A powerful Windows built-in firewall

While the firewall included with Windows XP was the brunt of many jokes, there is no joking about the power of the Windows 7 firewall! First of all, the firewall knows the difference between your office, home, and hot spot networks and can protect your computer accordingly.

In fact, the firewall is now referred to as the Windows Firewall with Advanced Security.

Your IT professionals have a great deal of control over what is, and is not, allowed into your computers. Furthermore, there is a great deal of control over what information is allowed out of a machine. These advanced settings can make the difference between your network being infected or not.

In case you wonder, your IT professionals can keep those users from modifying the firewall settings on their own. And, because of robust support for something IT professionals call GPOs, your IT professionals can configure all or even a subset of the computers in your organization rapidly and with just a moment’s notice.

As an executive, unless you already have a robust firewall in place, the “already included with Windows 7” firewall is worth serious consideration.

Please post your comments on this blog.


2 Comments

  • Joe M March 5, 2012 at 3:25 pm - Reply

    It’s still only a software firewall. If I can kill the service, I can kill your firewall. Every good hacker either crashes or disables this service as part of the initial compromise. If you are serious about security you need a packet level hardware firewall that inspects every packet BEFORE it gets to your PC.

    • Mike Foster March 5, 2012 at 11:18 pm - Reply

      Thank you Joe! Yes, anything that filters out attacks before the attack arrives at the computer is always preferable.

      The packet level hardware firewall you refer to watches those packets’ addresses, port, and protocols – up through the network layer. Many home users, including executives who read this blog, already have a packet level hardware firewall as part of their home internet connection. And just so the executives who read this blog know too: he firewalls are not always configured for optimum protection by default.

      Email and Internet filtering features of modern firewalls or other services – external to the client computer – help a great deal as well.

      Client software firewalls, other than the fact that they are services running on local computers, can otherwise offer even more security than the packet level firewall. These client firewalls often monitor actual applications and services on the client itself. Even the “free” Windows 7 firewall is very helpful on clients.

      Killing a local firewall service is one more step for an attacker to go through, and proper configuration can help make this very difficult, though attacks become much easier when a user interacts with, for example an email link, attachment, or falls for some social engineering attack. And, unfortunately, users are pretty easy to dupe.

      Like you said, to be serious about security, there are many links in the chain. Both hardware and client firewalls are so important, as are patches, proper user account management, and so many other security measures.

      Thank you for taking interest in helping executives be more secure via offering your input about using a hardware firewall too!

Leave a Reply

Your email address will not be published. Required fields are marked *