CM51a Windows Firewall

Explanation

Video and Pics

Recommended Settings

Recommended Settings

The recommended settings for the Windows Firewall are

• Block all connections to not explicitly allowed programs.

This is valid for both

• Home or work/private network (incl. VPN)
• Public networks

Windows Firewall Recommended Settings

- Click to enlarge

Windows Firewall Switched off

Windows Firewall reacts with a red warning, when it is turned off.

Windows Firewall Turned Off

- Click to enlarge

Network Discovery

We want to enable network discovery.

The normal procedure for Network Discovery does not work.

Advanced Sharing Settings

- Click to enlarge

Some misconfiguration caused by TinyWall.

Even the Windows troubleshooters cannot resolve the issue.

Windows Firewall Incorrectly Configured

- Click to enlarge

A Bug in TinyWall that overrides all rules inside the Windows Firewall rules.

As we see below, it does not happen always.

Windows Firewall Profiles

Windows Firewall has three different profiles:

• Domain Profile: Typically used by companies when connected to a domain controller.
• Private Profile: For your computer when you are at home and not connected to a domain controller. Typically this applies when you are in a home network.

  

   

• Public Profile: When you change the network location to public.

Profiles in Windows Firewall

.

Local Firewall Setting or Group Policies?

We have the possibility to work either on

• Local Firewall Settings; these are the settings each user is allowed to do on his computer.
• Group Policies: These are the settings that a company or myself give as standard settings for all (their/my) computers.

Profiles concerned:

Domain or private.

A company (or you yourself) may also specify the group policies for a private profile.

Windows Firewall with Group Settings

- Click to enlarge

Wifi Access Problem Point Swisscom Unsecure

Swisscom wifi network is not protected.

Wifi Access Problem Point Swisscom Unsecure

- Click to enlarge

Wifi Access Solution Avast Secureline

Avast Antivirus has option for protecting wifi netwroks. When we turn on this option our connection is encrypted and our location is disguised.

Wifi Access Solution Avast Secureline

- Click to enlarge

Local Group Policy Editor

Windows Firewall Local Group Policy Editor

While running firewalls is a good practice to protect systems from harm, it also can get in the way. One thing I really like about Windows Firewall is its ability to be centrally managed, and the best way to do this is through a Group Policy Object (GPO). On a per-server basis, Windows Firewall can still be managed through the interface in the Control Panel. For Windows Core editions, you can learn the command to disable Windows Firewall via a prompt. (I’ve committed the command to memory.)

Windows Firewall Local Group Policy Editor

- Click to enlarge

Option1: Work on Local Firewall Setting Only

Local Firewall settings means that we disable all settings provided by the group policies.

(see the procedure for disabling the group policies here.).

1) open regedit.exe

2) Change or delete the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall

Group policies now disabled. However this is only temporarily. Windows creates the entry again.

Disabled Group Policies

- Click to enlarge

 Rule sets for File Sharing, Network Discovery, HomeGroup

One can add the prefined rule sets for

• File and Printer Sharing
• HomeGroup
• Network Discovery

File and Printer Sharing in Windows Firewall

The File and Printer Sharing is the most important rule sets.

Filesharing

- Click to enlarge

Network Discovery in Windows Firewall

On one of my computers I was could enable the network discovery with the local Firewall rules, despite some the override created by TinyWall.

Apparently the override does not happen always.

Network Discovery Rules Windows

- Click to enlarge

 Excursion: Network Providers for Windows

Before Windows Vista, various “Discovery” protocols were independent of each other and an application/process had to know the details of how to use a particular protocol. In Windows Vista, the Function Discovery Platform was created to aggregate the information from various protocols into a single place that applications can retrieve it from without having to know the details for accessing a specific protocol. This makes it easier for an application to support this kind of functionality while at the same time making it less dependent on a single protocol that may have been retired.

A list of the built-in providers can be found at this link:

(source)

Windows Network Discovery Platform

- Click to enlarge

Option2: Filesharing over Group Policies

Enter GPEDIT.MSC in the file search.

Edit the group policies for the private domain.

Enable the poliy for File and Printer Sharing

Filesharing via Group Policies

- Click to enlarge