The Windows Firewall with Advanced Security is a tool which allows you a lot more control over the rules applied by the Windows Firewall to protect your computer. With it, you can tweak all properties of every security rule, define new rules or disable undesired ones. In this tutorial I will give you an overview of this tool and all the available features.
Where to Find the Windows Firewall with Advanced Security
You have several alternatives to finding the Windows Firewall with Advanced Security. One is to open the standard Windows Firewall window, by going to 'Control Panel -> System and Security -> Windows Firewall'. Then, click on 'Advanced settings'.
Another way is to search for the word 'firewall' in the Start Menu search, and click on the Windows Firewall with Advanced Security shortcut.
Once opened, the Windows Firewall with Advanced Security window will be similar to the one below.
What are Inbound & Outbound Rules?
In order to provide the security you need, the Windows Firewall has a standard set of inbound and outbound rules, which are enabled depending on the location of the network you are connected to.
Inbound rules are applied to the traffic that is coming from the network/Internet to your computer. Outbound rules apply to the traffic from your computer to the network/Internet.
These rules can be configured so that they are specific to: computers, users, programs, services, ports or protocols. You can also specify to which type of network adapter (e.g. wireless, cable, virtual private network) or user profile it is applied to.
In the Windows Firewall with Advanced Security, you can access all these rules. All you have to do is to click on the appropriate link from the left-side panel.
The rules defined can be enabled or disabled. The ones which are enabled (active) are marked with a green check-box in the Name column. The disabled ones are marked with a gray check-box. If you want to know more about a specific rule and all its properties, right click on it and select Properties.
In the Properties window, you will see complete information about the selected rule, what it does and in which scenarios it is applied. You will also be able to edit it and change any of its parameters.
What are Connection Security Rules?
Connection security rules are used to secure traffic between two computers while it crosses the network. One example would be a rule which defines that connections between specific computers must be encrypted.
Unlike the inbound or outbound rules, which are applied only to one computer, connection security rules require that both computers have the same rules defined and enabled.
If you want to view if there are any such rules defined for your computer, click on 'Connection Security Rules' on the left-side panel. By default, there are none defined for Windows 7 computers. They are generally defined by yourself or your network administrator.
What Does the Windows Firewall with Advanced Security Monitor?
The Windows Firewall with Advanced Security also offers some monitoring features. Under the Monitoring section, from the left-side panel, you can find the following information: which firewall rules - both inbound and outbound - are active, which connection security rules are active and if there are any active security associations.
One important note is the fact that the Monitoring panel will show only the active rules for the current profile. If there are any rules which are enabled for other profiles, you will not see them on the list.
As you can see from this tutorial, the Windows Firewall with Advanced Security is a pretty complex tool. It does allow complete control over all security rules but you need to know some networking in order to use it. That's why Microsoft recommends that only IT administrators use this tool.
However, if you read our tutorials carefully and you know a bit of networking, you can definitely work with it and get the security level you desire.