Control Panel provides an applet to manage Windows Firewall settings.
However, that applet just touches the tip of the iceberg. Windows Firewall contains a plethora of settings, all of which you can access through this admin tool.
With this tool, you can apply any tweak on Firewall that you can think of. You can manage current incoming and outgoing network connections.
Windows keeps a set of incoming and outgoing rules for all the network applications; they can be managed through this tool.
When connecting to a new network, Windows prompts you to designate it as private or public network. Depending on the designation, Windows Firewall applies a profile that regulates the set of rules to be applied on the network.
There are 3 profiles.
- Domain Profile – The domain profile applies to networks where the host system can authenticate to a domain controller.
- Private Profile – The private profile is a user-assigned profile and is used to designate private or home networks.
- Public Profile – The default profile, it is used to designate public networks such as Wi-Fi hotspots at coffee shops, airports, and other locations.
A firewall decides what goes in and out of your computer system, thus providing an effective protection mechanism. This filtering of data packets is determined by firewall rules. There are 3 types of rules used by Windows Firewall.
- Inbound Rules – These rules regulate the network connections that flow data from network to your computer. For example, if you want to make your system a game server, then you need to have an inbound rule, allowing connections from other network computers to the server.
- Outbound Rules – These rules control the data packets that flow from your computer to the network. For example, you can browse web through a web browser because Firewall has define outbound rules that allow the browsers to send data packets across the network.
- Connection Security Rules – These rules define the authentication of two computers before they begin communications and the securing of information sent between two computers.
How to Launch It
Control Panel Way
- Open “Administrative Tools” applet from the traditional Control Panel.
- Launch “Windows Firewall with Advanced Security” from the list of administrative tools.
- Invoke Run window or Search Charm. Select the Settings tab in case of Search Charm.
- Type in the command “wf.msc”, and hit Enter.
The Window Firewall tool is visually divided into 3 panes.
- The leftmost tree pane contains the lists of inbound, outbound and connection security rules, along with the lists of currently going on network activities.
- The middle pane describes the selected item in the tree pane.
- The rightmost Actions pane lists commands related to the selected item in the tree pane, as well as any selected item in the description pane.
The functionalities of this tool are divided into several sections.
Three sections – Inbound Rules Section, Outbound Rules Section and Connection Security Rules Section – are similar in that they list and manage the corresponding rules of Firewall.
In each section, you can create a new rule or customize, enable/disable, delete an existing rule. Each rule shows details like name, group, profile, enable/disable status, allow/block action, program on which the rule is applied, local address, remote address, etc.
Another section is Monitoring. It lists the monitoring activities currently administered by Firewall.
The overview page of the Monitoring section lists the details of each Firewall profile.
The Firewall sub-section of Monitoring section lists the currently active Firewall inbound and outbound rules.
A firewall rule is listed in the Firewall admin tool, depending on its type. Each list has similar structure and customization options. Let us see a sample list of outbound rules.
The Actions pan lists the commands that you can carry out on the rule(s). The top section of the Actions pane lists the commands that can be executed on the Outbound Rules of the tree pane. You can
- create a new rule
- filter the list of rules on the basis of profile, enabled/disabled state and group
- export the rule list to a file
The bottom section of the pane lists commands that can be executed on a single rule. On selecting a rule from the description pane, the commands will appear. You can
- Enable or disable a rule
- Customize the properties of a rule
- Delete a rule
The following figure briefly displays the properties of a Firewall rule.
Keep in mind, however, that you might not be able to change all the properties of a rule; certainly not if a rule is system-defined. Outbound rules are particularly less customizable.
You can create a new rule. Select the appropriate section in which you want to create the rule – Inbound, Outbound or Connection Security.
Then, select “New Rule” in the Actions pane. This launches a wizard that will guide you through the process.
The wizard needs you to enter details like
- Name and description of the rule
- Type of rule – whether it has to control an application, a port or a Windows feature
- Application path(s) or port number(s) that it has to control
- Type of action – allow or block the connection if the rule criteria is met
- Firewall profile(s) under which the rule will apply