Managing Windows Firewall - Windows Tutorial

- You're watching the series of modules or courses associated with networking and security in Windows 7 and we wouldn't be complete unless we talk more about managing the Windows firewall. Now we talked about the profile layers that are available to us, essentially the public, private, and domain or the private one is often called home and the domain one is often referred to as work. But we have the three profiles in networking. And if we take a look at those, because of the portability of Windows 7 they have simply enhanced the standard Windows firewall. The Windows firewall was introduced with Windows XP service pack 2 as part of the enhanced security features of Windows. And all they've done with the firewall, the basic firewall of Windows 7 is enhanced that. If we take a look at it here when we're in the enterprise environment you typically have a physical firewall that's providing a barrier for traffic so that anybody out on the internet cannot get inbound, but the traffic that you desire can get outbound. You may choose -- this is why we have the three profiles to turn off or to configure the standard firewall not to operate in the domain environment because you choose to control that with your physical environment. But as soon as you take today's portable devices, and you take them home, or you go to your favorite coffee shop, or conference center, public library, whatever you so desire that's a public kind of profile, you don't have the same kind of physical protection that you would in your domain or enterprise environment. And so we provide inside of Windows 7 a software firewall that will allow you to protect your system when you're in a public location. So that firewall can allow you to identify what applications or features you want to allow to operate inbound and outbound while you're in a public environment. Likewise with the third profile, the home profile, when you're at home with your laptop or other portable device, obviously we're talking about one that might be provided to you by the enterprise, but it could just as easily be an instance of Windows 7 that you have at home or in a small business environment, you can put in those same kind of basic simplified firewall rules. Now if we go on and talk about the basic firewall, remember back to the beginning of all of the -- the lecture series on Windows 7 networking we talked about the OSI model and we talked about layer 7 being the application layer, the last component of our internet packets. When we talk about this, we're talking about being able to monitor the contents of a network packet and allow or disallow applications when we're talking about the basic firewalls at the application layer of that model. So let's take a look at the basic firewall in Windows 7. The first item that we want to point out to you here is we're going to go to action center and I'm just going to do a quick search for it and go into action center, remember action center is a message center and a gateway for standard users to look at settings. If we take a look at it here, we take a look and we can look at action center settings and change those and amongst the areas that we've got here, is to take a look at messages as they are sent to us from the network firewall so user account control Windows update and the network firewall the messages that you'll see can be controlled through action center. Now this isn't the firewall settings, it's just the messages that are associated with it. So I want to start there. A lot of users believe that by turning that on and off they're controlling the firewall while you're actually not. I'm going to go and search here again and I'm going to type firewall. When we do this the more preferred firewall to use with Windows 7 is the Windows firewall with advanced security. I'm going to do a separate module just focusing on that because it's new to Windows 7. Let's go back to the basic firewall and look at its enhancements or its interaction and how we manage it within Windows 7. So I'm going to click the Windows firewall and just open that. That takes us to the control panel. Another way to get there would've been control panel, system and security, Windows firewall or to select the all icons or small icons feature of control panel, and navigate to this location. You'll note here that we see home or work networks and public networks, this is a Windows 7 ultimate version, so we're getting the home/work private networks and public networks features here showing you that they're on or off. You'll note most of the settings that are here on the left panel that says change your notification settings, turn the firewall on or off restore default firewall settings or look at advanced settings of the firewall, require elevated permissions, someone whose rights allow them to pass through the user account control layer but the top feature up here says allow a program or feature through the program or through the Windows firewall. We're talking here about the basic firewall at this top link. Standard users can allow features through this firewall unless you use local group policy or other security settings to prevent it. And what they will see is two or three profile layers, the network profile layers identified here in columns to the right. You have the ability to turn on a firewall block effectively, so if you put the check mark in place so for instance here I'm going to go down and just pick something that's not checked, remote desktop, if I want to allow remote desktop to come through my system, so that someone can connect to it, the standard user would click this box to say allow remote desktop or configure it for specific layers. Now because I'm controlling this system in a studio I'm going to make sure that I have elevated permissions by clicking the change settings at the top. It's checked my profile and my privileges it will now allow me to click remote desktop and you'll note right now it's allowing it only in the home or work space. It does not automatically allow it in the public profile. If I wanted to be able to have remote desktop as a feature work for me in a public location I would also have to click it here. You'll note all of the items here are standard programs and features installed on this Windows 7 system. If the feature is not installed or enabled you don't see it in this list. So as a precursor to this and a way to harden your system if you don't need a feature, if you don't need an application, turn it off. Go into Windows control panel programs and features, and simply remove it. So let's go back and take a look at that real quick. We'd go to programs turning Windows features on or off. If the feature is not installed, you will not by default see it inside of your Windows 7 firewall. So you want to pay attention, there might be features you want to block should they be turned on in the future. That's where advanced firewall will come in. Where you can build these rules for features that aren't present. On the other hand, another option here would be to go and enable a feature or service right here, in this section go and build a firewall rule for that feature if you then come back here and turn the feature off the firewall rule remains. So there are a couple of ways that you can set it up so that you can prevent access to or through your system either by hardening it by removing features, turning off services, or by instantiating firewall rules. So let's go back to the basic control panel. I'm going to go to small icons to show you down at the bottom alphabetically here we have Windows firewall and if I tap that or go in I'm right back to the same Windows firewall location that I was demonstrating a moment ago. I'm going to say again, allow program or features. So again, all of the programs or features installed on our system that might use network traffic or network protocols can be blocked or enabled on this screen. I can actually remove given that I allow myself change settings, I can remove an entire rule. So if you don't want it to be using branch cache rather than essentially looking at this, we can look at the details behind it and we can see the description of the tool. If I do not find a program or feature here and I've looked at my program and features on the control panel and I'm saying I don't see that program it's not here, but I want to build a simple firewall rule for the application, you can click allow another program. By default Microsoft will show you all of the software applications that might be visible through your start menu here. So League of Legends, we don't want anybody to play League of Legends so we'll add that and now it says League of Legends is currently allowed. If you want to disallow League of Legends through the firewall you simply uncheck the box. Once you do that no one can use League of Legends as an application through the firewall on this particular system. Since I don't particularly want to annoy our staff I think I will allow League of Legends to run through the firewall in here in the lab. You're other option for allowing a program if you do not see it on the list is to literally browse through your entire system to find third-party applications or other executables that you would like to allow through the firewall. So it doesn't have to be one that's obviously defined, it could be a third-party or another subset. So we can go down here and pick anything that we think we would like to have running as a tool through the fireall noting that if it's not a network enabled application allowing it through the firewall, it won't grant it any rights, it would just make it visible there hypothetically in your list. So kind of the advanced firewall will let you do far more. The basic firewall in Windows 7 as a recap is about applications or features and allowing them or disallowing them through the firewall. Now as we close this, just as a troubleshooting point consider that simply enabling something through the firewall here is insufficient in of itself to make an application work. For instance we talked an entire module about doing remote desktop or remote assistance. While I need to come down the list here and allow remote assistance or remote desktop to be enabled through my standard firewall there are three other elements including making sure that you've got permissions in the remote desktop users group, that you've turned on remote access under your services and properties panels and that you've got the service for -- service or services for remote desktop running in your services snap in. If you don't have those three elements allowing remote desktop here it will be insufficient to grant access. This is just a filter or a layer let me go back to the picture, it's just a filter or layer for the application that identifies whether or not at the application layer the software can run in and out from your system while it's connected to a network of some sort. And so that was an overview of basic Windows firewall in Windows 7.