Exploring the Windows 7 system's own firewall

Since the introduction of the first firewall (Internet Connection firewall) built into Windows XP, Microsoft has been steadily improving the firewall capabilities of its later systems. The Windows Firewall in the latest client operating system, Windows 7, has been revolutionized to provide more user-friendly features and a significant improvement in the firewall for mobile users. In this article, we'll cover Windows Firewall in Windows 7 and how to configure it with multiple firewall policies.

History of Windows Firewall

The firewall software in Windows XP provides only simple and basic functions, and only protects inbound traffic, blocking any inbound connections that are not natively started. By default, this firewall is turned off. The SP2 system is enabled by default, allowing system administrators to enable firewall software through Group Policy. Vista's firewall is built on the new Windows Filtering Platform (WFP), which adds the ability to filter outbound traffic through the Advanced Security MMC snap-in. In Windows 7, Microsoft has further tuned the firewall's capabilities to make the firewall more user-friendly, especially on mobile computers, and capable of supporting multiple firewall policies.

Windows 7 Firewall

In Vista, the basic settings of the Windows 7 firewall are set through the control panel program. Unlike Vista, you can also access advanced settings through the control panel (including Configure outbound connection filtering) without creating an empty MMC and adding a snap-in. Just click on the Advanced Settings link in the left panel, as shown in Figure 1.

More Network Options

Vista Firewall allows users to choose public or private networks. In Windows 7, you have three choices: public network, home network or working network, the latter two Both are considered private networks.

If you choose the "Home Network" option, you can create a Homegroup. In this case, network discovery is automatically turned on so that you can see other computers and devices on the network and they can see your computer. Computers belonging to Homegroup can share pictures, music, videos, and document libraries, as well as share hardware devices such as printers. If you have files in your folder that you don't want to share, you can also exclude them.

If you choose "Work Network", the network discovery is enabled by default, but you will not be able to create or join Homegroup if you add your computer to the Windows domain (via Control Panel System Advanced System Settings) Computer Name tab) and through domain controller verification, the firewall will automatically treat the network as a domain network.

When you connect to a public wireless network or use a mobile broadband network at airports, hotels or cafes, you should choose "public network"; network discovery will be off by default, so that in the network Other computers can't see your computer, you can't play Sichuan opera or belong to Homegroup.

For all network types, by default, Windows 7 Firewall blocks connections to programs that are not on the allowed program list. Windows 7 allows you to configure settings for each type of network, as shown in Figure 2.

Multiple Active Modes

In Vista, even if you have configured profiles for public and private networks, only one is valid at a given time. If your computer is connected to two different networks at the same time, then things are not good, then all the connections will be used in the strictest mode, which means you may not be able to do all the required operations on the local network because The rules for the public network mode are used at this time. In Windows 7 (and Server 2008 R2), you can use different modes for each network adapter at the same time, using private network rules for private network connections, and public network rules for traffic from public networks

< Br>

Important Small Features

In many cases, small changes may lead to higher usability. Microsoft has been actively listening to users’ opinions. They have added some Windows 7 firewalls. Important small features. For example, in Vista, when you create firewall rules, you need to list the port number and IP address separately, but now you only need to specify the range, which saves a lot of time for this common management task.

You can also create connection security rules to specify which ports or protocols are subject to Ipsec requirements in the firewall console, without the need to use the netsh command. This is a handy improvement for those who prefer to use the GUI.

Connection security rules also support dynamic encryption, which means that if the server gets an unencrypted (but verified) message from a client computer, you can request more secure communication by requiring encryption.

Using Advanced Settings Profiles

With the Advanced Settings Console, you can set up profiles for each type of network.

For each configuration file, you can do the following:

· switch status of Windows Firewall

· inbound connection (block, block all connections, or Allow)

·Outbound connection (Allow or Block)

·Show notifications (whether or not notifications are displayed when the program is blocked)

·For multicast Or whether broadcast traffic allows unicast responses

· In addition to using Group Policy firewall rules, local firewall rules created by local administrators are also used

· except using Group Policy to connect security rules In addition, local connection security rules created by local administrators are also used

Logs

Vista Firewall can be configured to log event logs to a file (by default, WindowsSystem32LogFilesFirewallpfirewall.log). In Windows 7, the event log can also be recorded in the Applications and Services section of the Event Viewer, which is much easier to access. To view this log, open the Event Viewer and in the left pane, click on Advanced Security Options in Applications and Services Log Microsoft Windows Windows Firewall. In the event view log, you can create a custom view, filter the logs, search the logs, or enable verbose logging.

Netsh Commands

Windows 7 includes a backwards compatible netsh firewall, but if you run the change command, you will receive a message, "Important, & lsquo;netsh firewall & rsquo; is outdated Please use netsh advfirewall firewall”.

Summary

The Windows 7 firewall is a product of extensive improvements to the Vista firewall and exposes its hidden advanced features. Many users (including some IT professionals) may not have known before that the Vista firewall can filter outbound traffic, detect and perform advanced configuration tasks, because these features are not clearly displayed in the firewall program in the control panel, in window 7 Microsoft created a built-in firewall that is more complete than vista and an effective alternative to third-party managed firewalls.