SEARCH

SECURING YOUR WINDOWS NETWORK / HOW-TO GEEK SCHOOL

How-To Geek

Lesson 5: Using Windows Firewall with Advanced Security

This opens the “New Outbound Rule Wizard,” where you will create the new rule in just a couple of steps. First, you are asked to select the type of rule you want to create.

Your choices are:

  • Program – the rule applies to a specific program
  • Port – the rule applies to the network traffic that is performed through a specific port
  • Predefined – rule that controls the connections performed by a specific Windows service or feature
  • Custom – a custom rule that can block both programs and ports or a specific combination of both.

For our example, we have selected “Program” and pressed “Next.”

clip_image017

Depending on what you have chosen at the previous step, you are now asked to select the program or the ports that you want to add to the rule.

For our example, we have selected the executable of the program that we want to block – Skype.exe. When you’ve finished setting things up, press “Next.”

clip_image019

Next, you specify the action that should be taken:

  • Allow the connection – this includes both secure and insecure connections
  • Allow the connection if it is secure – the connection is allowed only if it is made through a secure channel. You can specify the kind of authentication and encryption you want applied by pressing “Customize”
  • Block the connection – blocks the connection, whether it is secure or not

For our example we have selected “Block the connection” and pressed “Next.”

clip_image021

Now you are asked to select when the rule applies. This means the network location when the rule is applied:

  • Domain – the rule is applied only when the computer is connected to a network domain
  • Private – the rule is applied only when the computer is connected to trusted private networks
  • Public – the rule is applied only when the computer is connected to untrusted public networks

For our example we have chosen “Public” because we wanted to block access only when the computer is connected to untrusted public networks.

When done making your choice, press “Next.”

clip_image023

You are asked to enter a name and a description for the newly created rule. Please don’t take the easy way out when you do this. Write something that is very descriptive so that you can understand what’s up with this rule later, when you need to edit the Windows Firewall rules.

Press “Finish” and the rule is created and used by the Windows Firewall.

clip_image025

How to Create an Inbound Rule for the Windows Firewall

In Windows Firewall with Advanced Security, go to “Inbound Rules” and press “New Rule” in the column on the right.

clip_image027

The “New Inbound Rule Wizard” is started. The options it displays are almost the same as the “New Outbound Rule Wizard” so we won’t explain everything again. We will provide more detail only where it makes sense.

To explain, we have created a rule which blocks all inbound traffic made using the TCP protocol on the port 30770. At the first step we selected “Program” and pressed “Next.”

clip_image029

Now we are asked to select the protocol for which the rule applies and the port. The choices for protocols are TCP and UDP. If you want a rule that applies to both, you need to create two rules, one for each protocol.

Then, we had the choice to block all ports or only specific ones. We selected “Specific local ports”, entered “30770,” and pressed “Next.”

clip_image031

Now you are asked to select what action to take when a connection matches the conditions specified earlier. For our example, we have chosen “Block the connection” and pressed “Next.”

clip_image033

Now you have to select the network locations for which the rule applies. Since we wanted to block all TCP traffic on port 30770, we selected all three locations and pressed “Next.”

clip_image035

Finally, enter the name and the description for the newly created rule and press “Finish.”

clip_image037

The rule has been created and it is now used by the Windows Firewall.

How to Restore Windows Firewall to its Defaults

If you have fiddled too much with the rules in Windows Firewall and things have started to work incorrectly, you can easily undo all your settings and restore Windows Firewall to its defaults. This can be done only for an administrator account.

To do this, open the Windows Firewall and from the left column, click or tap “Restore defaults.”

clip_image039

You are now informed of what this resetting will do, when you’re ready, press “Reset defaults.”

clip_image040

You are asked to confirm that you are okay to go ahead with the reset.

clip_image041

You are back to the “Windows Firewall” window. All its settings have been reset to the defaults as if your Windows installation were brand new. You can now reconfigure its settings from scratch and hopefully solve your problems.

Coming up next …

That’s it for this lesson. We hope that you have learned many useful things about the Windows Firewall and that you will now have complete control over the way it works. In the next lesson we will move to another important security feature of Windows: the SmartScreen Filter.

    Continue Reading »
  • Prev
  • 1
  • 2

Ciprian Adrian Rusen is an experienced technology writer and author with several titles published internationally by Microsoft Press. You can connect with him on 7 Tutorials, Twitter, and Google+ or even buy his books on Amazon.

  • Published 05/30/14