By: Jorge Mora, ConvergeSecure® Engineer
Windows Defender Firewall is Microsoft’s answer to potential network level threats. Windows Operating Systems have included a firewall since Windows XP. In this instance, we will be covering the Windows Defender Firewall that is included with Windows 10. It has evolved from its original “Internet Connection Firewall” name and gained a lot more customization along the way. In essence, Windows Defender Firewall is in place to block and allow network traffic.
For an everyday user that is looking to get protected at some level, all three firewall profiles should be enabled. Most users will not need to make any changes as programs add exceptions to the firewall as they are installed. The exceptions that are added upon a program installation are for the program itself enabling it to reach the internet. This helps with keeping the applications that are installed updated without any issues.
To see what your settings are on your firewall, click the windows icon on the task bar and search for “Windows Defender Firewall”
There are 3 profiles of firewall that Windows uses; Domain, Private and Public connections. In this instance, I am connected to the network via the Domain profile.
Public – This is the most restrictive of all firewalls. Public profile assumes that you are in a coffee shop/restaurant type setting.
Private – This is less restrictive than public. However, it is more restrictive than the Domain profile.
Domain – This profile is generally the least restrictive of the three. By default, it allows more inbound connections, used to share a file, for example. This is used in domain environments with computers that have been joined to a domain.
NOTE: Most users should have their home networks set to “Private”, as this will allow more open connections to the computer.
After installing a program, it will generally try to reach the internet for an update/use. You may get this security prompt:
There generally isn’t a reason to change any of these settings. Should you accidentally deny “Google Chrome” access to the network and need to allow access. You would go to “Allow an app or feature through Windows Defender Firewall”
Before you make a change to allow a program network access, ensure that you are making this change for a trusted program. Next, have the name of the correct program. Then be certain of which firewall you are going to make the changes to (Domain, Private or Public.) Once you have identified those things, it’s a simple check mark in the correct program and firewall. If the program is unchecked, this means that it is being blocked.
To go beyond these basics and see options for security across your entire network infrastructure, check out our Unified Threat Management page.