MCTS 70-680: Windows 7 Firewall


Loading ....
 

Welcome back to your free Training course for Windows 7. In this video I will look at the Windows Firewall included in Windows 7. The firewall was first introduced in service pack 2 in Windows XP. Since then it has been included with every operating system and continues to improve. Before I start looking at the Windows Firewall I will first look at why you need a firewall at all. Even before Windows came with a firewall companies would deploy a firewall on their network. The firewall would protect clients on the network from attackers on the internet. The first firewalls were packet filtering firewalls. These simple firewalls allowed traffic through based on the port which it was sent on or received on. The problem with this approach is that if you open a port for say web traffic, an attack could sent data to a client computer that was never ask for over the web traffic port. To prevent this from happening, statefull firewalls were created.

These firewalls keep track of connections that are made. If a connection is made then traffic returning from that connection is allowed back in. However, if traffic arrived that was not asked for it is blocked. This works well when you are behind a company firewall, but there are two problems with this. Firstly if a computer is behind the firewall gets infected, it can then infect other computers on the network. The second problem is when the computer leaves the network and joins anther network. This is common with laptops. For example, when the laptop connects to a wireless hot spot or connects up vial a dial up or remote connection. In either case, the computer is connected to the public internet and can become infected. To prevent this for happening, Microsoft included the Windows Firewall in their operating systems. This means that if the computer is connected on the same network that anther computer is connected to which is infected, the local firewall on the computer will hopefully stop the computer from becoming infected.

What you are doing will determine what kind of rules and security you will require. To make change between networks easier when using the Windows Firewall, Microsoft has created network locations. The network location awareness service in Windows 7 will automatically attempt to change your network based on which network you are connected to. When you first install a network adapter, Windows will give you this prompt to help identity which network it is. The network location that is selected will determine the rules that will be used in the firewall.

When the home or work locations are used you may want to allow file sharing. When connected to a public network you may want to disable file sharing. Now let’s have a look at how to configure the Windows Firewall on Windows 7. To configure the basic firewall settings, open the control panel and select the option system and security. From here, select the option Windows Firewall. On this screen you get a basic overview of the firewall on this computer. At the top you can see that the home or work network is currently connected. At the bottom the network location public networks are not connected. If you had a wireless adapter in the computer and are worried about security, you may want to configure this adapter to use the public network settings. If at some point you need to change the location manually for the network adapter, select the option down the bottom network and sharing center.

The network and sharing center will show you basic information about your network, which networks are connected and allows you create new connections for example vpn connections back to your office. Here you can see the active networks. Currently or network adapter is connected to the domain training dot local and the network location work network. Once I select work network I will be given the option to choose which network my network adapter is connected to. In this case I will leave it on the current setting and go back into the basic firewall configuration screen.

By default, Windows will alert you when a program running on your computer is blocked by the firewall. If you want to configure the settings manually, you can select the option allow a program or feature through Windows Firewall. You may need to configure the setting manually if you have incoming connections that are being blocked. Windows will not alert you if an incoming connection is blocked, you will only receive alerts for connections that are blocked when they originated from your computer. On this screen you can see which programs are being allowed through and which network locations that are enabled.

At first all the options will be grayed out, to makes changes press the button at the top change settings. Now I can change the settings, for example I can change file and printer sharing to allowed for home and work but I will still leave it disabled for the public network. In most cases, when you configure a service like file and printer sharing, when you enable it Windows it will automatically ask you if you want to make changes to the firewall.

If however you want to fine tune it later or the change does not occur you can always come in here and set the setting yourself. Most programs should appear on the list, however if one does not you can always use the option allow anther program. This will allow you to browser to the executable for the program that you want to allow through the firewall. In some cases you may want to change how the Windows Firewall interacts with the user. To do this, select the option change notification settings. On this screen you can select if the firewall is switched on or off and some basic settings for it. For example, you can configure each network location to block all incoming connections. This includes programs you ticked in the list of allowed programs.

When you connect up to a wireless hot spot, for example at the airport, you may want to configure this setting as this gives you the most security. The next option will notify the user when a new program is run on the local computer that is blocked by the firewall. This is a nice feature to have on because the prompt will automatically give the user the option to add rules to the firewall to allow the software through.

Doing this means the user does not have to configure the firewall manually. This covers all the basic settings for the Windows Firewall. In the next video I will look at the advanced options for the Windows firewall. Using this tool you can really customized your firewall. Thanks for watching this video. Remember to go to our web site for more videos, exam questions and study guides. .
As found on Youtube

 


Loading ....