Measure the test taker's knowledge about the advantages and disadvantages of Windows Firewall.

Learn the pros and cons of Windows Firewall
Measure the test taker's knowledge about the advantages and disadvantages of Windows Firewall.

Endurer Note: front and back sides of pros and cons, advantages and disadvantages, and advantages and disadvantages

Http://techrepublic.com.com/5100-1009_11-6063367.html? Tag = NL. e101
By Michael Mullins ccna, MCP
By Michael mulrentccna, MCP
Translation:Endurer1Version
Keywords: security applications/tools | firewils | Security | Internet
Keywords: security applications/tools | firewall | Security | Internet
Takeaway:
Is Windows Firewall up to the task of securing your network? Mike mulrenthas his doubts. In this edition of Security Solutions, he delves into the details of Windows Firewall and weighs its pros and cons.
Overview: Is Windows Firewall competent for your network security tasks? Mike Mullins has doubts. In this security solution, he thoroughly studied the details of Windows Firewall and weighed its advantages and disadvantages.

Endurer Note: 1. Up to till, equal to; ongoing (until, equivalent to, competent, determined)
2. Delve into research, in-depth research

 
Windows Firewall debuted with the release of Windows XP, and Windows XP Service Pack 2 enabled this feature by default. This host-based stateful firewall replaced windows 'Internet connection firewall.
Windows Firewall was launched for the first time with the release of Windows XP, and Windows XP Service Pack 2 is enhanced by default. This host-type application status (detection) Firewall replaces Windows Internet Connection Firewall.

Stateful Firewall is a new firewall technology. For more information, see stateful-inspection (http://www.bupt.edu.cn/regnet/document/network/firewall1.htm)

This feature's default configuration rejects incoming IP traffic unless you 've specifically allowed it. to configure or adjust the Windows Firewall settings, Go to Start | control panel, and double-click the Windows Firewall applet. let's take a closer look at the various settings.
The default configuration of this feature rejects incoming IP traffic, unless you have already granted special permission. To configure or adjust Windows Firewall settings, start --> Settings --> control panel, and double-click the Windows Firewall program.

Know your options
Clear options

On the General tab, you can use the On and off radio buttons to enable or disable Windows Firewall. You can also choose to disallow exceptions.
On the General tab, you can use the enable or disable radio button to enable or disable Windows Firewall. You can also disable exceptions.

The exceptions tab should des a list of programs and services that you can select or deselect to allow or remove access to the network. You can also add or delete ports (both TCP and UDP ).
The exception tab contains a list of programs and services. You can select or unselect them to allow or remove network access. You can also add or delete ports (both TCP and UDP ).

When adding programs or ports, you also have the following options to limit the scope of access: Any computer (including those on the Internet), my network (subnet) only, or custom list, which allows you to choose a mix of IP addresses and subnets.
When adding programs or ports, you also have the following options to restrict access: some computers (including the Internet), only my networks (subnets), or custom sequences, this custom sequence allows you to select IP addresses and subnet sets.

Endurer Note: 1. Custom list [Microsoft] custom Sequence

On the Advanced tab, you can choose which connections the firewall will apply to, and you can specify logging features. you can also control, with some granularity, how the firewall handles Internet Control Message Protocol (ICMP) packets.
On the Advanced tab, you can select the connection to which the firewall applies and specify the logon feature. You can also precisely control how the firewall handles Internet Control Message Protocol (ICMP) packets.

Finally, if you get completely lost and make changes that prevent the computer from connecting to the Internet, you can click the restore defaults button. this removes all of your changes, returning Windows Firewall to the Microsoft default state.
Finally, if you are completely lost and want to prevent computer connection to the Internet from changing, you can click the Restore Default button. This will clear all the modifications you have made and allow the Windows Firewall to return to the Microsoft default status.

Endurer Note: 1. Get lost

Know how to adjust the settings
Learn how to adjust settings

You can use the method described above to manually change the Windows Firewall settings. However, you can also use a variety of methods more suited for enterprise deployments. Here are some of your options:
You can use the above method to manually change the Windows Firewall settings. However, you can also use a variety of methods that are more suitable for enterprise deployment. Here are some options:

• Unattend.txt:You can use this text file used during unattended setup when deploying multiple systems that have similar deployments.
  Unattend.txt: when multiple systems with similar configurations are deployed, you can use this text file without human value punctuality.
• Netfw. ini:You can modify and deploy this file via login scripts or a control system such as Systems Management Server (SMS). You can find this file in the % WINDIR %/INF folder.
  Netfw. ini: you can modify and deploy it by logging on to a script or a control system such as Windows System Configuration Management Solution (SMS. You can find this file in % WINDIR %/INF.
• Netsh:You can execute this command at the command prompt or through a scripted batch file deployed at login.
  Folder. netsh: You can run this command at a command prompt or by running a script batch file when logging on to the deployment.
• Group Policy:In an Active Directory environment you can use group policy to deploy Windows Firewall events. update existing Group Policy objects with the Windows Firewall policy settings from the updated system. ADM Template already ded with Windows XP SP2. you can find these new settings under Computer Configuration | Administrative Templates | Network | network connections.
  Group Policy: in the Active Directory environment, you can use the Group Policy to deploy Windows Firewall configuration. Use the Windows Firewall policy settings in the upgraded system. ADM template in Windows XP SP2 to update the existing group policy objects. You can find these new settings in Computer Configuration> management template> network connection.

Of course, all of these available configuration and deployment options beg the question: does this firewall adequately protect your computer?
Weigh the pros and cons

Of course, all these available configurations and deployment options circumvent the essence of the problem: Does this firewall fully protect your computer?

Endurer Note: 1. Beg the question uses unresolved issues as arguments (avoiding the essence of the problem)

Weigh the pros and cons
Weigh advantages and disadvantages

The Windows Firewall does a good job of proxying inbound responses to outbound connection requests, and it does a good job of blocking inbound connection requests for TCP or UDP conversations that you haven't initiated. it will block any connection attempts that you haven't specifically allowed in the settings. however, that's only half of what a firewall needs to do.
The Windows Firewall proxy does a good job of responding to inbound requests for outbound connections and blocking inbound requests for TCP or UDP sessions that you have not initiated, it will block connection attempts that are not particularly allowed in the settings. However, this is only half of what the firewall needs to do.
Endurer Note: 1. Do a good job
2. Inbound [computer] Inbound
3. Outbound [computer] outbound

A firewall shoshould also monitor, inspect, and proxy outbound communication-and this is where Windows Firewall fails. any program on your computer can initiate any type of connection to any IP address on the Internet, and the Windows Firewall will sit by passively and let it happen!
The firewall also needs to monitor and detect communications with the proxy-and this is where the Windows Firewall fails. Some programs on your computer can initialize any type of connection to any IP address on the Internet, and Windows Firewall will stand by and let it happen.

Endurer Note: 1. Sit by stands by, indifferent

Don't let any prompts fool you: even though it tells you a program has initiated a connection to the Internet and asks if you want to allow this connection, the connection has already occurred. what it's really asking is whether you want to allow the Internet to connect to this program.
Don't let any prompt to cheat you: Even it tells you that a program has initialized a connection to the Internet and asks if you want to allow the connection. The connection already exists. It actually asks if you want to allow Internet connection to this program.

Final Thoughts
Thoughts

As far as I'm concerned, a firewall mechanic that only works one way is a security feature-not a firewall. thanks to viruses, worms, Trojans, and a host of other malware and spyware that arrive on your computer daily, you need to be able to control communications from both directions ctions.
As for my concerns, the firewall mechanism to be improved is a security feature-not a firewall. Because every day your computer's viruses, worms, Trojans, and other malware and spyware, you must be able to control two-way communication.
Endurer Note: 1. As far as far away until, as
2. Work one's way
3. Thanks to, thanks to, thanks to

Every computer connected to any network (e.g ., dial-Up, Ethernet, or wireless) needs a firewall, and Windows Firewall just isn' t up to the task. find yourself a free firewall or pay for one from a reputable vendor, but don't let Windows Firewall fool you into thinking it completely protects your computer. half a firewall is no better than no firewall at all.
Each computer connected to any network (for example, dial-up, Ethernet, or wireless) needs a firewall, but Windows Firewall cannot perform this task. Find a free firewall for yourself or pay for it from a famous brand supplier, but do not let Windows Firewall cheat you think it fully protects your computer. In fact, half of the firewalls are as bad as those without firewalls.

Endurer Note: 1. Fool sb. Into doing
2. No better than is as bad as...
 

Endurer notes: References:
How to configure Windows Firewall in Windows XP Service Pack 2
Http://support.microsoft.com/kb/875356/zh-cn