540
|
Chapter 15: Protecting Your Computer with Windows Defender and Windows Firewall
Separating policies by network enrollment enables you to manage how your com-
puter reacts to requests in different network environments. You can associate a very
hardened security policy when you are using an insecure network, a fairly open secu-
rity policy when connected to your corporate network, and a moderately secure pol-
icy when connected to your home network. The beauty of this feature is that you do
not have to configure the settings over and over; Windows Vista allows you to create
a profile for each type of environment and forget it. You specify the type of environ-
ment when you create the network connection.
The new management console offers the greatest flexibility in managing the
advanced security options of Windows Firewall with Advanced Security. You now
can manage the different types of connections and rules through a single interface.
And administrators can easily manage the Windows Firewall connections and associ-
ate the settings with Group Policy.
Overall, Microsoft brings a very capable firewall into Windows Vista with the new
offering of Windows Firewall. It offers considerably better security features, and
truly supplements a network perimeter firewall. While you may have more difficulty
configuring some of the advanced features of Windows Firewall, you will find con-
siderably fewer intrusions and false positives on your computer when the firewall is
configured correctly.
Configuring Security for the Basic Windows Firewall
The basic Windows Firewall provides essential firewall security for your computer.
You can use the basic firewall to protect your computer from many types of attacks.
In the Windows Security Center, you can start the basic firewall by clicking Win-
dows Firewall in the left pane.
As Figure 15-12 shows, the main page in Windows Firewall provides an overview of
the firewall configuration and status. You can use this information to tell at a glance
whether the firewall is on or off, whether notifications are displayed when a pro-
gram is blocked, and to which type of network you are currently connected. The net-
work type, set as private, public, or domain, determines which firewall profile is
currently being applied. Clicking “Change settings,” or either of the links provided in
the left pane, opens the Windows Firewall Settings dialog box.
In the Windows Firewall Settings dialog box, you can use the options on the Gen-
eral tab to turn the firewall on or off (see Figure 15-13). To turn the firewall on, click
“On (recommended).” This setting allows the firewall to block incoming connec-
tions. To turn the firewall off, click “Off (not recommended).” This setting turns the
firewall off and makes your computer vulnerable to remote attacks through network
and Internet connections.
When you are connecting to networks that are less secure, you may want to turn the
firewall on and block all incoming connections to your computer. To do this, select