Windows firewall

  • Thread starter Thread starter Jay
  • Start date Start date
J

Jay

Has this been improved enough to be considered useable?
Can I employ this with a certain amount of confidence or am I best to stick
with a 3rd party product?

Thanks
Jay
 
The new Windows Vista Firewall is a stateful host-based firewall that
allows or blocks network traffic according to its configuration and the
applications that are currently running to provide a level of protection
from malicious users and programs on a network.
The new Windows Firewall includes enhancements for better protection
and more advanced configuration.

http://www.microsoft.com/technet/community/columns/cableguy/cg0106.mspx

--
Carey Frisch
Microsoft MVP
Windows - Shell/User

---------------------------------------------------------------------------­-----

:

Has this been improved enough to be considered useable?
Can I employ this with a certain amount of confidence or am I best to stick
with a 3rd party product?

Thanks
Jay
 
Jay said:
Has this been improved enough to be considered useable?
Can I employ this with a certain amount of confidence or am I best to
stick with a 3rd party product?

Thanks
Jay

The XP Firewall only handled incoming information but not outgoing. In
Vista it handles both. My firewall of choice is Agnitum's Outpost Firewall
which is far more configurable and provides a lot more information but is
not currently compatible with Vista. The Vista Firewall seems adequate to
the task while I'm awaiting a Vista compatible version of Outpost.

On my system, the Vista Firewall passed the test at Shields Up. I'm using
it in combination with Windows Defender, which helps protect against malware
and Avast Antivirus. Vista Firewall, is adequate and probably all you need
for most protection but may lack feature you're used to in other firewalls.
 
The XP Firewall only handled incoming information but not outgoing. In
Vista it handles both. My firewall of choice is Agnitum's Outpost
Firewall which is far more configurable and provides a lot more
information but is not currently compatible with Vista. The Vista
Firewall seems adequate to the task while I'm awaiting a Vista compatible
version of Outpost.

On my system, the Vista Firewall passed the test at Shields Up. I'm using
it in combination with Windows Defender, which helps protect against
malware and Avast Antivirus. Vista Firewall, is adequate and probably all
you need for most protection but may lack feature you're used to in other
firewalls.

Thanks.

Jay
 
Jay said:
Has this been improved enough to be considered useable?
Can I employ this with a certain amount of confidence or am I best to
stick with a 3rd party product?

As far as I know, not even the XP SP2 firewall has ever been exploited. But
Vista's firewall (See Windows Firewall with Advanced Security in
Administrative Tools) is now very configurable and offers some level of
outbound protection -- although it's debatable whether or not that's really
necessary, given Vista's other new security features. I've never really
cared much about outbound protection because I don't install naughty
programs on my machines. Every once in a while I'll use Lavasoft and some
other software to scan for malware that NOD32 might have missed, but all
they ever find are some tracking cookies that I hadn't already blocked by
other means. And the average user, who might actually need outbound
protection, will simply click "Yes" to allow some bad guy program to call
home to momma anyway.

I do, however, want to make sure that no one I don't want is getting /into/
my machines.

IMHO, nothing beats ISA Server's intelligence. It's much more than just a
stateful packet inspection firewall. If you want the best protection and
you've got the dough (and an old Win2K server lying around somewhere), get
it and spend the time to learn it.

But I think that most users will get the same level of relative safety with
Windows Firewall as they would with other software firewalls, especially if
they're also running behind a NAT device, e.g., a DSL modem (many cable
modems do not offer NAT). I don't think that Symantec, McAfee, or anyone
else's software or hardware firewalls offer any better real protection. (I
think the hype in the marketplace is a little over-the-top). If they close
ports, inspect packets for suspect content, an allow you to create custom
rules, they're all pretty much the same.

Of course, this is just my opinion, and there are a lot of real fans of
other products out there.
 
David Dickinson said:
As far as I know, not even the XP SP2 firewall has ever been exploited.

Thanks my Vista notebook is not connected to the net yet so I was thinking
ahead a bit.
My question came about because after a reboot yesterday of my XP Pro SP2
desktop I got an error telling me my Kerio firewall drivers were the wrong
version (no idea how that could have happened). After some exploring I was
no nearer fixing it. Didn't have the original msi to do a repair and gave up
trying to re-find the free version online.

I ended up d/l Zone Alarm and am running that.
That's when I got to wondering about Windows Firewall and whether it was
still one-way.
Now following what you say above about XP SP2 I'm wondering whether to ditch
ZA and just use WF.

Jay
 
Jay said:
Has this been improved enough to be considered useable?
Can I employ this with a certain amount of confidence or am I best to
stick with a 3rd party product?

Thanks
Jay


Depends how confident you are
 
The XP Firewall only handled incoming information but not outgoing. In
Vista it handles both.

In my view, the XP FW is doing its job adequately. Provided you surf safely
and are careful what to install there is no concern with respect to outbound
traffic.

What was the *technical* justification for re-designing Vista FW (handling
outbound traffic) ?
Was it customer pressure ?
 
Kayman> said:
In my view, the XP FW is doing its job adequately. Provided you surf
safely and are careful what to install there is no concern with respect to
outbound traffic.

What was the *technical* justification for re-designing Vista FW (handling
outbound traffic) ?
Was it customer pressure ?

It's not a debate. The OP asked for information and I provided it. Whether
or not something, a feature, is important to you is a matter of personal
preference.

I don't generally participate in what might be termed risky computing, no
file sharing, no file sharing sites, etc. However, I have on rare occasions,
accidentally clicked an item that surreptitiously installed something and my
firewall picked it up when it tried its outbound attempt which I caught,
stopped and because of the information provided in my firewall I was able to
find and remove. Usually, most outbound alerts are items you install that
phone home looking for updates but this was one of those moments that it
came in handy. I'd rather have it and not need it than need it and not have
it.

I don't work for Microsoft, I have no idea why they changed it. This was a
comment/complaint that came up and given the security holes in the OS and
just general human nature they probably felt it was worth adding this layer
of protection to the firewall.
 
I assume that you are using a router/firewall. Then the Windows Firewall is
quite adequate.
 
Jay said:
Thanks my Vista notebook is not connected to the net yet so I was thinking
ahead a bit.
My question came about because after a reboot yesterday of my XP Pro SP2
desktop I got an error telling me my Kerio firewall drivers were the wrong
version (no idea how that could have happened). After some exploring I was
no nearer fixing it. Didn't have the original msi to do a repair and gave
up trying to re-find the free version online.

I ended up d/l Zone Alarm and am running that.
That's when I got to wondering about Windows Firewall and whether it was
still one-way.
Now following what you say above about XP SP2 I'm wondering whether to
ditch ZA and just use WF.

Kerio Firewall is now put out by Sunbelt Software. They still offer free
and paid versions. I use it on one of my XP installations.

http://www.sunbelt-software.com/Home-Home-Office/Sunbelt-Personal-Firewall/

In Vista I use the built in Firewall, seconding the opinions by Michael and
David.
 
Michael Solomon said:
... given the security holes in the OS and just general human nature they
probably felt it was worth adding this layer of protection to the
firewall.

Hopefully, the combination of Windows Firewall, UAC, apps running as
standard users, and Windows Defender (along with whatever anti-malware apps
that OEMs install) will do a little more to protect users from themselves.
If users get enough warnings -- even if the warnings don't say "NO!"
outright -- maybe the folks in support will get fewer calls about infections
and infestations.
 
Michael Solomon said:
It's not a debate. The OP asked for information and I provided it.
Whether or not something, a feature, is important to you is a matter of
personal preference.

I don't generally participate in what might be termed risky computing, no
file sharing, no file sharing sites, etc. However, I have on rare
occasions, accidentally clicked an item that surreptitiously installed
something and my firewall picked it up when it tried its outbound attempt
which I caught, stopped and because of the information provided in my
firewall I was able to find and remove. Usually, most outbound alerts are
items you install that phone home looking for updates but this was one of
those moments that it came in handy. I'd rather have it and not need it
than need it and not have it.

I don't work for Microsoft, I have no idea why they changed it. This was
a comment/complaint that came up and given the security holes in the OS
and just general human nature they probably felt it was worth adding this
layer of protection to the firewall.
--
Didn't want to start a debate. Merely a statement linked with a couple of
questions. You did see the question marks, did you not? (No need to reply
:)).
 
David Dickinson said:
Hopefully, the combination of Windows Firewall, UAC, apps running as
standard users, and Windows Defender (along with whatever anti-malware
apps that OEMs install) will do a little more to protect users from
themselves. If users get enough warnings -- even if the warnings don't say
"NO!" outright -- maybe the folks in support will get fewer calls about
infections and infestations.


I am very savvy when it comes to protection which is why I didn't have
Windows FW turned on in the first place ;-)
I protect my home machine as stringently as my outfacing SQL boxes at work.

Jay
 
Jay said:
I am very savvy when it comes to protection which is why I didn't have
Windows FW turned on in the first place ;-)
I protect my home machine as stringently as my outfacing SQL boxes at
work.

Obviously :)

My main concern here is with average users. (I haven't used Windows FW for
years -- one of my W2K3 servers at home runs ISA Server -- my home is my
office, so I've got no choice).

Average users are neither as savvy nor as willing to spend the money (they
don't absolutely have to, anyway). In addition, they don't know and
shouldn't have to know how to configure such protection. Since most
consumers are going to get the least expensive machine they can find,
built-in protection becomes important.

I note, however, that even though prominent third-party apps, notably
Symantec and McAfee, come with redundant features, since Microsoft's
antivirus attempt is insufficient for any use (ref: av-comparatives.org),
folks will buy the full-featured versions of those other apps, making
Windows FW unnecessary.

But if Vista had decent built-in AV protection then it's arguable that the
average home or small business user might have most of the protection they
need built in to the operating system. Then Norton and (especially) McAfee
would have to compete by writing software that is actually good. (Lets just
hope that AVK, Trustport, and -- my favorite -- NOD32 get the marketing that
they deserve.)

And now that I've totally destroyed the point of your thread by wandering so
far afield, I think I'll get some lunch.

David
 
Kayman> said:
Didn't want to start a debate. Merely a statement linked with a couple of
questions. You did see the question marks, did you not? (No need to reply
:)).

I apologize for the comment. I saw the question marks but I saw the
question as a statement posed as a question.:-)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top