Wednesday, September 17, 2008

Windows Vista Firewall

One of the big complaints about the firewall included with Windows XP was that it only managed inbound traffic and did nothing whatsoever to manage outbound traffic. That was a bit of an oversight - even after the XP Security Service Pack (SP2) this wasn't addressed.

This is where products like the free Comodo Firewall Pro, the US$39/year Comodo Firewall Pro Plus, the $39.95/year (or cheaper) Outpost Firewall Pro, the obviously free Online Armor Free, the $39.95/year Online Armor and various other firewalls came into their own - providing significantly better protection of your network and its data than the inbuilt Windows Firewall in Windows XP could manage.

So along came Vista with its bi-directional firewall and much rejoicing was had! Well, so we thought. With Microsoft's focus on security, you'd have thought that they would have, by default, enabled outbound filtering in the Vista Firewall. It would be a sensible thing to have done, you'd have thought. Right? Nope, apparently not - by default this outbound filtering is not only disabled, but also not able to be enabled in the one place you'd look for it - the Windows Firewall Control Panel applet.

FFS, what's the reasoning behind that?

Anyway, here's how to turn on this outbound firewall feature that should have been a) enabled by default and b) configurable via the Control Panel applet:

1. In the "Start Search" bar, type "firewall" and select the Windows Firewall with Advanced Security tool

2. Click on the Windows Firewall Properties link in the "Overview" box

3. For the Domain Profile, Private Profile and Public Profile, change the "Outbound Connections: Allow (default)" to "Outbound Connections: Block" to ensure that all traffic that is not covered by a rule is blocked.

4. If you want to manually edit the outbound rules, you do so back in the Windows Firewall with Advanced Security applet in the "Outbound Rules" section.


The Outspoken Wookie

No comments: