Windows Firewall is a built-in security tool you would never regret to have, even if you do not know what it is and what for. It is designed to protect your computer from hackers attacks from outside, that is not always solely Internet — local network (LAN) could be also an area where you want to be alerted. Firewall can also protect, if some malware is already planted and trying to communicate out of your machine. The latter is very unlikely though, that is once your machine is infected, the virus would most probably find a way to break silently through the firewall. I once already explained how to configure Windows Vista firewall to filter outbound traffic [article link "Tweak Windows Firewall"]. Since then I expect Windows 7 firewall to be even more convenient and maybe more functional, let’s check.
Let’s see what we can learn from popular books. Let’s start with Windows 7. The missing manual. By David Pogue, Published by O’Reilly Media, 2010. At first it gives a nice definition of the firewall: “The firewall acts as a gatekeeper between you and the Internet. It examines all Internet traffic and lets through only communications that it knows are safe; all other traffic is turned away at the door.” But then on page 363 it describes the outbound versus inbound topic, where to my big surprise I see the following: “Windows Vista didn’t have an outbound-blocking firewall at all.” That’s wrong, Vista had almost the same firewall that Windows 7 has. Good suggestion for the errata, I think. But anyway, the author is right about the firewall: outbound-blocking feature is turned off by default. Why? “The theory is that if your PC is locked down tight enough with antivirus software, antispyware software, and an inbound firewall, you won’t get any infection that could send outbound signals in the first place.” That’s a fair explanation, but a bit too general for a book like that. Otherwise, there is a good guide in the book of how to tweak Windows firewall. One good point I would like to quote: “there’s no harm in having both a hardware and software firewall in place. In fact, having the Windows Firewall turned on protects you from viruses you catch from other people on your own network (even though you’re both “behind” the router’s firewall).” The book gives an interesting link to Microsoft TechNet library article Windows Firewall with Advanced Security Getting Started Guide, where you can learn a lot of interesting stuff. For example, I was wondering why my Avast Internet Security 5.0.677 did not disable the Windows Firewall once it has it’s own. As it turned out, that is a new feature in the Windows Firewall that it coexist with third party firewalls: