Windows Firewall

Windows Firewall

Windows Firewall is a personal firewall, included with Microsoft's Windows XP and newer operating systems.

Overview

When Windows XP was originally shipped in October 2001, it included a limited firewall called "Internet Connection Firewall". It was disabled by default due to concerns with backward compatibility, and the configuration screens were buried away in network configuration screens that many users never looked at. As a result, it was rarely used. In mid-2003, the Blaster worm attacked a large number of Windows machines, taking advantage of flaws in the RPC Windows service.ref|ms03-026 Several months later, the Sasser worm did something similar. The ongoing prevalence of these worms through 2004 resulted in unpatched machines being infected within a matter of minutes. [ [http://news.com.com/Study:+Unpatched+PCs+compromised+in+20+minutes/2100-7349_3-5313402.html Study: Unpatched PCs compromised in 20 minutes | CNET News.com ] ] Because of these incidents, as well as other criticisms that Microsoft was not being active in protecting customers from threats, Microsoft decided to significantly improve both the functionality and the interface of Windows XP's built-in firewall, and rebrand it as, simply, "Windows Firewall".

ICF supports a security log which can record IP addresses and other data relating to connections originating from the home or office network or the Internet. It can record both dropped packets and successful connections. This can be used, for instance, to track every time a computer on the network connects to a website. This security log is not enabled by default; the administrator must enable it. [ [http://technet2.microsoft.com/windowsserver/en/library/2fcb60d7-545c-4375-8c79-e055c822b41c1033.mspx?mfr=true Internet Connection Firewall security log] ]

Versions

Windows XP

Windows Firewall was first introduced as part of Windows XP Service Pack 2. Every type of network connection, whether it is wired, wireless, VPN, or even FireWire, has the firewall enabled by default, with some built-in exceptions to allow connections from machines on the local network. It also fixed a problem whereby the firewall policies would not be enabled on a network connection until several seconds after the connection itself was created, thereby creating a window of vulnerability. [ [http://www.microsoft.com/technet/community/columns/cableguy/cg0204.mspx The Cable Guy - February 2004 ] ] A number of additions were made to Group Policy, so that Windows system administrators could configure the Windows Firewall product on a company-wide level. XP's Windows Firewall cannot block outbound connections; it is only capable of blocking inbound ones.

Windows Firewall turned out to be one of the two most significant reasons (the other being DCOM activation security) [ [http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/mangxpsp2/mngsecps.mspx#ECAA Security-Related Policy Settings ] ] that many corporations did not upgrade to Service Pack 2 in a timely fashion. Around the time of SP2's release, a number of Internet sites were reporting significant application compatibility issues, though the majority of those ended up being nothing more than ports that needed to be opened on the firewall so that components of distributed systems (typically backup and antivirus solutions) could communicate.

Windows Server 2003

In March 2005, Microsoft released Windows Server 2003 Service Pack 1, which incorporated the same improvements to the firewall product into their server operating system.

Windows Vista

Windows Vista significantly improves the firewall to address a number of concerns around the flexibility of "Windows Firewall" in a corporate environment: [ [http://www.microsoft.com/technet/community/columns/cableguy/cg0106.mspx The Cable Guy - January 2006 ] ]
* A new management console snap-in named "Windows Firewall with Advanced Security" which provides access to many advanced options, and enables remote administration. This can be accessed via Start -> Control Panel -> Administrative Tools -> Windows Firewall with Advanced Security, or by running "wf.msc"
* IPv6 connection filtering.
* Outbound packet filtering, reflecting increasing concerns about spyware and viruses that attempt to "phone home". Outbound rules are configured using the management console.
* With the advanced packet filter, rules can also be specified for source and destination IP addresses and port ranges.
* Rules can be configured for services by its service name chosen by a list, without needing to specify the full path file name.
* IPsec is fully integrated, allowing connections to be allowed or denied based on security certificates, Kerberos authentication, etc. Encryption can also be required for any kind of connection.
* Improved interface for managing separate firewall profiles. Ability to have three separate firewall profiles for when computers are domain-joined, connected to a private network, or connected to a public network (XP SP2 supports two profiles--domain-joined and standard). Support for the creation of rules for enforcing server and domain isolation policies.

Windows Server 2008

Windows Server 2008 contains the same firewall as Windows Vista.

See also

* Comparison of firewalls
* Security and safety features new to Windows Vista
* List of Microsoft Windows components
* Personal firewall
* Microsoft Internet Security and Acceleration Server

References

Notes


# These multiple vulnerabilities were fixed by Microsoft over the course of several months; Microsoft security bulletins [http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx MS03-026] , [http://www.microsoft.com/technet/security/bulletin/MS03-039.mspx MS03-039] , and [http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx MS04-012] cover this in more detail.

External links

* [http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx Understanding Windows Firewall]
* [http://www.windowsecurity.com/articles/Customizing-Windows-Firewall.html Customizing Windows Firewall]
* [http://www.winvistatips.com/windows-firewall-exceptions-a123296.php Adding Windows Firewall Exceptions]
* [http://www.vedivi.com/blog/2008/05/configure-your-firewall-in-c/ Working with Windows Firewall API using VC++ (Examples)]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать реферат

Look at other dictionaries:

  • Windows Firewall — Entwickler: Microsoft Betriebssystem: Windows XP SP2, Server 2003 SP1, Windows Vista Kategorie: Personal Firewall Lizenz …   Deutsch Wikipedia

  • Windows-Firewall — Entwickler Microsoft Betriebssystem Windows XP SP2, Server 2003 SP1, Windows Vista, Windows 7, Windows Server 2008 Kategorie Personal Firewall …   Deutsch Wikipedia

  • Windows Firewall — est un pare feu personnel édité par Microsoft. Il est inclus dans les systèmes d exploitation Microsoft Windows XP (SP2), Windows Server 2003, et Windows Vista. Voir aussi Pare feu de connexion Internet de Windows XP Microsoft ISA Server… …   Wikipédia en Français

  • Windows Firewall — Брандмауэр Windows  встроенный в Microsoft Windows межсетевой экран. Появился в Windows XP SP2. Одним из отличий от предшественника (Internet Connection Firewall) является контроль доступа программ в сеть. Брандмауэр Windows является частью… …   Википедия

  • Windows Live OneCare — A screenshot of Windows Live OneCare 2.5.2900.03 …   Wikipedia

  • Windows Fundamentals for Legacy PCs — Windows XP Bildschirmfoto …   Deutsch Wikipedia

  • Windows NT 5.1 — Windows XP Bildschirmfoto …   Deutsch Wikipedia

  • Windows Product Activation — Windows XP Bildschirmfoto …   Deutsch Wikipedia

  • Windows Whistler — Windows XP Bildschirmfoto …   Deutsch Wikipedia

  • Windows XP — Bildschirmfoto …   Deutsch Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”