Exploring Windows 7 built-in Firewall

Since the launch of the first firewall (Internet Connection Firewall) built in Windows XP system, Microsoft has been steadily improving its system firewall functions. Windows Firewall in the latest client operating system Windows 7 has undergone revolutionary improvements, providing more user-friendly features and significantly improved the firewall for mobile users. In this article, we will introduce Windows Firewall in Windows 7 and how to configure multiple Firewall policies.

Windows Firewall Development History

The firewall software in Windows XP only provides simple and basic functions, and can only protect inbound traffic and prevent any inbound connections not started by the local machine. By default, the firewall is disabled. The SP2 system is enabled by default, so that the system administrator can enable firewall software through group policies. Vista's firewall is built on the new Windows Filtering Platform (WFP), which adds the ability to filter outbound traffic through the Advanced Security MMC snap-in. In Windows 7, Microsoft has further adjusted the firewall function to make it easier for users, especially on mobile computers, and supports various firewall policies.

Windows 7 Firewall

In Vista, the basic settings of Windows 7 firewall are set through the control panel program. Unlike Vista, you can also access advanced settings (including configuring outbound connection filtering) through the control panel without creating an empty MMC and adding a management unit. Click Advanced Settings connection in the left-side pane, as shown in 1.

 

Figure 1: In Windows 7, you can go to advanced firewall settings through the control panel program

More network options

The Vista Firewall allows users to select a public network or a private network. In Windows 7, you have three options: public network, home network, or work network. Both are considered as private networks.

If you select the "home network" option, you can create a Homegroup. In this case, network discovery is automatically enabled, so that you can see other computers and devices on the network, and they can also see your computer. A Homegroup computer can share images, music, videos, and document libraries, as well as hardware devices, such as printers. If your folder contains files that you do not want to share, you can exclude them.

If you select "Work Network", the network is enabled by default, but you cannot create or add it to Homegroup, if you add a Computer to a Windows domain (via Control Panel | System | Advanced System Settings | Computer Name tab) and pass the verification of the domain controller, the firewall automatically regards the network as a domain network.

When you connect to a public wireless network or use a mobile broadband network at an airport, hotel, or cafe, you should select "Public Network". The network will be disabled by default, in this way, other computers on the network will not be able to see your computer, or you will not be able to play Sichuan TV or belong to Homegroup.

For all network types, by default, windows 7 firewall will block connections to programs not on the allowed program list. windows 7 allows you to configure settings for each network type, as shown in figure 2.

Figure 2: Windows 7 allows you to configure different settings for each network type

Multiple valid Modes

In Vista, even if you have configured a scenario for public and private networks, only one of them is valid for a specific period of time. If your computer is connected to two different networks at the same time, this would be a bad thing. In this case, we will adopt the strictest mode to use all the connections, this means that you may not be able to perform all required operations on the local network, because the rules in the public network mode are used at this time. In Windows 7 (and Server 2008 R2), you can use different modes for each network adapter at the same time and use private network rules for private network connections, traffic from public networks uses public network rules.

 

Important minor Functions

In many cases, small changes may bring higher availability. Microsoft has been actively listening to opinions from users who have added some important small features to Windows 7 firewall. For example, in Vista, when you create a firewall rule, you need to list the port numbers and IP addresses respectively. Now you only need to specify the range, this saves a lot of time for this common management task.

You can also create connection security rules to specify which ports or protocols are subject to the Ipsec requirements on the firewall console, without using netsh commands. This is a convenient improvement for those who prefer to use the GUI.

The connection security rules also support dynamic encryption, which means that if the server obtains an unencrypted (but verified) message from the client computer, it can obtain more secure communication by requiring encryption.

Use the advanced settings configuration file

On the Advanced Settings console, you can set configuration files for each network type, as shown in figure 3.

Figure 3: You can use the advanced settings console to set configuration files for each network type

For each configuration file, you can perform the following Configuration:

· Switch Status of Windows Firewall

· Inbound connections (block, block, or allow all connections)

· Outbound connection (allow or block)

· Display notification (whether to display the notification when the program is blocked)

· Whether unicast response is allowed for multicast or broadcast traffic

· In addition to using group policy firewall rules, you can also use the local firewall rules created by the local administrator.

· In addition to using group policies to connect to security rules, you can also use the local connection security rules created by the local administrator.

Logs

Vista Firewall can be configured to record Event Logs to a file (WindowsSystem32LogFilesFirewallpfirewall. log by default ). In windows 7, Event Logs can also be recorded in the Applications and Services section of Event Viewer, which makes access easier. To view this Log, open Event Viewer and click Advanced Security Options in the left pane of Applications and Services Log | Microsoft | Windows Firewall, as shown in figure 4.

Figure 4: Firewall event logs in Event Viewer in Windows 7

In event view logs, you can create a custom view, filter logs, search logs, or enable detailed log records.

Netsh command

Windows 7 contains a backward compatible netsh firewall, but if you run the change command, you will receive a message saying, "important, 'netsh firewall 'is outdated. Please use netsh advfirewall firewall ", if you want to know