MCTS 70-680: Windows 7 Firewall

Uploaded by itfreetraining on 22.10.2011

Welcome back to your free Training course for Windows 7. In this video I will look
at the Windows Firewall included in Windows 7. The firewall was first introduced in
service pack 2 in Windows XP. Since then it has been included with every operating
system and continues to improve. Before I start looking at the Windows Firewall
I will first look at why you need a firewall at all. Even before Windows came with a firewall
companies would deploy a firewall on their network. The firewall would protect clients
on the network from attackers on the internet. The first firewalls were packet filtering
firewalls. These simple firewalls allowed traffic through based on the port which it
was sent on or received on. The problem with this approach is that if you open a port for
say web traffic, an attack could sent data to a client computer that was never ask for
over the web traffic port. To prevent this from happening, statefull
firewalls were created. These firewalls keep track of connections that are made. If a connection
is made then traffic returning from that connection is allowed back in. However, if traffic arrived
that was not asked for it is blocked. This works well when you are behind a company
firewall, but there are two problems with this. Firstly if a computer is behind the
firewall gets infected, it can then infect other computers on the network.
The second problem is when the computer leaves the network and joins anther network. This
is common with laptops. For example, when the laptop connects to a wireless hot spot
or connects up vial a dial up or remote connection. In either case, the computer is connected
to the public internet and can become infected. To prevent this for happening, Microsoft included
the Windows Firewall in their operating systems. This means that if the computer is connected
on the same network that anther computer is connected to which is infected, the local
firewall on the computer will hopefully stop the computer from becoming infected.
What you are doing will determine what kind of rules and security you will require.
To make change between networks easier when using the Windows Firewall, Microsoft has
created network locations. The network location awareness service in
Windows 7 will automatically attempt to change your network based on which network you are
connected to. When you first install a network adapter, Windows will give you this prompt
to help identity which network it is. The network location that is selected will
determine the rules that will be used in the firewall. When the home or work locations
are used you may want to allow file sharing. When connected to a public network you may
want to disable file sharing. Now let’s have a look at how to configure
the Windows Firewall on Windows 7. To configure the basic firewall settings, open the control
panel and select the option system and security. From here, select the option Windows Firewall.
On this screen you get a basic overview of the firewall on this computer.
At the top you can see that the home or work network is currently connected. At the bottom
the network location public networks are not connected. If you had a wireless adapter in
the computer and are worried about security, you may want to configure this adapter to
use the public network settings. If at some point you need to change the location
manually for the network adapter, select the option down the bottom network and sharing
center. The network and sharing center will show you basic information about your network,
which networks are connected and allows you create new connections for example vpn connections
back to your office. Here you can see the active networks. Currently
or network adapter is connected to the domain training dot local and the network location
work network. Once I select work network I will be given the option to choose which network
my network adapter is connected to. In this case I will leave it on the current setting
and go back into the basic firewall configuration screen.
By default, Windows will alert you when a program running on your computer is blocked
by the firewall. If you want to configure the settings manually, you can select the
option allow a program or feature through Windows Firewall. You may need to configure
the setting manually if you have incoming connections that are being blocked. Windows
will not alert you if an incoming connection is blocked, you will only receive alerts for
connections that are blocked when they originated from your computer.
On this screen you can see which programs are being allowed through and which network
locations that are enabled. At first all the options will be grayed out, to makes changes
press the button at the top change settings. Now I can change the settings, for example
I can change file and printer sharing to allowed for home and work but I will still leave it
disabled for the public network. In most cases, when you configure a service like file and
printer sharing, when you enable it Windows it will automatically ask you if you want
to make changes to the firewall. If however you want to fine tune it later or the change
does not occur you can always come in here and set the setting yourself.
Most programs should appear on the list, however if one does not you can always use the option
allow anther program. This will allow you to browser to the executable for the program
that you want to allow through the firewall. In some cases you may want to change how the
Windows Firewall interacts with the user. To do this, select the option change notification
settings. On this screen you can select if the firewall is switched on or off and some
basic settings for it. For example, you can configure each network
location to block all incoming connections. This includes programs you ticked in the list
of allowed programs. When you connect up to a wireless hot spot, for example at the airport,
you may want to configure this setting as this gives you the most security.
The next option will notify the user when a new program is run on the local computer
that is blocked by the firewall. This is a nice feature to have on because the prompt
will automatically give the user the option to add rules to the firewall to allow the
software through. Doing this means the user does not have to configure the firewall manually.
This covers all the basic settings for the Windows Firewall. In the next video I will
look at the advanced options for the Windows firewall. Using this tool you can really customized
your firewall. Thanks for watching this video. Remember to go to our web site for more videos,
exam questions and study guides.