Security

A closer look at Windows Vista's two-way firewall


I have finally decided to take a closer look at Vista's two-way firewall. In order to access Windows Firewall, click Start and type Windows Firewall. Vista's instant search (cool feature) will find it in no time and you are presented with the following mmc .

As you can see, you have the ability to customize your inbound and outbound rules. As far as I can tell, the default configuration for outbound traffic is set to allowed and if you want to block all outbound traffic you must right-click on Windows Firewall with Advanced Security on Local Computer and choose properties . Remember to choose the appropriate active profile. You have a Domain Profile, Private Profile, and Public Profile.

After blocking outbound traffic, you can create outbound rules based on your criteria. This is very powerful and gives you the ability to lock down Vista boxes to your company specifications. I have attached an example of the outbound rules wizard.

Windows Firewall is also tied very heavily into Group Policy. You can create your custom rules or profiles and then push it out via group policy. For more information on Vista's Windows Firewall, check out The Cable Guy .

You can also access the Windows Firewall via command line by typing netsh advfirewall.

2 comments
JoeBeckner
JoeBeckner

This morning I was troubleshooting an end user routing problem. I was unable to ping his workstation from his site's router so I had him turn his Vista Firewall off. I was still unable to ping until he rebooted his workstation. I guess the Vista Firewall doesn't turn off until you reboot?

FXEF
FXEF

Remember nearly all things in Windows require a reboot to update the registry, that's just how Windows works. This may not be the best way, however it's the Windows way.

Editor's Picks