Working with the Windows Firewall
|
539
IPv6 connection filtering enables you to use the IPv6 protocol in a secure fashion.
This ability did not exist under Windows XP or subsequent versions of the firewall
product, including Windows Server 2003. With this improvement, you can migrate
to IPv6 without the security implications previously associated with this task. Now
the process should be considerably more secure thanks to Microsoft’s effort to
improve the quality of its firewall product.
Firewall rules for inbound packet filtering make up the majority of configuration
efforts on firewalls. These rules determine how network traffic flows through the
computer. You manage the flow of inbound and outbound traffic through these
rules. The firewall inspects the packets as the computer receives them, and then
determines based on the configured rules—how the computer will handle a particu-
lar packet. If Windows Firewall determines that the packet should be accepted, it
passes the packet along internally to the computer. If the packet does not meet the
requirements of the rule set, it discards the packet.
Outbound packet filtering enables you to manage outbound connections from your
computer. This option did not exist as part of the Windows Firewall in previous ver-
sions. Outbound packet filtering lets you keep spyware or malware from uploading
personal data that’s been collected. To use this type of functionality in the past, you
had to purchase a third-party application. Microsoft now offers this ability inher-
ently in the operating system. When the computer encounters a packet requesting
outbound access, Windows Firewall inspects the packet to determine its purpose,
verifies the packet against the firewall rules, and then either allows the packet to be
delivered or discards it completely.
Advanced packet filtering allows you to create rules associated with multiple IP
addresses. This feature gives you greater flexibility in managing connections using a
source or destination IP address. You even can manage a range of IP addresses for
connectivity to the computer. Before, you could filter with only a single IP address,
never a range of IP addresses. This is a marked improvement over previous versions
of the product.
IPSec integration arguably offers the greatest improvement in Windows Firewall.
Now you can manage connections using encryption. With IPSec integration, you can
require that a connection have the proper certificate in order to connect to the com-
puter. This allows for incredibly strong security and much greater flexibility when
transferring data among computers.
IPSec requires the use of certificates to transfer data. These certificates
use public and private keys to determine whether the connecting
entity has authorization to transfer data. This option makes transfer-
ring data much more secure among computers than before, especially
among computers connected across the Internet.