How To: Create Advanced Rules in the Windows Firewall

Screenshot - 29_7_2014 , 5_44_39 πμ

 

In case you would like to protect your PC from malware, which want to gain access to your personal data through the Internet, you can use Microsoft’s firewall that is preinstalled in Windows. Windows Firewall is a great program, due to its various features and its multiple profiles. To be more specific, this firewall can prevent your apps from accessing the Internet, reduce the traffic to specific ports and IP addresses and you will also be able to create your own firewall rules.

As i mentioned above Windows Firewall has many profiles. These profiles are Home, Work and Profile. Furthermore, you can create firewall rules for each profile. As a result, those rules will apply to both private and public networks. However, we should inform you that you will have to access the firewall’s Advanced Security interface, in order to use all the features above. Therefore, let’s see how you can access that interface and use every feature of Windows Firewall.

Access the Advanced Security Interface of Windows Firewall

Fortunately, there are many ways to have access to the Advanced Security interface.

  • Firstly, you Advanced Security window can show up, when you click the Advanced Settings link, which is in the sidebar of the Windows Firewall control panel.

Screenshot - 29_7_2014 , 5_44_39 πμ

  • Alternatively, you could type Windows Firewall in the search box of the Start menu and then choose the Windows Firewall with Advanced Security option from the displaying list.

Screenshot - 29_7_2014 , 5_44_39 πμ

Configure Network Profiles

As i menioned earlier, there are three different profiles that you can use. The Home profile, which is useful when your PC is connected to your a domain, the Private profile that can help you, when you are connected to a private network like a work or home network and the Public profile, which you can use when you establish a connection to a public network, such as a public Wifi access point or a direct Internet connection.

Screenshot - 29_7_2014 , 5_44_39 πμ

  • Click on the Windows Firewall Properties link, so that you will set up a firewall profile.
  • Once you do it, the Properties window will show up, in which you will notice that it contains a tab for every profile. It also allows outbound connections for all firewall profiles by default. However, you can block all those outbound connections and create rules that allow connections with a few particular networks. These kinds of rules apply only to their profile, so you will have to use a whitelist on a few specific networks.

Screenshot - 29_7_2014 , 5_44_39 πμ

NOTE: When an outbound connection is blocked, you will not get a notification about it.

Create Rules

  • If you want to create Inbound or Outbound rules, you should first select their category, shown on the left side menu of the Advanced Security window.
  • Then click on the Create Rule link on the right side of the window.

Screenshot - 29_7_2014 , 5_44_39 πμ

  • You will be asked which type of rule you would like to create. The available rule types are the following:
  1. Program type: You can either block or allow a program.
  2. Port type: You will block or allow ports, port ranges and protocols.
  3. Predefined type: You can use a rule that is included in Windows by default.
  4. Custom type: You will block or allow a specific list of ports, programs and IP addresses.

Screenshot - 29_7_2014 , 5_44_39 πμ

Block a Program

Let’s see how you can block a specific program from connecting to the Internet.

  • First of all, select the Program type from the Rule type window. After this, click on the Browse button and locate your program’s exe. file.

Screenshot - 29_7_2014 , 5_44_39 πμ

  • On the next screen choose the Block the connection option.

NOTE: If you have blocked all your programs by default, you could select the Allow the connection option to let them gain access to the Internet.

  • Click Next to continue with the process.

Screenshot - 29_7_2014 , 5_44_39 πμ

  • On the Profile screen you can choose the profile, in which your rule will apply. By default, a newly created rule can apply to all available firewall profiles. Therefore, you could either uncheck the boxes of the profiles that you do not want to follow your rule, or leave them checked, in case you want your rule to apply to all of them.

Screenshot - 29_7_2014 , 5_44_39 πμ

  • On the last screen you will have the chance the name your rule, in order to identify it easily in the future, and write an optional description in the available blank field.

Screenshot - 29_7_2014 , 5_44_39 πμ

NOTE: Your newly created Firewall rules will apply to your selected profile(s) immediately. They will also show up in the list of rules, in case you want to disable or delete them.

Restrict the Internet Access of a Program

There is an alternative method to block the Internet connection of a program. Furthermore, you will need to restrict the ports and IP addresses, with which it has Internet connection. For instance, if you have a server program that you want to force it to have access only from a specific IP address, you can use achieve it by completing the following steps.

  • Go to the Inbound rule list and click the New Rule link from the right side of the screen.
  • Then select the Custom option from the Rule types menu, shown on the next window.

Screenshot - 29_7_2014 , 5_44_39 πμ

  • On the Program screen select the application that you want to restrict, In case the desired program works as a Windows service, click the Customize button and choose the service from a specific list. If you want to restrict the Internet access from all your applications, select the All programs option. As a result, all your apps will be forced to work with a specific port range or IP address.

Screenshot - 29_7_2014 , 5_44_39 πμ

  • Next, select a protocol type and a specific port from the Protocol and Ports panel.

Screenshot - 29_7_2014 , 5_44_39 πμ

  • On the Scope panel you will choose the IP addresses, in which your rule will apply to. For example, in case you want your server to connect with a specific IP address, you should enter it in the remote IP address blank field.

Screenshot - 29_7_2014 , 5_44_39 πμ

  • On the Action tab, choose the Allow the connection option for your selected ports and IP addresses.

Screenshot - 29_7_2014 , 5_44_39 πμ

NOTE: Before creating the rule, you should first make sure that there is not another one, which can negate its effects. For example, if there is already a rule that allows all inbound connections of your server application, the rule you want to create will be useless.

  • Then you will have to specify the profile(s), in which the rule will apply to. This step is the same regardless the rule type you have chosen.
  • Finally, you will have to name your rule. You could also write a description for the rule, but this step is not necessary.

The rule will take effect immediately.

Although the Windows Firewall is not as handy as other third-party firewall apps, it offers a great variety of useful features by default. Therefore, if you devote a small amount of time to go through the program, you will not have to install a third-party firewall.