable an exception for a program by selecting the related checkbox and then selecting the profiles on which the exception should be enabled. By default, the checkbox for the active profile is selected.

To disable an exception for a profile, clear the related profile checkbox. To disable an exception entirely, clear the program checkbox or clear all the related profile checkboxes.

To learn more about an exception for a Windows component, select the exception by clicking it and then click Details.

Using the “Allow another program” button, you can add new programs to the exception list, giving you greater control over your computer’s security parameters. You can permanently remove any exception you add by clicking the exception and then clicking Remove.

Clicking “Restore defaults” and then clicking the Restore Defaults button allows you to remove all Windows Firewall settings that you can have configured for all network profiles. Although this might cause some programs to stop working, it resets the Windows Firewall to its original post-installation configuration.

3. Troubleshooting the Basic Windows Firewall

Like Window Defender, Windows Firewall runs as a service on your computer. If you begin to experience problems connecting to your network or you cannot connect to a specific computer or resource on the network, you may be experiencing problems associated with Windows Firewall. Other telltale signs of firewall problems include other computers failing to connect to your computer or the inability to ping, tracert, or access network resources even though you have an IP address.

As with Windows Defender, start your troubleshooting by making sure that Windows Firewall is on. If the firewall is on and you are blocking all incoming connections, you might want to clear this setting for your troubleshooting. Next, you should verify that the Windows Firewall service is running through the Services node in Computer Management. Verify that the service status is listed as Started, and make sure the “Startup type” is set to Automatic. If the service is not listed as Started, click the Start button to start the service. Also, verify the logon credentials using the Log On tab associated with the service’s Properties dialog box. You should see “Local service” as the selected account.

If the firewall still isn’t working properly, you need to verify the network location. When you click the Windows Firewall option in Control Panel, the main firewall window shows the connected networks. If you are on a private or domain network, other computers should be able to connect to you by default. If you are on a public network, most types of connections to your computer are disabled. If the wrong location type is listed, you can change the location type in the Network and Sharing Center by clicking the network type link, selecting the desired location type, and then clicking Close. Don’t change the location type without first considering the possible ramifications of doing so. If you are on a public network such as a wireless hotspot in a cafe or airport, and you specify that you are on a private network, you will open your computer to attack.

If the firewall still isn’t working properly, check the exceptions that are listed on the Allowed Programs page. In most configurations, a home or work (private network) should have the following exceptions enabled:

  • Core Networking

  • File and Printer Sharing

  • HomeGroup

  • Network Discovery

  • Remote Assistance

You might also have exceptions for:

  • Connect to a Network Projector

  • Windows Live Call

  • Windows Live Messenger

  • Windows Live Sync

  • Windows Media Player

  • Windows Media Player Network Sharing Service

If you believe the appropriate exceptions are enabled and you still have problems, you can click the Restore Defaults button on the main firewall page and then click the Restore Defaults button to go back to the original postinstallation Windows Firewall settings and remove any changes you have made to these settings since installing the operating system. Keep in mind that this will also disable any custom exceptions you have created, possibly causing certain programs to function incorrectly. This is especially true for networked games, so you will need to reenable your custom settings after verifying that your network connections work correctly after resetting the default configuration.

  •  Windows 7 : Using Windows Defender (part 3) - Using Windows Defender Tools & Troubleshooting Windows Defender
  •  Windows 7 : Using Windows Defender (part 2) - Scanning Your Computer for Spyware and Malware
  •  Windows 7 : Using Windows Defender (part 1) - Configuring Windows Defender
  •  Windows 7 : Protecting Your Computer with Windows Defender and Windows Firewall - Introducing Action Center
  •  Windows 7 : Navigating the Computer Security Maze
  •  Windows 7 : Troubleshooting Common Problems on Small Networks
  •  Windows 7 : Advanced Networking Concepts
  •  Windows 7 : Networking with TCP/IP (part 2) - Understanding IPv6 & Configuring IPv4, IPv6, and Other Protocols
  •  Windows 7 : Networking with TCP/IP (part 1) - Understanding IPv4 & Using Private IPv4 Addresses and Networking Protocols
  •  Windows 7 : Mapping Your Networking Infrastructure (part 2) - Viewing the Network Map & Viewing and Managing Your Network Connections
    Video tutorials
    - How To Install Windows 8

    - How To Install Windows Server 2012

    - How To Install Windows Server 2012 On VirtualBox

    - How To Disable Windows 8 Metro UI

    - How To Install Windows Store Apps From Windows 8 Classic Desktop

    - How To Disable Windows Update in Windows 8

    - How To Disable Windows 8 Metro UI

    - How To Add Widgets To Windows 8 Lock Screen

    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010
    programming4us programming4us