Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Questions about Windows Firewall


20 Oct 2012   #1

Windows 7 Home Premium x64 SP1
 
 
Questions about Windows Firewall

Hi,

I've been a ZoneAlarm Pro (firewall only) user for the last 11 years, at the time I started with ZA the Windows firewall was lacking many features and ZA was among the top firewalls. My ZA subscription expires in Nov and I would like to move to the Windows brand of firewall.

Right now I use MSE, MalwareBytes, and SpywareBlaster along with ZA. I haven't ever used the Windows firewall and am considering changing to it. My questions would be has it improved over the years, does it block outgoing traffic, is it user friendly configurable if something needs to be allowed in or out? If Microsoft is offering a comparable product I would rather use it than a third party application.

I know all things like this are personal preference but I am asking for opinions, all are welcome, thanks to all who reply.

My System SpecsSystem Spec
.

20 Oct 2012   #2
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

You can learn about Windows firewall here: How to Configure Windows Firewall on a Single Computer
My System SpecsSystem Spec
20 Oct 2012   #3

Windows 7 Ultimate x64
 
 

In Windows 7, the built-in firewall is MUCH better than in XP. I think it now deserves at least a try, unlike in XP where everyone was forced to disable it. I'm using it now and, while still far from the best, it's good enough for most needs. A quick resume out of my mind:

Pros:
-Built-in with Windows, no additional downloads or extra fees
-Extensive configuration options in the advanced mode
-Filter incoming and outgoing connections
-Filter by origin/destination IP, port, program and network type

Cons:
-Quite insecure by default, unless you enable outgoing blocking
-Somewhat hidden configuration options. The advanced screen in administrative tools is THE setup area, while the control panel applet is totally useless
-LACK of notifications for blocked outgoing connections, and non-working for incomming.
My System SpecsSystem Spec
.


20 Oct 2012   #4

Win 7 Pro x64 SP1, Win 7 Ult x86 SP1
 
 

With Windows 7 I've only used the built in firewall and haven't had any problems in 3 years.
I also use a router firewall.
I read about TinyWall, a free front end for the Windows firewall.
I haven't tried this yet, but here is a SF thread you should check out (with the link to TinyWall):
PC Tools Firewall discontinued. Looking for replacement.
My System SpecsSystem Spec
21 Oct 2012   #5

Windows 7 Ultimate x64
 
 

Windows Firewall has improved, though it still isn't considered to be as effective as the industry leader Comodo . It all depends on what you do while online, and what you're likely to encounter.
My System SpecsSystem Spec
21 Oct 2012   #6

Windows 8.1 Pro (x64)
 
 

I never understood the reason people need outbound blocking. If you don't want your computer to access the internet, disconnect it. As it is, what most people need is inbound blocking which the built in firewall handles. But what is better, sit behind a router (or modem with a built in firewall) that blocks all inbound traffic that was not established from within the network. Pretty much all consumer routers do this making expensive software firewalls like ZoneAlarm absolutely useless, does nothing productive but waste CPU cycles. (The router is already blocking all inbound traffic not established from within the network.)
My System SpecsSystem Spec
21 Oct 2012   #7

Windows 7 Home Premium x64 SP1
 
 

Quote   Quote: Originally Posted by logicearth View Post
I never understood the reason people need outbound blocking.
My reasoning for outbound protection is a trojan, worm, virus, or malware could be generating outbound traffic to a server to then use your box for DDOS attacks, hundreds of spam emails, etc...

Quote:
Pretty much all consumer routers do this making expensive software firewalls like ZoneAlarm absolutely useless, does nothing productive but waste CPU cycles. (The router is already blocking all inbound traffic not established from within the network.)
My router/modem is a 3600HGV (ATT Uverse internet Gateway) For me ZA (firewall only) at $24,95 per year isn't expensive, it doesn't seem to affect my PC performance. I'm most interesting in getting other users opinions and experiences with the Microsoft firewall. I have been leaning toward using the windows firewall since I installed Windows 7 in spring of this year.

I do go to sites that would be considered the "wrong side of the tracks" sometimes, I don't do torrents or P2P.

Thanks to everybody that has replied so far All that reply to this thread will get rep.
My System SpecsSystem Spec
21 Oct 2012   #8

Windows 8.1 Pro (x64)
 
 

Quote   Quote: Originally Posted by cmmtch View Post
My reasoning for outbound protection is a trojan, worm, virus, or malware could be generating outbound traffic to a server to then use your box for DDOS attacks, hundreds of spam emails, etc...
You are better off removing them from your computer by keeping your anti-malware application updated. A firewall on your computer is not really going to do anything to prevent malware (which probably has root access) from doing what it wants, including bypassing the firewall's restrictions.

* I handle corporate sized networks and security of those networks. Outbound protection, never found useful other then a headache.
My System SpecsSystem Spec
21 Oct 2012   #9

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by logicearth View Post
I never understood the reason people need outbound blocking. If you don't want your computer to access the internet, disconnect it. As it is, what most people need is inbound blocking which the built in firewall handles. But what is better, sit behind a router (or modem with a built in firewall) that blocks all inbound traffic that was not established from within the network. Pretty much all consumer routers do this making expensive software firewalls like ZoneAlarm absolutely useless, does nothing productive but waste CPU cycles. (The router is already blocking all inbound traffic not established from within the network.)
You're completely wrong about the outbound block. It's the most important aspect of a software firewall, because precisely of the NAT routing. For incoming protection, as you say, NAT router or hardware firewall will do most of the job. But note that it does NOT blocks possible attacks from intranet, which are commonplace in corporative environments with many users.

But why does anyone needs outgoing protection? It's not simply a matter of unplug the computer, but the security aware user will most likely want selective connectivity. That is, certain things are allowed and some others don't. An example, a web browser should be allowed outgoing traffic on ports 80 and 443, but likely another program (virus?) trying to "phone home" on port 80 and steal sensitive data, for example a keylogger, must be blocked. Also, some programs open connections when they don't really need to, wasting bandwidth. Outgoing software protection is a good option to prevent those, even at the expense of the CPU cycles, which I think are well spent.
My System SpecsSystem Spec
22 Oct 2012   #10

Windows 8.1 Pro (x64)
 
 

Malware, can utilize a third-party like your browser that is allowed though your firewall to send its message. Malware that has root access can also bypass firewall restrictions. Second, outbound blocking does not protect from intranet attacks nor is it needed, the built in firewall for Windows already blocks inbound connections that are not established.
My System SpecsSystem Spec
Reply

 Questions about Windows Firewall




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 06:32 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33