Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Is windows 7 firewall enough?

09 Jun 2011   #31
barnabas1969

Windows 7 Ultimate x64
 
 
Firewall configuration

I've read through this thread and scanned through all the ones that were linked herein. The one thing that nobody mentioned is the fact that the Windows firewall comes pre-configured to ALLOW all outbound traffic. The links that pointed to posts that detailed how to configure rules to allow outbound traffic from specific programs/ports neglected to mention that you ALSO need to change the default allow behavior to "block" outbound connections that do not have a rule defined to allow the connection.

You can learn how to configure it here: Ensure Two Way Protection with Windows Firewall | PC Security

However, if you change the default behavior to "block" outbound connections by default, then you will need to configure a rule for each program and/or port that you want to allow an outbound connection. This will give you basically the same experience you get with ZoneAlarm... you may get frustrated because you are going to have trouble at first, until you get everything configured.

Why block outbound connections? Simple. Someone earlier posted about problems with trojans from torrent downloads. You can get trojans from many places... even from trusted websites that have been hacked. The outbound firewall blocking won't prevent the trojans from being installed on your system... but it will prevent the trojan from being able to connect to a server on the internet (which would allow it to potentially send your personal information to thieves)... and it will prevent a worm from propagating to other computers on your local network. Now, I know many of you are thinking... "But my anti-virus software should protect me from the trojan." Yes, and the operative word here is "should". However, as any computer security expert will tell you... it is best to have multiple levels of defense in case one of them doesn't catch the virus/worm/trojan/etc.

Is Windows Firewall easier and less frustrating? Yes... because it doesn't protect you from outbound connections in the default configuration. This means that you won't get those irritating pop-ups asking you if it's OK for some program to access the internet... and it also means that programs can access the internet without your permission or knowledge.

Can Windows Firewall be configured to be just as secure as third-party firewalls? Yes, it can. In fact, it can be configured to be MORE secure than some of them. However, it is not as easy to configure as a firewall like ZoneAlarm. ZoneAlarm, by default, blocks all inbound and outbound traffic. During installation, it asks you if you want to automatically configure common programs to be allowed outbound connections (e.g. Internet Explorer, Outlook, Media Player, etc). Then, when a program that has not been configured tries to make an outbound connection, ZoneAlarm prompts you and allows you to configure it to always allow or always block that program... all without having to open the Control Panel to make the change.


My System SpecsSystem Spec
.
13 Jun 2011   #32
thekb

Windows 7 Ultimate x86
 
 

I don't know about you all, but I use just MS Security Essentials and Windows Defender; my computer's spotless. And while I'm a paranoid security fanatic, I found this combination perfect. Mind you, internet usage(particularly BitTorrent!) is very, very high with me; I used Kaspersky earlier, but my poor 1GB RAM just couldn't take the load, causing extremely slow computing. I removed Kaspersky, and bingo. No viruses, no adware, nothing. The CPU usage rarely goes over 60 percent.
Bottomline: Use MS Security Essentials with Windows Defender, you should have zero trouble.
My System SpecsSystem Spec
13 Jun 2011   #33
Frank1

Desk Top with Win 7 Home Premium 64 bit and Lap Top with Windows 8.1 Pro 64 bit
 
 

Quote   Quote: Originally Posted by SIW2 View Post
You can test your settings here :

**Home of Gibson Research Corporation**

Click Services>Shields Up
I used to use ZA, but as mentioned above it has some issues with Windows 7. I now use the built-in firewall in Windows 7 and have had no problems. However, it is my understanding that the firewall that comes with Windows will monitor incoming traffic but not outgoing. I have tested Gibson's Leak-Test with ZA and with the windows firewall. When testing with ZA, a pop-up message told me that the firewall could not be penetrated. But when I tested with Windows fire wall it said,"Fire Wall Penetrated!" So it seems that ZoneAlarm's fire wall did the best job. But because of the problems with it, I don't use it. Does anyone know of a good firewall that will monitor both incoming and outgoing traffic that will work with Windows 7?
My System SpecsSystem Spec
.

13 Jun 2011   #34
I be he

Win 7 64 premium
 
 

Quote   Quote: Originally Posted by thekb View Post
I don't know about you all, but I use just MS Security Essentials and Windows Defender; my computer's spotless. And while I'm a paranoid security fanatic, I found this combination perfect. Mind you, internet usage(particularly BitTorrent!) is very, very high with me; I used Kaspersky earlier, but my poor 1GB RAM just couldn't take the load, causing extremely slow computing. I removed Kaspersky, and bingo. No viruses, no adware, nothing. The CPU usage rarely goes over 60 percent.
Bottomline: Use MS Security Essentials with Windows Defender, you should have zero trouble.
I ve had a couple of trojens that got by MSE, and only MBAM was able to remove them with a full scan.
My System SpecsSystem Spec
13 Jun 2011   #35
Capt.Jack Sparrow

Windows 7 Ultimate - 64-bit | Windows 8 Pro - 64-bit
 
 

Quote   Quote: Originally Posted by barnabas1969 View Post
I've read through this thread and scanned through all the ones that were linked herein. The one thing that nobody mentioned is the fact that the Windows firewall comes pre-configured to ALLOW all outbound traffic. The links that pointed to posts that detailed how to configure rules to allow outbound traffic from specific programs/ports neglected to mention that you ALSO need to change the default allow behavior to "block" outbound connections that do not have a rule defined to allow the connection.

You can learn how to configure it here: Ensure Two Way Protection with Windows Firewall | PC Security

However, if you change the default behavior to "block" outbound connections by default, then you will need to configure a rule for each program and/or port that you want to allow an outbound connection. This will give you basically the same experience you get with ZoneAlarm... you may get frustrated because you are going to have trouble at first, until you get everything configured.

Why block outbound connections? Simple. Someone earlier posted about problems with trojans from torrent downloads. You can get trojans from many places... even from trusted websites that have been hacked. The outbound firewall blocking won't prevent the trojans from being installed on your system... but it will prevent the trojan from being able to connect to a server on the internet (which would allow it to potentially send your personal information to thieves)... and it will prevent a worm from propagating to other computers on your local network. Now, I know many of you are thinking... "But my anti-virus software should protect me from the trojan." Yes, and the operative word here is "should". However, as any computer security expert will tell you... it is best to have multiple levels of defense in case one of them doesn't catch the virus/worm/trojan/etc.

Is Windows Firewall easier and less frustrating? Yes... because it doesn't protect you from outbound connections in the default configuration. This means that you won't get those irritating pop-ups asking you if it's OK for some program to access the internet... and it also means that programs can access the internet without your permission or knowledge.

Can Windows Firewall be configured to be just as secure as third-party firewalls? Yes, it can. In fact, it can be configured to be MORE secure than some of them. However, it is not as easy to configure as a firewall like ZoneAlarm. ZoneAlarm, by default, blocks all inbound and outbound traffic. During installation, it asks you if you want to automatically configure common programs to be allowed outbound connections (e.g. Internet Explorer, Outlook, Media Player, etc). Then, when a program that has not been configured tries to make an outbound connection, ZoneAlarm prompts you and allows you to configure it to always allow or always block that program... all without having to open the Control Panel to make the change.

Windows Firewall by default allow but you could use Windows Firewall Control (Free Edition) Windows7FirewallControl : Sphinx Software and set that to block all the incoming connections and outgoing connection then you can define you exceptions. To be honest ZA creates lot of problems on Windows 7 like appcrashes, Blue screens etc. I usually don't recommend ZA.

This is just my opinion
My System SpecsSystem Spec
13 Jun 2011   #36
marsmimar

Microsoft Community Contributor Award Recipient

 
 

I think most, if not all, security "experts" will agree that no antivirus, no antispyware, no antimalware product of any kind is 100% effective 100% of the time. And once a computer is infected, you can never be 100% sure that it's been completely cleaned regardless of what your fancy scanning tools might say.

If people are going to visit questionable websites, open unexpected email attachments, click on unknown pop-ups, give out their personal information to strangers claiming to represent some rich Nigerian prince who needs their help, then those people will get infected some day. Knowing that, why don't more people make use of the excellent imaging tools that are available? Many of them free.

Set up your computer the way you want including your antimalware of choice. Update everything. Install all of your other programs and update them as well. Before you do anything else, make a system image! Instead of wondering if all of your fancy scans really cleaned your machine, just reinstall that clean image. How hard is that?
My System SpecsSystem Spec
13 Jun 2011   #37
barnabas1969

Windows 7 Ultimate x64
 
 

First, Microsoft Security Essentials is an anti-virus software package. Windows Defender is an anti-spyware package. Neither of these replaces a firewall.

Second, if you had problems with Zone Alarm, it was because Zone Alarm was blocking some traffic that you wanted to allow. You could have simply configured it to allow the traffic that you wanted to allow. By using Windows Firewall without configuring it to block outbound connections, all you've accomplished is making your computer less secure by allowing all outbound connections. This is easier from a user perspective (nothing to configure and no annoying pop-up warnings), but much less secure.

I've been using ZoneAlarm since it came out 10 years ago. No BSOD's. Yes, it did have a compatibility problem with Windows 7, but that has been fixed. If you install the latest version of ZA, there is no problem with Windows 7.

Yep, no antivirus/anti-spyware/firewall is 100% perfect. That's why you need all three (plus a router with built-in firewall). When one fails, the other might catch it. Any security expert will tell you that you need multiple levels of protection.

Both Windows Firewall and ZoneAlarm can be configured to protect your computer. There are advantages and disadvantages to both.

Windows Firewall Advantages:
+Can be configured to block all outbound traffic
+Can be configured to allow outbound traffic from specified programs
+Can be configured to allow outbound traffic via specified ports
+Can be configured to allow outbound traffic to specified IP addresses/host names.

Windows Firewall Disadvantages:
-Comes pre-configured to allow ALL outbound traffic.
-Configuration is not as easy as ZoneAlarm
-Each program needs to be configured manually to allow outbound traffic (IE, Firefox, Chrome, Outlook, etc)

ZoneAlarm Firewall Advantages:
+Comes pre-configured to block all outbound traffic by default.
+Simple installation program asks you if you want to allow outbound connections from known-safe programs (like IE, Firefox, Chrome, Outlook, etc).
+When a new program attempts to make a connection, the pop-up allows you to configure the new program with a very simple Allow/Disallow/Don't-ask-me-again dialog.
+Can be configured to allow outbound traffic from specified programs
+Can be configured to allow outbound traffic to specified IP addresses/host names.
+Tracks changes to pre-configured programs. When a program is updated, ZoneAlarm knows this and will prompt you before an outbound connection is allowed from that program. This prevents programs which have been altered by a virus from penetrating the firewall without your permission.

ZoneAlarm Firewall Disadvantages:
-Annoying pop-ups until you have everything configured. This usually only happens for the first day or so.
-Cannot configure to allow outbound via specified PORTS unless you purchase the "Pro" version.
My System SpecsSystem Spec
Reply

 Is windows 7 firewall enough?




Thread Tools




Similar help and support threads
Thread Forum
Windows firewall blocking .exe file even after firewall is disabled
Hey everyone, This is my first post, and first time I've not been able to solve my problem by searching previous posts...so hopefully someone can help me out. I'm trying to install a downloaded .exe file, and Windows firewall is blocking it regardless of whether the firewall is active or not; the...
System Security
Windows Firewall disables itself every 5 or 6 hours "Wndows Firewall i
I have a problem with Windows Firewall disabling itself every 5 or 6 hours on my computer! Windows Firewall will automatically disable itself and give the following message "Windows Firewall is not using the recommended settings to protect your computer." with only one option "use recommended...
System Security
Windows Firewall starts with 3rd party firewall installed and active
Hi guys, Could anyone explain to me why Windows Firewall starts when I have Comodo Firewall installed and running? It makes me nervous! :confused: I have a fresh installation of Comodo Internet Security. The only reason I knew it was running was because I got the message after a reboot,...
System Security
Windows Personal Firewall service and Mcafee firewall not turning on
I have been dealin with this 2 days now and went through all the steps recommended by Microsoft... even downloaded Virtual tech for mcafee and FIx it for MS none worked. went to google to try to follow other advises and tried to do malware removal . after it i followed these steps: Download both...
System Security
eset firewall and anti virus or whats the best firewall with windows
IS the esset firewall any worth comparied to comando? or outpost or others? I know its mainly a anti virus with built in firewall but does is it worth it? is comando the best?
System Security
Question about Comodo Firewall and Windows Firewall
Hi and thanks for viewing this thread. I hope you can help me! :) I have a few questions which I will number and I hope you can answer them in detail, as it would be much appreciated. (I am using W7 64-Bit) 1. Is Comodo Firewall reccomended? (I am using it currently but am unsure, as I have...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 08:18.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App