Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account

An Introduction to Windows 7 Home Premium Firewall

  • Please log in to reply




  • Member
  • PipPip
  • 11 posts
Posted Image

This is Windows 7 Firewall. It has a variety of features to help you manage what and where, can connect to the internet
or network communications mediums. It comes pre-packed with a large set of rules for numerous programs, protocols,
and ports. Some of the predefined rules were setup with well-known addresses, that is addresses that have become a
standard point of communication for certain programs. In addition, as you add programs to your Windows operating
system, it allows those programs to create rules tailored to their operating needs, after a user accepted prompt.

There are three (3) default columns to view when you open the Windows 7 Firewall. Before we get into that, you can open
and edit Windows 7 Firewall by following these steps:

Posted Image

Start by clicking on the Windows START button, and navigating to Control Panel. Alternatively, you can customize the start
menu entries by right-clicking the task bar/menu bar area and selecting properties. On the second tab, Start Menu,
there is a customize button which allows you to pick and choose what features and locations are viewable on the Windows
Start Menu. One option you have is to place an icon for Control Panel onto your Desktop, but assuming you haven't, this
is where you can find the Control Panel default link.

Posted Image

Once you are in the Control Panel menu, click System & Security at the top of the left column. This will bring you to
another menu, from which you may select Windows Firewall, the second option down on the list.

Posted Image

Again, once you're in the Windows 7 Firewall configuration panel, it looks like this and there are three columns to the interface
with a plethora of things to do in order to tailor Windows 7 to suit your needs. In addition to the three columns, there is a
text menu at the top of the configuration panel and a small task bar of buttons for your use, all for easy navigation of the
configuration panel. Included buttons are a Back button for navigating back to your last working space, a Forward button to
do the opposite; there is an Up One Level button to navigate the configuration panel in parallel, a Help button that displays
useful information in the Microsoft Management Console complete with links to web resources and in program documents, as
well as a button to Show/Hide Action Pane, which is the column to the far right of the configuration panel.

Posted Image

The Action Pane is self-explanatory, but there are three versions of the pane: When you are at the default configuration panel "front page", the Action Pane displays Import Policy, Export Policy, Restore Default Policy, Diagnose/Repair, View, Refresh, Properties, and Help. When you select either Inbound Rules or Outbound Rules in the Windows Firewall with Advanced Security on Local Computer Pane, the one to the far left, the Action Pane changes to display: New Rule, Filter by Profile, Filter by State, Filter by Group, View, Refresh, Export List, and Help. If you actually click a rule in the Inbound or Outbound rules, the Action Pane gives you a third version with everything from the second version, plus another menu tailored to the highlighted rule so that you can Enable/Disable the rule, Cut the rule and Paste the rule elsewhere in the list of rules, you can Delete the rule, view it's Properties, and open the Windows Management Console Help documents.

Posted Image

Action Pane Version 1:

This version of the Action Pane is definitely geared towards more advanced users. The most obvious points of difficulty
being with the Import/Export Policy buttons. Using these features means that you have manually configured the Windows
7 Firewall in a .wfw file format in the Windows Powershell or by opening the Group Policy Manager. If you are a Windows
7 Home Premium user, like myself, you do not have a the Group Policy Manager feature. You can perform some group policy
tasks from a Powershell or Elevated Command Prompt, but the ease of use and full power of the feature is unavailable to you.
As a result, if you use either of these two options (Import/Export Policy), it will most likely be Export Policy which is just as well
because once you've spent your time configuring the Windows Firewall and have a default setup that you like, or one that you
are sure will require little change, you can export the policy rules to your Documents folder, save it on a USB or Cloud service
and it will be available to you if you ever have to reload your Windows Operating System or otherwise manage to screw up your
settings. Managing the Windows Firewall can be a very time consuming task, so Export Policy is a lifesaver, as is the Restore
Default Policy. If you ever manage to do something to Windows 7 Firewall and can't find your way back, you can always restore
the Default Policy (or if you've exported a default policy that is available). Selecting the Diagnose/Repair option will open the
Windows Troubleshooter for Network & Internet. Troubleshooter can save you a lot of time, and having to restore to a default policy
by automatically detecting rules or settings that are preventing you from connecting to the internet or using installed features like
file and print sharing. More information is available on the Windows Troubleshooter menu, selecting any of the options there
will open a Wizard to guide you through the process of troubleshooting common connection problems. The Refresh button will
refresh the screen bitmap if there is some glitch in your view, and a setting that is more important to everyday users which is available
on all three versions of the Action Pane, albeit in two different versions, is the Properties option.

Posted Image

Version 1 of the Action Pane opens this Properties Menu. There are 3 Zones whose generic properties can
be managed from this screen: Domain, Private, and Public. The options are the same for all three zones. You
can customize logging to increase the size of the log file, to log dropped packets and successful connections.
By default, the location of the Windows Firewall .log file is at %systemroot%\system32\LogFiles\Firewall\pfirewall.log,
but you have the option to change the folder the log file saves into. Another option you have from this menu is to change
Firewall Behavior via custom Settings. These options include whether you are prompted when an application is blocked
by Windows Firewall, and whether or not the Firewall will permit Unicast Responses from Multicast network activity.
For those of you who don't know, Multicast communication has a reserved range of IP addresses so that applications
which send information to numerous systems on a network at once have an open pathway. Allowing a Unicast response
only means that you are allowing Windows Firewall to accept Unicast responses from those Applications (singular responses).
Lastly the Help menu is available on this and all versions of the Action Pane. The last option available in this Properties Menu
is IPsec Settings.

Posted Image

IPsec Settings stand for IP Security Settings. The menu won't really let you do anything to stop communication
between you and the network from here on accident, you have to be able to enter specified information for connections
and those rules are only used when rules exist for the connection during the Handshake process. That is the process
in which negotiations and rules for communication are established between systems. It doesn't hurt to have IPsec enabled.
Different encryption algorithms are available for security including Kerberos5, Diffie-Helmann, and SHA1. In most instances
you have to have generated keys for use with these algorithms, but enabling IPsec should not interrupt your connectivity,
although you may receive a limited connection icon on your network indicator icon until you reboot your computer.
Steps for generating Diffie-Hellman keys can be found here: http://msdn.microsof...9(v=vs.85).aspx
Another option available from this menu is whether to exempt or include ICMP in the IPsec settings. More on IPsec can be read here:
http://technet.micro...k/bb531150.aspx and here: http://en.wikipedia.org/wiki/IPsec

Posted Image

The second version of the Properties Menu is available under the third version (if you're keeping track) of the Action
Pane. It is another part of the Windows Firewall geared toward more advanced users, although it is simple to use with
a simple understanding of network communication. There are 7 tabs of settings. The first tab, General, is a summation
of what programs and services are effected, what is allowed and not allowed, whether the rule is enabled, and if the connection
is allowed, does it require secure connections/encryption. All of the Windows Firewall rules have this option for connections.
The options allowed for secure connections are Allow the connection if it is authenticated and integrity protected,
Require the Connections to be Encrypted, Allow the Connection to use Null Encapsulation, and Override Block rules.
Each of these options can effect your connectivity, for instance requiring a secure connection will exempt you from
surfing the large portion of the internet that does not utilize the HTTPS (hypertext transfer protocol secure) protocol.
Requiring encryption of connections means that only encrypted connections are permitted for that application,
server, and/or protocol. Large portions of the internet do not establish encrypted connections for common internet usage
or for launching applications that use the internet. Use these settings only if you have access to regular connections
which are encrypted, like company intranet. Requiring Authentication and Integrity means that the user is authenticated
with net credentials and that the integrity of the data is assured, meaning this type of connection takes steps to ensure
data is not corrupted. Null Encapsulation means that edge traversal is permitted so the integrity of data is not assured, although
the user must be authenticated.

Posted Image

The last option on the General Tab/Allow Connection only if it is Secure, Override Blocking Rules allows users or computers
to bypass normal Firewall blocking rules with a program, service, or application. You must specify which users and computers
are permitted to bypass Firewall Security in the Users and Computers tab. This is another function to which Home Premium Users
will have limited access because in the Microsoft Management Console, you cannot edit local users and groups and most likely,
as Windows does not let you do much Power Administration, the only groups available will be default security groups and accounts
which do not need access to your programs, and if they do, they enter a firewall rule.

A more pertinent part of this menu to the Home user is the Programs and Services Tab.

Posted Image

From this menu, you choose what Programs and Services, if any, are affected by the rule you are setting. Setting a Program or
Service for a rule is not the end of your ordeal; however, you have to choose a scope, determine which Zones are affected, what
IP addresses are affected (which you can choose all), and which ports and protocols. Ports and Protocols plays a big part in the Firewall
rule because it defines what protocols can communicate for a given program, where, and how. Certain protocols and program
require certain ports to communication, these are called well known addresses. A very extensive list of these ports and applications
can be found on Wikipedia, here: http://en.wikipedia....DP_port_numbers
Most likely, a home user does not need that list, but it also serves the purpose of a reference if you ever use the Netstat
command available in Windows, you can reference a port or application against this list. A Netstat tutorial can be found
here: http://technet.micro...y/bb490947.aspx The Scope menu will allow you to define what IP addresses are affected.

Posted Image

From the Scope menu tab you can select what Zones are affected, and whether or not to allow
unsolicited packets to be received (that is packets that have passed through NAT (Network Address Translation)
Devices, Routers, or Firewalls. You can also select which network interfaces (NIC's) this rule corresponds to
which can add a small measure of security as well.

Posted Image

While you're utilizing the Properties Menu for rules and browsing the list of default or custom rules for Windows
Firewall, let's not forget there is another version of the Action Pane. This version simply offers a button for adding a new rule
(which you can do by right-clicking Inbound/Outbound Rules in the far left pane). You can also filter the list of viewable rules
Profile (Domain, Private, Public), State (Enabled or Disabled), and Group which the rules are grouped according to the programs
affected (not the protocols targeted by a specific rule).

Regardless of what rule you're looking at, you'll note there are a few protocols that are targeted by unique rules. These include UDP (user datagram protocol),
TCP (transmission control protocol), IPv6 (version 6 IP addressing), IPv4 (version 4 addressing), ICMP (Internet Control Message Protocol). As well as a number of message types:
Packet too big, Multicast Listening; etc. These protocols were designed to perform unique functions in TCP/IP which dominates the internet today.
User Datagram Protocol is a connectionless protocol, meaning that it doesn't verify data sent, that programs utilize. Transmission Control Protocol is a connection-oriented
protocol that does verify data, while IPv6 is a new IP addressing scheme designed to extend internet addresses for regional assignments as IPv4 has become too congested
to accept new systems. Most programs require a TCP and UDP port, so make sure you know what you are doing before limiting communication of any of these protocols
or message types. You may just wind up short selling yourself on broadcasts over the network.

Posted Image

Lastly, having explored the necessary functions of each pane to one degree or another, is an option of the right most pane of the
Windows Firewall configuration menu. The option being looked for is connection security rules, and for this image I have right clicked
the working area and chosen 'new rule'. From this menu, you can enter a number of self styled Wizards for adding authentication and
security rules that will govern all of your internet connections through the Windows 7 Firewall. Because you need to be familiar with
credentials and security types, this is a menu for the advanced user, and the solicited user, like those setting up to a company
  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP