2.8.1. Windows Firewall – Part 1 By Val BakhThis article provides a high-level overview of firewalls and Windows Firewall (WF). This article provides a simplified conceptual view of the relevant functionalities. It is not intended to be an instruction manual for IT professionals, but as a light-reading material. This material will be easier to understand if you have access Windows 7 or Windows 8 as well as the WF dialog boxes.
A network firewall can be either a security device, or a computer that is configured with the appropriate software such as Microsoft Forefront Threat Management Gateway. TMG is the successor of Microsoft Internet Security and Acceleration Servers (ISA) and Microsoft Proxy Server. A firewall usually has two network interfaces. Although it can have more interfaces, two is sufficient to cover the basic principles. A firewall is not symmetrical, in that one interface is the front and the other is the back. This is unlike a regular router which connects multiple networks. A firewall protects a private network that is connected to the firewall’s back interface from the Internet and other external networks. Traffic flowing from the back to the front is considered outbound and traffic flowing in the opposite direction, is considered inbound.
Different firewall designs offer different levels of sophistication. Most firewalls can be configured in many ways to meet specific needs. A firewall blocks all inbound traffic, or at least most of it, and allows outbound traffic to be processed. This is the most common configuration. Rules define any exceptions to this arrangement. Inbound rules allow certain types of unsolicited traffic to enter, while outbound rules block specific types of outbound traffic. Most of the time, outbound rules are not necessary to allow hosts to access the Internet.
WF is a host based software firewall. The main difference between a network firewall or a host-based firewall, is that the former protects a whole network while the latter only protects a single computer. Let’s say you connect a Windows machine to two networks and set it up as a router. WF will block all unsolicited traffic to the computer, but it will not block transit traffic between the two networks. WF functions in other ways like a network firewall. A host-based firewall’s front is the rest the network, while the back is the local host. Client and server are closely related concepts to a host based firewall. A client is an application or computer that requests a service. A server is an application or computer that provides the service. A client initiates communications. A server responds to client requests. While firewall rules are not necessary to support client applications, you will need inbound rules to ensure that server applications work. Inbound rules, on the other hand, are the ones that you will need to deal most often.
After you have installed Windows 10, any version of Windows modern, WF will be turned on by default. It includes several dozen preconfigured rules that are commonly used. Some of these rules are already enabled as they are essential for the operating system’s proper functioning. Others rules are waiting for you to enable them, in case you ever require them. Often, when you install an app or an optional operating system feature they automatically enable the required WF rules or add them. S
