O'Reilly logo

Windows Vista Security: Praxisorientierte Sicherheit für Profis by Marcus Nasarek

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

540
|
Chapter 15: Protecting Your Computer with Windows Defender and Windows Firewall
Separating policies by network enrollment enables you to manage how your com-
puter reacts to requests in different network environments. You can associate a very
hardened security policy when you are using an insecure network, a fairly open secu-
rity policy when connected to your corporate network, and a moderately secure pol-
icy when connected to your home network. The beauty of this feature is that you do
not have to configure the settings over and over; Windows Vista allows you to create
a profile for each type of environment and forget it. You specify the type of environ-
ment when you create the network connection.
The new management console offers the greatest flexibility in managing the
advanced security options of Windows Firewall with Advanced Security. You now
can manage the different types of connections and rules through a single interface.
And administrators can easily manage the Windows Firewall connections and associ-
ate the settings with Group Policy.
Overall, Microsoft brings a very capable firewall into Windows Vista with the new
offering of Windows Firewall. It offers considerably better security features, and
truly supplements a network perimeter firewall. While you may have more difficulty
configuring some of the advanced features of Windows Firewall, you will find con-
siderably fewer intrusions and false positives on your computer when the firewall is
configured correctly.
Configuring Security for the Basic Windows Firewall
The basic Windows Firewall provides essential firewall security for your computer.
You can use the basic firewall to protect your computer from many types of attacks.
In the Windows Security Center, you can start the basic firewall by clicking Win-
dows Firewall in the left pane.
As Figure 15-12 shows, the main page in Windows Firewall provides an overview of
the firewall configuration and status. You can use this information to tell at a glance
whether the firewall is on or off, whether notifications are displayed when a pro-
gram is blocked, and to which type of network you are currently connected. The net-
work type, set as private, public, or domain, determines which firewall profile is
currently being applied. Clicking “Change settings,” or either of the links provided in
the left pane, opens the Windows Firewall Settings dialog box.
In the Windows Firewall Settings dialog box, you can use the options on the Gen-
eral tab to turn the firewall on or off (see Figure 15-13). To turn the firewall on, click
“On (recommended).” This setting allows the firewall to block incoming connec-
tions. To turn the firewall off, click “Off (not recommended).” This setting turns the
firewall off and makes your computer vulnerable to remote attacks through network
and Internet connections.
When you are connecting to networks that are less secure, you may want to turn the
firewall on and block all incoming connections to your computer. To do this, select
Working with the Windows Firewall
|
541
the On option and the “Block all incoming connections” checkbox. This setting
ignores all settings in the firewall configuration and blocks every connection to your
computer. This setting also turns off notifications.
On the Exceptions tab, shown in Figure 15-14, you can control how programs commu-
nicate through Windows Firewall. Many Windows components commonly used for
networking have exceptions listed in the Program or Port list. To enable an exception
for a program, simply select the related checkbox. To disable an exception, clear the
related checkbox. Using the “Add program,” “Add port,” and “Properties” buttons,
you can add new programs to the exception list, add new ports to the exception list,
and view the specific configuration properties of any program or port on the exception
list. You can also enable Windows to notify you when Windows Firewall blocks a new
program, giving you greater control over your computer’s security parameters.
On the Advanced tab, shown in Figure 15-15, you can control which network connec-
tions use Windows Firewall. If you want to turn off Windows Firewall’s association
with a specific network connection, simply uncheck the box associated with this con-
nection, and Windows will turn the feature off. By default, Windows Vista turns Win-
dows Firewall on for all network connections associated with the operating system.
Keep in mind that changing or disabling the default configuration of
Windows Firewall may leave your computer in a vulnerable state.
Take considerable care when changing these configuration settings.
Figure 15-12. Viewing the status of Windows Firewall

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required