Windows Defender Firewall is a built-in personal firewall and is available for most Windows versions. In this video, you’ll learn about the Defender Firewall configuration options and how to create your own customized firewall rules.
Windows includes a built-in firewall they refer to as the Windows Defender Firewall. This firewall is always enabled, and ideally, you would always have this configured and running on your Windows system. But there may be times when you want to do some troubleshooting and perhaps temporarily disable the firewall while you run those troubleshooting steps.
You can either start the Windows Defender Firewall front end from the control panel, or launch it from the search option inside of Windows. From here, you’ll see different networks that have been configured. For example, you can have one set of security policies if you’re connected to a private network and a completely different set of security policies if you’re connected to a public network. Just remember that you’ll need elevated rights if you want to choose the option to turn off the Windows Defender Firewall.
There are some very broad settings you can configure inside of Windows defender for each one of these different categories of network. For example, if you’re on a private network or a public network, you can choose individual settings for each of those network connections. Broadly speaking, you can turn on Windows Firewall.
If the firewall is turned on, you can choose to block all incoming connections, including those that you may have explicitly allowed. This should be turned on if you’re concerned about anybody trying to connect to your system. And you can choose to have Windows Defender notify you if it blocks a new app.
But you might need more granularity than that when it comes to setting firewall rules. For example, you might have a specific application that is running on your computer and you’d like to allow it to receive incoming connections. Or if you don’t want to specify a particular executable, you can simply use a port number that that application uses.
Windows Defender also includes a large list of predefined applications that you can then set to enable or disable, depending on where you may be connected. And if none of these apply, you may want to build your own exception using the tools available inside of Windows Defender Firewall.
From our control panel, we know that Windows Defender Firewall is right here at the bottom. We’ll select that and it will bring up the settings for Windows Defender Firewall. This one has settings for our domain networks, our private networks, and our guest or public networks.
You can see right now that Windows Defender is on. It blocks all connections that are not on the list. It tells me what my current private network happens to be. And this is set to not notify me if it blocks a new app. I would like to turn on the Power User mode of Windows Firewall. And these advanced settings are available by clicking this option in the left-hand menu.
This will bring up a separate window that is called the Windows Defender Firewall with Advanced Security. This allows you, as the administrator, access to modify every possible configuration that’s available inside of Windows Defender. Let’s have a look at the inbound rules. You can see there’s a large number of inbound rules already set. There are outbound rules also available in Defender Firewall. There are connection security rules that you can configure, and there’s monitoring tools included as well.
Let’s create a new inbound rule inside of Windows Defender Firewall. We’ll choose that option and we’ll right mouse click on the words Inbound Rule and we’ll choose the option for a New Rule. This brings up a dialog box that allows me to set a new rule type. And I can create one based on an application or a program. I can create a rule that includes a TCP or UDP port, I could choose any of the predefined rules that are inside of Windows Defender, or I can create a custom rule.
Quickly, let’s look at the predefined rules. You can see there are a large number of rules that are already built into Windows Firewall. But let’s create our own rule by choosing the Custom option and clicking Next. The first option is for Program, where we can specify a certain application that will apply for this rule, or we can choose that all applications apply to this rule. Let’s keep that one in place and click Next.
Now, we can select a protocol and a port number. Let’s say, in our scenario, that we want to prevent anyone from connecting to a web server that’s running on our computer using port 80, which is the non-encrypted form of web communication.
To be able to do that, we’ll need to set a rule that blocks all incoming traffic that is inbound on TCP port 80. And so from the Protocols and Ports window, we’re going to specify that this is a TCP port. We’re then going to choose the local port that will be used. In this case, it is a specific port and not all ports. And we’re going to specify port 80. The remote port, or the port that is coming from the remote device, can be any port number for this rule. So we’ll choose those options and click Next.
It then says, what local IP address does this rule apply to? This could be any IP address on this local device or from a remote IP address, or we can specify an individual IP address that we would like to use for this rule. In this case, we’ll keep both of these as Any IP Address. And we’ll click Next.
Now, we have the disposition of what we would like to do with this traffic if it matches this rule. We can allow this connection, allow it if it’s secure, or block the connection. Since we want to block everything using TCP port 80, we will choose to block the connection and click Next.
Windows now wants us to define what network is going to apply this particular rule. Will this be the domain network, a private network, or a public network? In this case, it will be any of those connections. So we’ll leave the default check marks in place and click Next.
Now, we have to give this rule a name. We’ll say Block Unencrypted Web Traffic. And we’ll click Finish. And now, we’ve created a brand-new rule that blocks any unencrypted web traffic that is inbound to our computer using TCP port 80.