Come and join us as we make a the world a safer place using our Windows Firewall in this edition of Geek School.

Be sure to check out the previous articles in this Geek School series on Windows 7:

Introducing How-To Geek School Upgrades and Migrations Configuring Devices Managing Disks Managing Applications Managing Internet Explorer IP Addressing Fundamentals Networking Wireless Networking

And stay tuned for the rest of the series all next week.

What is a Firewall?

Firewalls can either be implemented as hardware or as software. They were designed to protect networks by stopping network traffic from passing through them, as such they are normally placed on the perimeter of a network where they allow outbound traffic but block inbound traffic. Firewalls are based on rules that you as an administrator would define. There are three types of rules.

Inbound rules apply to any traffic that originates from outside of your network and is destined for a device on your network. Outbound rules apply to any traffic that originates from a device on your network. Connection-specific rules enable a computer’s administrator to create and apply custom rules depending on what network you are connected to. In Windows this is also known as Network Location Awareness.

Types of Firewalls

Typically in a large corporate environment you have a whole security team dedicated to protecting your network. One of the most common methods that can be used to enhance the security of your network is deploying a firewall at the boundary of your network, for example between your corporate intranet and the public internet. These are called perimeter firewalls and can be both hardware based as well as software based.

The problem with perimeter firewalls is that you can’t protect nodes on your network from traffic generated inside your network. As such you will normally have a software based firewall solution running on every node on your network as well. These are called host based firewalls and Windows comes with one out of the box.

Meet the Windows Firewall

The first thing you will want to do is check that your firewall is turned on. To do that open the Control Panel and head into the system and security section.

Then click on Windows Firewall.

On the right hand side you will see the two firewall profiles as used by Network Location Awareness.

If the firewall is disabled for a network profile it will be red.

You can enable it by clicking on the link on the left hand side.

Here you can easily enable the firewall again by changing the radio button to the enabled setting.

Allowing a Program Through the Firewall

By default the Windows Firewall, like most others, drops any unsolicited inbound traffic. To prevent this, you can set up an exception in the Firewall rules. The problem with this approach is it requires you to know port numbers and transport protocols such as TCP and UDP. The Windows Firewall allows users not familiar with this terminology to instead whitelist applications that you want to be able to communicate on the network. To do this again open the Control Panel and head into the System and Security section.

Then click on Windows Firewall.

On the left hand side you will see a link to allow a program or feature through the firewall. Click on it.

Here you can enable a firewall exception for a firewall profile by simply ticking a box. For example, if I only wanted remote desktop to be enabled when I was connected to my safe home network, I can enable it for the private network profile.

Of course, if you wanted it to be enabled on all networks you would tick both boxes, but really that’s all there is to it.

Meet the Firewall’s More Experienced Brother

More experienced user will be pleased to find out about somewhat of a hidden gem, the Windows Firewall with Advanced Security. It allows you to manage the Windows Firewall with more fine grained control. You can do things such as block specific protocols, ports, programs or even a combination of the three. To open it open the start menu and type Windows Firewall with Advanced Security in the search box, then press enter.

The Inbound and Outbound Rules are split up into two sections which you can navigate to from the Console Tree.

We are going to be creating an inbound rule, so select Inbound Rules from the Console Tree. On the right hand side you will see a long list of Firewall rules appear.

Its important to notice that there are duplicate rules which apply to the different firewall profiles.

`

To create a rule right click on Inbound Rules in the Console Tree and select New Rule… from the context menu.

Let’s create a custom rule so we can get a feel for all the options.

The first part of the wizard asks if you want to create the rule for a specific program. This differs slightly from creating a rule for a program using the normal Windows Firewall as demonstrated earlier. Rather, what the wizard is saying is you are about to create an advanced rule such as opening port X, would you like all programs to be able to use port X or would you like to restrict the rule so that only certain programs can use port X? Since the rule we are creating is going to be system wide, leave this section at its defaults and click next.

Now you have to configure the actual rule. This is the most important part of the entire wizard. We are going to create a TCP rule for local port 21, as seen in the screenshot below.

Next we have the option of tying this rule to a network card by specifying a specific IP address. We want other computers to communicate with our PC regardless of which network card they contact, so we will leave that section blank and click next.

The next section is critical as it asks you want this rule to actually do. You can Allow, Only allow it if the connection is using IPSec or you can simply block Inbound communication on the port we specified. We will go with allow, which is the default.

Next you have to choose which firewall profiles this rule is going to apply to. We will allow communication on all networks except those marked as public.

Finally, give your rule a name.

That’s all there is to it.

Homework

I can’t stress how important firewalls are so go back and re-read the article and make sure you follow along on your own PC. 

If you have any questions you can tweet me @taybgibb, or just leave a comment.