The Windows Firewall provides built-in protections from incoming and outgoing network traffic. In this video, you’ll learn how to enable the firewall and configure firewall exceptions.
<< Previous Video: Establishing Windows Network Connections Next: Windows IP Address Configuration >>
The Windows Firewall is a powerful security tool that’s built into the Windows operating system. But there may be times when you want to change the configuration or disable it completely to be able to troubleshoot.
In the Control Panel, under the Windows Firewall, you can change the settings of Windows, and there is an option to turn Windows Defender Firewall on or off. You can see there’s a shield next to that option, which means you need elevated permissions to be able to perform that particular function.
There’s also an option to change notification settings. And if we click that option, we’ll bring up a set of menus that allow us to customize settings for each different network profile. One of these options is to block all incoming connections, including those that are in the list of allowed applications. If you’re in a situation where you want to be sure there is no incoming traffic to any of these apps, you can easily click that checkmark and block all of that traffic.
By default, if there is an application trying to communicate inbound that is not already in your list, you’ll get a notification that Windows Firewall is blocking that new app, and you have the ability to turn on and off that notification feature.
Since Windows Firewall is running in your operating system, it also knows all of the other applications that are running in your operating system. And Windows Firewall can allow or disallow specific applications from communicating in or out of the network. You can configure this by application, and you can decide which network profile is enabled or disabled. You can allow or disallow traffic based on a port number, or you might want to create a series of exceptions that are allowed through the firewall. And you can combine a number of these criteria together to create a detailed rule in the Custom Rules section of the firewall.
To view these custom rules, you would click on the Advanced Settings option in the firewall. And this will give us a list of inbound rules, outbound rules, connection security rules, and monitoring rules. If we wanted to view the inbound rules, we can click on that list and see the list of all of the inbound rules that are enabled and disabled through our firewall.
If you want to create a rule that will block a single port number, you could create a new rule. And this takes you through a wizard that asks, what type of rule would you like to create– one for program, one for port number, a predefined rule, or custom rule? And in our scenario, let’s choose a custom rule.
Windows asks if this rule applies to all programs or a specific program. In our example, let’s choose All Programs and click Next.
Then Windows asks, which ports and protocols does this rule apply? Let’s say that we’re going to block web server traffic. So we know that’s going to be TCP traffic. And then it’s going to specify what local port you would like to enable or disable for that specific traffic. And in our case, we would like to specify port 80 as being HTTP traffic. And we’ll click Next.
The next option allows us to set IP addressing for the source and destination. And you can add those IP addresses into these lists for the local IP addresses and the remote IP addresses. In our example, we’re going to choose any IP address for both of those. And the options that you have for actions is to allow the connection, allow the connection if it’s secure, or block the connection. And if we want to block all of this port 80 traffic, we would choose to block the connection and click Next.
You can now apply this rule across the different profiles for domain, private, and public. We’ll click next to include it all of those. And we’ll call this Block Port 80 and click Finish.
And now we have a rule to block port 80, which is going to block all port 80 traffic from any IP address inbound to our computer at any IP address. Using this rule, we can be assured that there would be no web services set up on our computer that would allow any port 80 traffic.
Category: CompTIA A+ 220-1002