Firewall is like a security guard in any company which determines if any person or material is allowed to connect to outside world or any connection from outside can enter your system. It has been asked to follow some rules, which in Windows are called as Inbound and Outbound rules, before any thing goes out or comes in.
Now what happens when a stranger comes in without an appointment ? Security guard calls the help desk to ask. Same thing happens with Windows Firewall here. It’s monitoring system pop up a window when it doesn’t any rule for some unknown programs.
Windows Firewall comes with some predefined rules so you don’t get bothered every time when a program connects to internet. Like Explorer or Live Messenger. So its a common experience people don’t see it most of the time. To configure windows firewall there are two ways i.e. Basic Mode and Advanced Mode
Basic Mode of Managing Firewall
Basic Mode involves to enable firewall, Adding and Removing programs to firewall rules quickly. Go to control panel > Switch to Classic Mode > Double click Windows Firewall icon. ( You will need admin privileges so make sure your account has it) .
Here you get direct options to turn it on or off and second option is to allow a program through windows firewall rule. If you wish to add any program which you know is safe this is the place to do it. Don’t worry its not like you add something to windows firewall and it stops working. That’s not right.
Adding a Program and Port to Windows Firewall
Let us add a program to firewall rule so it is allowed to pass through. Click on it and a windows with Exception tab will be focused for you. Since you are allowing the program to pass through windows firewall its called as exception. Like the General Manager of the company is not asked. People know he can come in.
- Click on Add program
- Select the EXE or executable file either by browsing it or from the available options
- Press OK and you are done
There is another option called as SCOPE, in the same window, which allows you to configure where the program is blocked. Lets say a program is allowed to run at Home but not in Office or may be some set if IP addresses. You can configure it right here.
This is how we add program exceptions to firewall rules. Same way you can add a port also. Just add the port number and specify if its UDP or TCP port.
Keep check on Notify me when firewall blocks any program. This help you when you installed a new program which windows firewall doesn’t know about it. If you had this notification on you can create the rules to allow the program to pass through windows Firewall at the moment program is blocked.
Advanced Mode of Managing Windows Firewall.
So in this section will convert how to create Inbound and Outbound rules for Windows Firewall. This is similar to basic mode but you get different options and with more complexity.
Type WF.msc in your run dialog box. This opens up Windows Firewall with Advanced Security program which allows you to create inbound rules , outbound rules, Connection security rules and Monitoring.
- Inbound rules determine which programs are allowed to bring the data in , Outbound are just opposite of that.
- Connection Security Rules are not exactly firewalls but it involves authenticating two computers before they begin communications and securing information being sent between two computers.
How to create Inbound and Outbound Rules?
- Select on Inbound Icon on left
- When you select you can see all the Inbound rules which is already created.
- Now either you can do a right click or just look at Actions Section on Right .
- Select New Rule
Creating Inbound or Outbound rule is easy but we should be careful about it. There are 5 steps inside it
- Rule Type : Is it a program or port ? or Anything custom ?
- Program : Select if you chose program . You can select any exe you want to apply the rule on.
- Protocols and Ports : Select the UDP or TCP type and the port number
- Action : Next is what you want to do exactly when this happens. You want to allow it, Allow only when it is secured etc.
- Profile : This can be given a profile or call it scope which we saw in the last post also. You can have one rule for Your home network and one for office.
- Name : Finally give a name to it which is easily identifiable by you.
On Connection Security rules :
Connection security rules makes sure the connection are authenticated based on some criteria like domain or though gateway. This is very advanced type of rules which we generally don’t use. However you get more control because authentication places major role here. The authentication supports Kerberos V5, Certificates or Windows.
Creating Connection security rules is more or less similar to other rules but they get more specific on domains, type of authentication. Normal users need not to worry about it.
There is an important section called as Monitoring. This can be useful if you want to watch what inbound and inbound action is taking place. The only drawback is I cannot change anything from here.
So this was all about the advanced mode of Windows Firewall. Don’t forget to check the basic mode also if this is little complex for you. Leave your questions in comments and we can have a discussion on it.