The Windows Firewall - Microsoft Most Trusted Builtin Security Application

Windows Firewall is a popular security application designed by Microsoft and it was first introduced with Windows XP Operating System. The Firewall is to act as a security gateway. The main use of the application is to control the flow of network traffic.

Firewall Rules

Firewall Rule is a set of information that configures for control network transmission. The Rule define what kind of Internet traffic is allowed or blocked.
Inbound and Outbound Rules

As mentioned in the above section, the Firewall usually act as a security gateway and the administrator can allow or block both incoming and outgoing traffic as the needs.

Windows Firewall Profiles

The profile means the different network locations where the computers are connected. The Windows Firewall has three profiles and it is Domain, Public and Private.

Domain   -   This profile is used to join the client computer to Domain Controller.

Public     -   A network which is directly connected to internet is called a Public profile.

Private    -   This profile mainly used for local connectivity (Behind in the NAT)

CONFIGURATION OF WINDOWS FIREWALL

Allowed a Program through Windows Firewall

We had discussed the usage of Firewall and now moving to the configuration section. The first thing is to allow a program through the Windows Firewall. Here I am using Windows 10 Operating System.

Step 1 - Open Windows Firewall

Step 2 – Click allow an app or feature through Windows Defender Firewall

Step 3 – Select the app from the list or browse the path to select another app

Step 4 – Add the selected app to the allowed app list

We had successfully added the TeamViewer app in the traffic allowed list so the firewall won’t block inbound and outbound traffic.

Advanced Firewall Settings

The above section showing how to allow an app through the firewall. The next is Firewall Advanced Settings. In this section, I am going to show you how to create a custom firewall rule for the needs.

Create a Rule and Block all Outbound Traffic

Step 1 – Click Advanced Settings and select Outbound Rules

Step 2 – Click ‘New’ Rule from the right of the window.

Step 3 – Choose the right option. Here I selected ‘Custom’ for block all Outbound Traffic

Step 4 – Select ‘All programs’

Step 5 – Protocol Type – Any, Ports – All (because of we want to block all traffic)

Step 6 – Select ‘Any IP address

Step 7 – Choose ‘Block the connection’ to block all Outbound traffic as mentioned above

Step 8 – Apply the new rule to all profiles – Domain, Private and Public

Step 9 – Type the name and description of the newly created rule

Step 10 – Test the new rule. Try a ping to any wan IP/Address, Eg ping www.google.com

The all outbound internet traffic is blocked now. I had tested the configuration and the result below.

Firewall Notification

As described the Firewall is dealing with traffic as well it related to system security hence the notification is very important for each event. The Windows Firewall has the option to customize the notifications. Below are some settings.

Disable the Firewall Rule

In this option, we can disable the selected rule for temporary or permanent purpose.

Reset the Firewall

This setting is used to restore the default firewall state. It will remove all user-created rules and configuration.

Topic Conclusion

There are different types of Firewalls currently using in the IT Infrastructure, such as software and hardware firewall. The Cyberoam, Sophos, and SonicWALL are some examples of the hardware firewall. We will discuss more in the future.