This chapter is from the book
Because most computers are connected to the Internet through dialup, broadband (such as DSL or cable modems), or a local area network (LAN), computers are vulnerable to attack or unauthorized access. To help protect your system, you should have a firewall between you and the outside world. The firewall monitors all traffic coming in and going out to prevent unauthorized access. Show Windows Firewall is a packet filter and stateful host-based firewall that allows or blocks network traffic according to the configuration. A packet filter protects the computer by using an access control list (ACL), which specifies which packets are allowed through the firewall based on IP address and protocol (specifically the port number). A stateful firewall monitors the state of active connections and uses the information gained to determine which network packets are allowed through the firewall. Typically, if the user starts communicating with an outside computer, it remembers the conversation and allows the appropriate packets back in. If an outside computer tries to start communicating with a computer protected by a stateful firewall, those packets are automatically dropped unless granted by the ACL. Firewall rules that can be defined include
Basic ConfigurationWindows Firewall is on by default. When Windows Firewall is on, most programs are blocked from communicating through the firewall. If you want to unblock a program, you can add it to the Exceptions list (on the Exceptions tab). For example, you might not be able to send photos in an instant message until you add the instant messaging program to the Exceptions list. To turn on or off Windows Firewall:
Besides turning the firewall off and on for each profile, you also have the following options:
The first time you connect to a network, you must choose a network location (sometimes known as profiles). This automatically sets the appropriate firewall and security settings for the type of network that you connect to. If you connect to networks in different locations, such as work, home, or your favorite coffee shop or hotel, choosing a network location can help ensure that your computer is always set to the appropriate security level. See Figure 7.5.
Figure 7.5 Setting Network Location in Windows Firewall. Traditionally with firewalls, you can open or close a protocol port so that you can allow or block communication through the firewall. With the Windows Firewall included with Windows 7, you specify which program or feature you want to communicate through the firewall. The most common options are available by clicking the Allow a program or feature through Windows Firewall option, as shown in Figure 7.6. If you need to open a port instead of specifying a program, you have to use the Windows Firewall with Advanced Security.
Figure 7.6 Allow programs to communicate through Windows Firewall. In addition to the notification setting available (configured by clicking Change notification settings) when you turn Windows Firewall on or off, you can display firewall notifications in the taskbar for three different behaviors:
Notifications are also displayed in the Action Center in Control Panel. Windows Firewall with Advanced SecurityThe new Windows Firewall with Advanced Security is a Microsoft Management Console (MMC) snap-in that provides more advanced options for IT professionals. With this firewall, you can set up and view detailed inbound and outbound rules and integrate with Internet Protocol Security (IPsec). To access the Windows Firewall with Advanced Security, follow these steps:
Figure 7.7 Windows Firewall with Advanced Security console. You can also access the Windows Firewall with Advanced Security by clicking the Advanced settings option in the Windows Firewall screen. Of course, you must be a member of the Administrators group to use Windows Firewall with Advanced Security. The Windows Firewall with Advanced Security management console enables you to configure the following:
You create inbound rules to control access to your computer from the network. Inbound rules can prevent
To configure advanced properties for a rule using the Windows Firewall with Advanced Security, do the following:
You can also use the Windows Firewall with Advanced Security to create outbound rules to control access to network resources from your computer. Outbound rules can prevent
Computer Connection Security RulesBecause the Internet is inherently insecure, businesses need to preserve the privacy of data as it travels over the network. Internet Protocol Security (IPsec) creates a standard platform to develop secure networks and electronic tunnels between two machines. The two machines are known as endpoints. After the tunnel has been defined and both endpoints agree on the same parameters, the data is encrypted on one end, encapsulated in a packet, and sent to the other endpoint where the data is decrypted. In Windows XP and Windows Server 2003, you configure the Windows Firewall and IPsec separately. Unfortunately, because both can block or allow incoming traffic, it is possible that the Firewall and IPsec rules can conflict with each other. In Windows 7, Windows Firewall with Advanced Security provides a single, simplified interface for managing both firewall filters and IPsec rules. Windows Firewall with Advanced Security uses authentication rules to define IPsec policies. No authentication rules are defined by default. To create a new authentication rule, follow these steps:
To configure advanced properties for the rule, do the following:
Cram Quiz
Cram Quiz Answers
|