How to setup Windows 7 firewall to work like a normal personal firewall?

29
2013-07
  • ef2011

    Since Windows 7 already comes with its own firewall, I prefer not to install a 3rd party one.

    However, when I started trying to set it up, I quickly discovered that it's much less user-friendly than any personal firewall I have ever seen (e.g. Sygate for XP, Comodo for Windows 7, etc.)

    Instead of being configured by default to block all Internet inbound and outbound traffic (i.e. not LAN), and then prompt you whenever unauthorized program tries to “call home”, it seems to allow all outbound traffic… (which is a spyware paradise).

    I tried to configure it like a “ standard personal firewall” but this task turned to be anything but trivial:

    • First, I was greeted by having to select one of three profiles: Domain | Private | Public:

      1. Domain    is n/a because I don’t use a domain controller
      2. Private   is me! (yes, I have a tiny LAN)
      3. Public    is n/a because my Windows 7 laptop is only connected through my router/firewall

    • So I proceeded with the following:

      1. Domain  : All blocked (changed outbound from default)
      2. Private : Inbound blocked, outbound allowed (keep defaults)
      3. Public  : All blocked (changed outbound from default)

    Yet, I keep seeing all sorts of programs “calling home” without Windows firewall ever prompting or even notifying me about it.

    Any idea how I can proceed from here? Is it possible at all to use the Windows 7 firewall to effectively control outbound traffic?

    • Answers
  • Eternal Learner

    By default, Windows Firewall with Advanced Security allows all outbound network traffic.

    To block the network traffic for prohibited programs, you must create an outbound rule that blocks traffic with specific criteria from passing through Windows Firewall with Advanced Security.

    Alternatively, you can change the default outbound action to block, and then create outbound allow rules to allow required traffic. This technique is demonstrated in this TechNet article.

  • surfasb

    Windows does not notify you when programs make outbound calls, because it is very costly CPU wise, and even more costly from a software development standpoint.

    To control outbound traffic, you'll need to block all outbound traffic then set specific rules.

  • ITGabs

    Try "Windows 7 Firewall Control" This program works with the Windows Firewall and is independent from the Windows Firewall application itself and will ask you what to do like a personal firewall http://www.sphinx-soft.com/Vista/index.html



    • view all most popular Amazon Coupons
    .
    Related Question

    How do I get the Windows 7 Firewall to prompt me whether to allow or deny a new connection?
  • Epaga

    Possible Duplicate:
    How can I configure the Windows 7 firewall to prompt me on outbound traffic?

    In Vista and before, new programs attempting an ingoing or outgoing connection would cause a Windows prompt whether to allow or deny the program as a rule.

    In Windows 7 I seem to have to manually enter rules. Is there any way to get Windows 7 to ask me on its own?

    Edit : The options MrStatic points to in his answer are already turned on. No prompts, hence my question. See this forum entry for another guy with the same problem


    • Related Answers
  • WalterJ89

    The windows firewall generally sucks horribly. I had trojan just last month that bypassed it and was sucking all my bandwidth sending something.(I think it was actally trying to take everything) the windows firewall really only blocks incoming connections. if something wants to send something windows isn't going to stop it one bit.

    I use Comodo firewall now, although honestly it can be set to the most paranoid settings its rediculous. it even can be set to the point of letting you know every time a process starts and when one file is calling another or when a program wants to write to disk. I went through a few before I got to this one and I'm happy with it (i turned off all those rediculous settings, it just tells me about unusual things)

    and to answer your question, not really. other than what you have its 90% manual and it doesn't block outgoing(not really)

  • teknikqa

    I don't know if it is possible to do it any other way in Windows 7.

    Take a look at Windows 7 Firewall Control. This basically provides more control over the Windows 7 firewall. It will notify you of any application that is blocked. You can then change its permissions. The free version should suffice for your needs.

  • 8088

    Control Panel\All Control Panel Items\Windows Firewall\Customize Settings

    When you goto the control panel for the windows firewall its on the top left with the first UAC shield.

    Firewall panel