Protect your PC with Windows Vista firewall

Understanding and editing rules
But why would a change in firewall rules be necessary? Various programs require access to the internet or network. This includes webcam software, FTP programs, instant-messaging tools, file uploaders,
file-sharing applications and many more.

If any such program attempts to make use of an available network connection in a manner that is not catered for by an existing firewall rule, there is a possibility that it will be automatically blocked and the associated task will not function properly.

Should you find that any internet or network-related programs are not working to their full potential, it is likely that a firewall rule is to blame. Although Windows Firewall will usually display a warning when a program is blocked, this is not always the case.

In both instances there are likely to be a number of rules already in place and these can be exported for reference so the original set of rules can be reinstated if necessary. Select either Inbound or Outbound Rules and click the Export List link in the far right Actions pane. If this pane is not visible, click the last button in the toolbar to display it, or click the fifth button to access the Export option.

After typing a suitable name for the file, use the ‘Save as type’ dropdown menu to indicate whether a text file or comma-separated values (CSV) file should be created before clicking Save.

It is likely that the list of rules displayed is quite lengthy, but not every one that is displayed is currently active. There are a number of rules that have been predefined but not enabled. To see which rules are enabled, click the ‘Filter by State’ link in the right-hand Action pane and select ‘Filter by Enabled’ from the menu that is displayed. To return to the full list of views, simply click the Clear All Filters link.

Creating new rules
Creating new rules is a relatively simple process that is made easier by the existence of a wizard. In the three-step guide How to create new firewall rules, below, we show you how to use the basic Windows Firewall Control Panel to create new rules for inbound connections but the more advanced tool must be used to work in outbound connections. The first thing to do to help increase security is to block outbound connections for which a rule has not been created.

In the Windows Firewall with Advanced Security window, click the Properties link in the right-hand pane. Move through each of the first three tabs in turn – ­ Domain Profile, Private Profile and Public Profile – ­ and select Block from the dropdown menu that appears next to the ‘Outbound connections’ label before clicking OK.

Now the default setting has been configured, additional rules can be created to permit suitable traffic. Make sure that the Outbound Rules section is selected and click the New Rule link in the right-hand Action pane.

The most basic type of rule relates to individual programs. Select the Program option from the first page of the wizard and click Next. Click Browse, select the executable file that relates to the program for which outbound connections should be enabled and click Next. Select ‘Allow the connection’ and click Next followed by Next before entering a name for the rule and clicking Finish.

How to create new firewall rules

1. Open Windows Firewall from the Control Panel and click the ‘Allow a program through Windows Firewall’ link to the left. A number of predefined rules for programs and services can be enabled by simply ticking the box next to the relevant entry in the list.
2. To enable network access for a particular program, click ‘Add program’ followed by Browse and double-click the relevant executable file. By clicking the Change Scope button, it is possible to grant the program unlimited access to the internet, or only to devices on the local network.
3. To open a particular port for use by any program, click ‘Add port’ and type a suitable name. Enter the port number and then select either TCP or UDP as appropriate (check the software’s documentation for details). The ‘Change scope’ button can be used in the same way as described in the previous step.

Opening ports
A similar technique can be used to enable outbound connections through particular ports. Select the Port option in the wizard and indicate whether the rule relates to TCP or UDP ­ – you’ll need to check the software’s documentation for guidance. Type the relevant port numbers in the text box and work through the rest of the wizard.

The wizard also includes entries for a number of frequently used rules that relate to common networking activities. To save having to manually configure program or port settings, select the Predefined option and use the dropdown menu to select the service that should be enabled before working through the wizard as normal.

More advanced users may wish to make use of the option to create custom rules. These can be applied to all programs or just one, and make it possible to define which ports and protocols can be used. Custom rules can also be used to create different scenarios for computers on the same network based on their IP address. Although this may sound difficult, the wizard makes the whole process pretty easy.

Creating a comprehensive set of firewall rules is not necessarily something that can be achieved quickly – ­ depending on which software is installed and how your computer is used there may be a very large number of rules to create.

To ensure all the rules required for complete security are created, the best course of action is to disable all outbound connections as described above and then create exceptions as and when they are required ­ – this is by far the safest way to ensure that only desirable traffic is permitted. Should a program not function properly, it is possible that a suitable rule has not been created.

Boost your security
Although firewalls are an essential component of any computer’s security arsenal, they are often viewed as complicated. While it can be something of a lengthy process to create all the rules required to ensure that only legitimate traffic is permitted, and a degree of research may be necessary, the process need not be overly complex. Windows’ own firewall may at first seem a little limited but delve beneath the surface and there are a range of hidden settings that can be used to bolster security.

Baffled by jargon? See our free online jargon buster