Vista’s Firewall

The other day I decided to check the Vista Firewall in detail since I had never actually gone through it after installing my beta version on the laptop. Considering the fact that security has been a prime concern recently for all small business and organizations, the Windows Vista Firewall surley has that “something more” in store. Here are some highlights that I would like to share:

  • Different Interface: This time the firewall comes with more managible options compared to the Security Center that we have in Windows XP. There is a beginners interface which is accessible from the Control Panel while we have a more advanced interface for the geeks out there. This can be accessed by creating a custom MMC. It’s good in a way that the advanced controls are not left out in the open since this would prevent the beginners from disrupting the firewall rules while providing a way for advanced users to customize firewall settings more granularly and control outbound as well as inbound traffic. For network and system administrators, now configuring the firewall on clients can also be controlled via Group Policy settings.
  • Secure by Default: The moment the firewall is installed, it is configured by default to block all incoming traffic while allowing all outbound. The Vista firewall also works in conjunctions with Vista’s new Windows Service Hardening feature. This means that if the firewall detects behavior that is prohibited by the Windows Service Hardening network rules, the firewall will block that behavior. The firewall also fully supports a pure IPv6 network environment.
  • PING is Blocked: Digging deeper in to the advanced configuration, I noticed that all incoming ICMP requests were blocked. Well, that surley means that finding the host for hacking is going to be difficult now though it also means no more preliminary diagnostics unless the block is cleared.
  • Inbound and Outbound Rules: Now that’s where I like to play. The advanced interface opens up a lot more features of the firewall where we can open up custom ports for specific programs. We can even make selection from some predefined configurations or run the rule creation wizard. The best part is that we can apply rules to services, ports or programs. Now that’s flexibility at work.
  • AD Based Rules: This, I would say, is a blessing for network and system administrators. Now we can create rules which directly integrate with the Active Directory to block or allow connections based on Active Directory User, Computer, or Group Accounts. The flip side — the connection should be secured by IPSec with Kerberos v5.
  • Multiple Policies: Using the MMC snap-in for advanced configuration we can set up multiple firewall profiles so that we can have a different firewall configuration for different situations. I created three firewall profiles on my laptop: one for connecting to my domain in office, one for connecting from my Home Wi-Fi network, and one for connecting from a public network (specially while waiting at the airports furing delayed flight schedules).

There are lot of other features relating to IPSec, Custom Authentication Rules, Security Wizard for creating Security Rules, etc. but I think they would not appeal much to the general public so I’m keeping them off the list.

The bottom line is that the Vista Firewall is no longer Basic.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.