Learn what a firewall is, why you need a firewall, how to allow or deny programs or features through the Windows 7 firewall, and how to open or close ports.
Before you make any decisions on configuring the Windows 7 firewall it’s very important that you know at least the basics about firewalls so that you don’t unintentionally compromise your computer’s security. Before you start giving programs or features access to the Internet and opening or closing ports, read through this guide to make sure you understand firewall basics.
What’s in this guide:
- What is a firewall and how does it protect my computer?
- Do I still need the Windows firewall if I have a router-based firewall?
- How to allow or deny programs and features through the Windows 7 firewall.
- How to open or close ports in the Windows 7 firewall.
- What else besides a firewall do I need to protect my computer?
What is a firewall and how does it protect my computer?
A firewall in computer terms is a hardware device (router) or software (Windows firewall) that sits between your computer or network and the Internet and protects your computer or network from outside intruders.
You can picture a firewall as a brick wall between your computer and the Internet that protects your computer from intruders. Each brick would be called a port. There are about 65,000 ports in all. Each program that needs Internet access uses a specific port or range of ports to communicate between your computer and the server on the Internet. Web traffic (Internet Explorer or Firefox) uses port 80 for instance. A firewall that allows only web traffic through would leave port 80 open while keeping all the other ports closed.
The Windows firewall is a stateful firewall which is a lot smarter than just leaving a port open all the time. It closes all ports that are not necessary and keeps track of the state of network connections. You wouldn’t leave you house open all the time right? You choose who enters your house by keeping the door closed and locked. People you choose are let in or have a key to let themselves in. A stateful firewall works the same way.
For example: Windows 7’s stateful firewall keeps port 80 (Internet traffic) closed. If you browse to a website the firewall will let the traffic out and remember what website you were attempting to browse to. When the website is pushed to your computer from the Internet, the firewall remembers “Oh yeah, Brent was browsing to this website.” and it lets the traffic through.
Do I still need the Windows firewall if I have a router-based firewall?
Yes, and this is why:
Router-based firewalls only provide protection from computers on the Internet, not from computers on your home or business network.
For example: Your router-based firewall will keep a hacker out of your home or business network. What if you browse to a website that has code that attempts to install a virus, maybe you unintentially download some cool free game that is bundled with spy-ware, or open an e-mail with a worm attached to it. The router-based firewall will let them in because you asked for the website, game, or e-mail. Don’t confuse a firewall’s capabilities with antivirus software. Sure, a firewall can stop some viruses from spreading, but it doesn’t actively seek viruses like antivirus software does.
If one of the computers on your home or business network is infected with a virus the Windows firewall will keep the virus from hopping from computer to computer within your home or business network. The Windows firewall is an extra layer of protection to threats that make it in your internal network.
Opening Ports and Allowing Programs and Features through the Windows 7 Firewall
The Windows 7 firewall protects your computer by only allowing traffic for trusted programs and features (recommended method of managing the firewall) or by opening specific ports (for advanced users).
Allow, Deny Traffic for Specific Programs or Features
The Windows firewall does a very good job at managing what programs and features should be allowed through the firewall but sometimes you need to allow an unknown program or feature.
The recommended method of configuring the Windows firewall is to give programs (Internet Explorer) or features (Homegroups) access through the firewall instead of opening ports. The port the program or feature need to communicate stay closed unless the port specifically need to stay open. When traffic for allowed programs or features crosses the firewall it will temporary open the necessary ports and allow the traffic through.
- How to Allow a Program through the Windows 7 Firewall
- How to Prevent a Program from Accessing the Internet Using the Windows 7 Firewall
Open, Close Ports
If you set up Windows 7 as a web server you will need to keep port 80 open (used for web traffic) all the time so that it can listen for requests from people trying to access the web site hosted on your server.
Opening and closing ports should only be done by people who fully understand what they are doing. An open port can make you computer less secure.
What else besides a firewall do I need to protect my computer?
- Turn on Windows Updates
- Get a good antivirus program
Still need help? Ask your computer question now.