Defending Your Computer with the Windows Firewall
New firewall features in Windows 7
The built-in Windows firewall has come a long way since its early days. Not regarded very highly in the past, the Microsoft offering has now evolved in Windows 7 to what I regard as a reasonable alternative for average PC users.
The original Windows XP firewall was one way, monitoring inbound traffic only, but Windows 7 has settings for fine-grained control of both inbound and outbound traffic. You can even set up rules for individual services.
The new firewall also provides for three different settings for domains, public, and private networks. This provides greater security as the computer is used in different environments. For example, it easy to increase security when using the computer in a public place like a coffee shop or library.
How to find the firewall settings
There are several ways to open the Control Panel applet where the firewall settings can be found and managed. One way is to open the Control Panel entry in the Start menu and then select "System and Security -> Windows Firewall". Another way is to type "fire" (without quotes) in the Start search bar and select "Windows Firewall" from the Control Panel listings. The dialog window shown in Figure 1 below will open.
Note the there are settings for home or private networks and for public networks. Domain settings do not show because this computer is not attached to a domain.
Figure 1. Control Panel firewall settings
How to determine which programs can get on the Internet
In the Windows 7 firewall, you can configure which programs are allowed to communicate through the firewall. There are times when you want to run a program on your computer but do not want it to have Internet access. There are also programs that will try to phone home in the background without asking and you may wish to block that or have the program ask first. Blocking an individual program from the Internet with the Windows 7 firewall is quite simple.
At the top of the left-hand panel of the firewall dialog box shown in Figure1, you can see an entry, "Allow a program or feature through Windows Firewall". Click that and the dialog window shown in Figure 2 below will open.
The list shows a default list of allowed programs and their settings. To change a program setting, click the "Change Settings" button shown in the upper right of the graphic below. Then add or delete checks by the program of interest. Programs can also be deleted from the list with the "Remove" button in the lower right side. Finish by clicking "OK".
Figure 2. Allowed programs
Not all programs and services are listed. To add something, click the "Allow another Program" button shown in the lower right of Figure 2. The "Add a Program" dialog shown below in Figure 3 will open.
Figure 3. Adding an allowed program
Windows 7 comes with a separate Microsoft Management console for managing advanced firewall settings. It can be opened by clicking the "Advanced settings" entry shown on the left side of Figure 1 or directly by entering "wf.msc" (without quotes) in the Start search bar. Figure 4 shows the management console. Detailed rules for monitoring Internet traffic can be created here. Both inbound and outbound rules can be set up.
Figure 4. Advanced settings for Windows 7 firewall
Turn the Windows 7 firewall on or off
The Windows 7 firewall is on by default. If you wish to disable it, select "Turn Windows Firewall On or Off" in the left side of the firewall dialog box, as shown in Figure 1. Figure 5 below shows the window that will open. This dialog box allows you to turn the firewall off or on separately for each type of network that you might be using.
Another setting in the dialog that is worth noting is that you can choose to block all incoming connections. This does not, however, disconnect you from the Internet. This option could be a useful security measure when using a public network in a location like a coffee shop or airport.
Figure 5. Enable or disable Windows 7 firewall