- slide 1 of 5
In this Windows Vista Firewall review, I will cover the following:
- Cost of Vista Firewall
- Vista Firewall installation and configuration impression
- Vista Firewall operation and effectiveness
- Verdict: what's the recommendation?
- slide 2 of 5
The cost of the Vista Firewall
If you've recently purchased a computer and it has the Windows Vista operating system, then you already have it. As such, there is no additional cost to you.
- slide 3 of 5
Installation and Configuration
In this aspect of the firewall, there are three areas: general, exceptions, and advanced.
The General tab has configurations to turn on or off the firewall. Specifically, there you will find that it comes pre-configured set to "ON (recommended)". If you want added protection, check the option "Block all incoming connections"; this will keep unsolicited connections from your computer. The only other setting is "OFF", and this isn't recommended. This is pretty much it. Note that the "ON" setting only means that, except for the "Exceptions", the firewall will block all outside sources from connecting to your computer (i.e. inbound blocking). However, in Vista outbound blocking isn't set. I repeat, outbound blocking isn't set.
In the Exceptions tab, you will find a list of programs or ports that are exceptions to any block rules. Here you can add new programs or if you know the port, add the port to any block exceptions. There is even an option to notify the user if the firewall blocks a new program.
The third and final tab is the Advanced tab. There you can specify which interface (Local Area connection or Wireless Network connection) you wish to apply the firewall protection. It is relatively simple; just put a check mark next to the type of network connection that needs firewall protection.
I've worked with consumer personal firewall class products before, and because the concepts and technology behind firewall is beyond most users' comprehension, I can understand why Microsoft has kept things this simple. Typical users would just get lost if it got more technical than this. As it is, some of the terms already shown are terms that are foreign to most typical computer users.
The good news though is that for the more technically adept users, Vista's firewall comes with advanced settings that can be manipulated to a level of detail that would fit most geeks' needs. The advanced features of the Vista firewall can be launched from the Administrator Tools section in the Control Panel. The user interface can be accessed by opening the Windows Firewall with Advanced Security, or by running wf.msc from the RUN command.
Through this Advanced Security interface, one can control inbound and outbound rules under three profiles: Domain, Private, and Public. The Domain profile is intended for work. The Private profile is typically used for the home network, and the Public network is for any other network that is neither work nor home.
- slide 4 of 5
Operation and Effectiveness
For most typical users, the basic user configuration of having the firewall ON and blocking all incoming connections is sufficient. The option to inform the user when a new program is blocked by the firewall (found on the bottom of the Exceptions tab) is also sufficient for most users. In combination with Windows Defender (also built-in to Vista), it is OK, but is potentially susceptible to malware that is already on the computer that "phones home" to the Internet. To plug this hole, most users would need some sort of user-friendly product to do outbound blocking. This is essential since non-technical users do not have the know-how to understand and manage the detailed firewall settings that would be needed to make outbound blocking work on Vista.
On the other hand, very technical users can easily figure out how to enable outbound blocking. The Vista firewall makes this very possible through its advanced security features which allows one to completely limit only known applications from initiating Internet network connections. I"ve done this to one of my Vista computers, and I've completely limited network connections to only certain trusted computer applications. Configuration of the advanced firewall settings from a network techie's standpoint is relatively easy and very flexible, as I have learned.
- slide 5 of 5
This Windows Vista Firewall review has determined that for non-technical users, the firewall needs to be augmented with a third party user-friendly outbound-blocking product. Without this, the typical computer user would be totally incapable of understanding firewall setting and would be susceptible to malicious outbound Internet communication of an already infected computer! There are many outbound blocking solutions out there. Zone Alarm is such a solution.
For the network techie, however, the Vista firewall is more than enough to do the job. It is flexible and easy enough to setup, and it could easily add to ones' layered computer security solution.