You are on a network protected by a firewall. How to protect your computer from malware with Windows built-in protection

A firewall is software or hardware that prevents hackers and certain types of malware getting to a computer via a network or the Internet. Its action is to verify information received from the Internet or local network, and blocking them or allowing access to the computer.

Firewall is not the same as antivirus or anti-virus software malicious code... The firewall provides protection against Internet worms and hacker attacks, antivirus software provide protection against viruses, and anti-malware applications provide protection against malware.

All of these types of applications are required on a computer. You can use the Windows Defender antivirus and anti-malware software that comes with the package Windows systems 8 or another antivirus that protects against malicious code.

It is sufficient to install one firewall application on the computer (except for the built-in firewall of the network router). Using multiple firewall applications on a computer can cause conflicts and problems.

Windows firewall included in the system by default.

This image shows how the firewall works:

  • Firewall is enabled for all network connections.
  • The firewall blocks all incoming connections except those that cannot be denied.
  • Firewall is enabled for all types of networks (private, public or domain).

Note: Windows RT or Windows 8 computers cannot be joined to the domain. Domain joining is supported only for computers running Windows 8 Pro or Windows 8 Enterprise.

Turn Windows Firewall on and off

It does not follow turn off Windows Firewall if no other firewall is enabled. Disabling Windows Firewall can leave your computer (and your network, if present) more vulnerable to attacks by hackers or worms.


Note: If the computer is connected to a network, network policy settings may prevent these actions from being performed. To get more detailed information, contact your administrator.

Windows Firewall Settings

There are four settings that can be configured for each type of network (public, private, or domain). To find these options, follow these steps:

  1. Open Windows Firewall.
  2. Click on Turn Windows Firewall on and off.

The following describes what these parameters are for and when to use them:

  • Turn on Windows Firewall... This option is selected by default. If Windows Firewall is enabled, most applications are blocked from receiving information. For the firewall to accept information, the application must be added to the allowed list by following the steps in the next section. For example, receiving photos in an instant message may not be possible until the corresponding application is added to the list of approved applications.
  • Block all incoming connections, including applications in the list of approved programs. Using this parameter blocks all unauthorized attempts to connect to the computer. This provides maximum protection for your computer, for example, when connected to a public network (at a hotel or at an airport). If all incoming calls are blocked, you can still browse most web pages and send and receive messages Email as well as exchange instant messages.
  • Notify, when Windows Firewall is blocking a new program... When this box is checked, Windows Firewall will inform you about blocking the application and provide you with the option to unblock it.
  • Disable Windows Firewall (not recommended)... Do not use this option unless another firewall is running on your computer.

Note: If some of the firewall settings are unavailable and the computer is connected to a domain, it is possible that an administrator is controlling these settings through Group Policy.

Permission to receive information through applications

By default, most applications blocked by Windows Firewall to improve the security of your computer. However, some applications for correct work you may need to be able to get information through a firewall.

Before you give an application permission to receive information through a firewall, you need to consider the related issues.


Opening a port in Windows Firewall

If Windows Firewall is blocking a program that you want to allow receiving information over the Internet, then this is usually done by adding the program to the list of allowed, as described in the previous section.

However, if the program is not listed, you may need to open the port through which the program receives data through the firewall. For example, if you intend to use an application to play multiplayer online with friends, you may need to open a port for that application in order for the firewall to allow game information to enter your computer.

The ports remain open all the time, so close the ones you don't need.


In addition to the regular Firewall, the operating system has an additional Firewall - Windows Firewall with Advanced Security. In fact, they are one and the same person. The only difference between them is that the first one provides the user with rather small options for configuring the Firewall rules. But these features are more than enough for the main crowd of users, most of whom have not seen this one before their eyes. For example, so that the functionality of a regular Firewall is perfect. But, and for more sophisticated users who need more flexible settings for Firewall rules, Windows Firewall with Advanced Security was created.

How to open Windows Firewall with Advanced Security

To do this, you can use one of several methods. I will describe three of them:

  1. It is stupid to hammer the name of this tool into the search.
  2. Walk the path Control Panel \ System and Security \ Windows Firewall and press the button Extra options.
  3. Open the MMC console and add the required tool there. Then run it from there.

Also, many people ask the question "How to disable the Firewall with Advanced Security". So, as I already said, these two tools are one and the same person, only their functionality differs. Therefore, the correct question to ask is "How to disable Windows Firewall". To do this, in the Windows Firewall window, you need the Enable or Disable Windows Firewall button.

Features of Windows Firewall with Advanced Security

Windows Firewall with Advanced Security allows you to create the following rules:

  1. Separately configure rules for both inbound and outbound traffic.
  2. Create Firewall rules based on different protocols and ports.
  3. Configure network communication rules for services. Let me remind you that Windows Firewall allows you to configure rules for applications only.
  4. Created rules can only apply to specific IP addresses online.
  5. It is possible to pass only authorized traffic.
  6. Configure connection security rules.

How do I create a Firewall rule based on inbound or outbound traffic?

To create a Firewall rule for inbound only or outbound only, you need to open Windows Firewall with Advanced Security. In the window that opens, in the console tree, you will see several nodes. The nodes we need are named Inbound rules and Outbound rules, respectively. When you press right click mouse on one of these nodes, a context menu... We will be interested in the first command named Create rule... After clicking this button, you will go to the window for creating a rule, which you must create yourself, based on your wishes. Here you will be asked to specify the type of binding of the created rule, including:

  • For the program
  • For the port
  • Predefined
  • Customizable
Creating a rule for a program (application)

You can enable or disable the exchange of data over the network for a specific application if you get to the window where we left off in the previous paragraph. Then you need to select the item For the program... In the next window, you must select either all programs, or a specific one.

Creating a Firewall Rule for a Port

The process for creating a port rule is identical to the process for creating an application rule. The only difference is that in this case you need to select the second item with the name For the port... This rule allows you to open or close the work of a port for TCP protocol or UDP. Therefore, in the next window you need to select the protocol and port for which you are going to create a rule.

Activating predefined Windows Firewall rules

In Windows, several dozen rules have already been created by default, which quite often can be applied by both the user himself and the operating system. To see and activate these rules, you must select the third item - Predefined... These rules are not activated by default, but they can be activated at any time. These rules will come in handy when the user wants to use some Windows function, for example, y or use. To activate these functions, the user will have to perform some actions (the description of which is not included in this article). When configuring these functions, the operating system will send a signal to the Windows Firewall that, they say, it is necessary to activate a package of predefined rules. Which will happen. In case of failure, or on personal initiative, the user can do it manually.

Customizable Firewall rules

And finally, the most sophisticated rules: customizable. The item with this name must be selected in order to be able to configure a rule for a specific application that will use a specific port, and restrict the application of this rule to specific ones. That is, the user will have the most complete access to creating rules, which is what Windows Firewall with Advanced Security is famous for.

Allow or deny connections and select network types

The above four ways to create and bind a Firewall rule do not end where I described them. After the actions that will be performed for each of the described methods, you must select two additional settings:

  1. Allow or deny data exchange for the selected rule type.
  2. Select the types of networks () for which the selected rules will apply.

In the first window, you need to either allow traffic completely, or allow only safe traffic, or completely deny traffic. In the second and last window, you need to check the boxes opposite the three types of networks. The presence of a tick next to the network will mean that this rule will be applied in this type networks.

This is such a wonderful functionality that the Windows operating system provides to its users in the form of an equally excellent tool Windows Firewall with Advanced Security.

The firewall, or the so-called firewall, is designed to check and filter information from the network and it is a must to know how to configure the Windows 7 firewall.

If any unauthorized actions occur in the security system personal computer, making it vulnerable to attacks by hackers and various virus programs - the firewall suppresses them.

If you remember how to configure the Windows XP firewall, you can easily cope with the seven. First of all, you need to launch the control panel using the "Start" button, which is usually located in the lower left corner of the monitor screen.

In the window that opens, in order to configure the firewall, we need to select the sub-item "system and security", and if you have another windows version 7 - go directly to the "Windows Firewall" tab.
Provided that you have already installed the antivirus, just turn off the windows 7 firewall, and if you have not already installed it, feel free to turn it on, it will protect your system from all sorts of troubles, such as viruses and hackers, as it will lower it. In order for the firewall to work on the corporation recommended Microsoft settings, you need to operate the menu item "Enable / Disable Windows Firewall".

On the next tab, in fact, the protection is enabled or disabled.

To enable, just mark the items highlighted in the screenshot and click OK.

It also happens that the firewall blocks the operation of some programs or applications, for this you need to ask him to "make an exception for you." Go back one step and follow the tab marked in the screenshot with a red frame:

Here we put a checkmark in front of each program that we want to add to the exceptions.

If you want to work in the Windows 7 system with increased security, you need to additionally configure the firewall, as required by Microsoft. Go back one step and click on the "Additional parameters" tab.

In the window that opens, the setting takes place additional parameters, such as connection rules (you can create your own) and domain profile.

So we configured the firewall operating system Windows 7, and if you still have any questions, I will be happy to answer them. Just use the comments on the article for this.

9 comments to “How to configure Windows 7 Firewall”

  1. Victor

    Unable to delete home group- the firewall is not configured correctly. In automatic mode, it is not corrected, but in manual mode it fails.

  2. Albert

    I have home laptop hp elitebook 8570p I installed Google via Mozilla Firefox52 in the Allow programs to communicate through windows firewall section I need to mark 44 programs correctly, but I don’t know how to do this, they might be superfluous so they print 1.Wireless portable devices 2.Windows remote management 3 .Windows peer to peer collaboration foundation 4.Windows media player network sharing service (internet) 5.Windows media player network sharing service6.Windows media player (I need a tick) 7.Windows management instrumentation (wmi) 8.Windows firewall remote management9 .Windows communication foundation10.Windows collaboration computer name registration service11.tcpsvcs system12.tcpsvcs system13.SNMP trap14.Secure socket tunneling protocol15.Routing and remote access16.Remote volume management17.Remote service management18.Remote scheduled tasks management19.Remote event log management20.Remote desktop-remoteFX21.Remote desktop22.Remote assistance23.Performance logs and alerts24.Net working-timestamp request (ICMPv4-in) 25.Networking-router solicitation (ICMPv4-in) 26.Networking-redirect (ICMPv6-in) 27.Networking-redirect (ICMPv4-in) 28.Networking-address mask request (ICMPv4- in) 29.Network discovery30.Netlogon service31.Mywifidhcpdns32.Media center extenders33.Key management service34.iSCSI service35.Homegroup36.Firefox (c / program files / mozilla firefox) checkbox is needed 37.File and printer sharing38.Distributed transaction coordinator39.Core networking40 .Connect to a network projector41.Branchcache-peer discovery (uses WSD) 42.Branchcache-hosted cache server (uses HTTPS) 43.Branchcache-hosted cache client (uses HTTPS) 44.Branchcache-content retrieval (uses HTTP)

  3. Andrew

    When trying to access mailbox in the search engine yandex or mail.ru it is included that the page or object is unavailable. Power on succeeds after several attempts

  4. Boris

    I have Windows 7. Start to pop up the "Disable advanced PCAP logging" window. It does not work. Help solve the problem.

  5. Allama

    Skype connection fails when firewall is on

  6. John

Protecting Windows 7 from network threats provides a special system service - firewall. It is sometimes also called a firewall or personal firewall. Microsoft does not recommend that you stop using Defender, but if you have installed a third-party firewall, you can turn off the firewall in Windows 7. Sometimes you might also want to whitelist some programs in the Network Defender.

What is a firewall and why is it needed

The main purpose of this built-in utility is to filter Internet traffic. It uses a set of predefined rules to identify suspicious activity. Potentially dangerous connections are blocked, preventing attackers from gaining access to the user's computer. Restrictions can be applied to the sending of outgoing packets. Thus, the confidentiality of the data stored on the hard disk is ensured.

Similar functionality is present not only in the operating system, but also on most router models. Between embedded windows defender and the firewall of the router there is a fundamental difference. When this function is activated on the router, the network security of all home devices is ensured, not just one PC. There are also individual programs with similar functions that are not included in the firmware of the router and the delivery set of the "seven".

Note! Firewall and antivirus should not be confused. The second type of applications has a different functionality, since it does not analyze network activity, but user files and code running programs... IN Microsoft systems there is a separate antivirus service - Windows Defender.

How to enable and configure the firewall

This component of the system is automatically turned on after its installation. Therefore, no additional steps are required to activate the service. That being said, you can easily check its current status. It is enough to open the control panel, then select the item "Windows Firewall". Other actions can be performed in this section:

  • Disable Firewall in Windows 7.
  • Review the current settings.
  • Restore the recommended properties of the online defender.
  • Change the order in which notifications about service activity are displayed.

If the service is disabled, on home page settings, its status will be displayed in red. To enable protection, click the Use Recommended Settings button. For a more subtle configuration, go to the menu on the link that allows you to enable / disable the defender. This setting consists in separating firewall parameters when connecting to home and public networks. The second type of connections usually requires stricter approaches to the security of data transmission.

Important! If blocking connections interferes with the correct operation of the application you need, add it to the list of exclusions. This is done on separate page, which can be enabled through the menu on the left side of the window. Check the boxes next to the program name, then save the settings.

How to disable firewall in Windows 7

You can disable the utility through the same control panel item in which Network Defender is configured. The system allows you to completely disable the firewall or stop it only on private / public networks. After turning off the defender, the OS will regularly display warnings and offers to turn it on. To get rid of these messages, use the notification settings section.

To speed up your computer, it is also recommended to disable a similar service in the operating system. To do this, you need to enable the Start menu and type "msconfig". Next, open the proposed program and go to the "Services" tab. All are displayed here background processes, automatically launched when the OS boots. Find a service with an appropriate name and uncheck the box next to it. Then apply the changes using the button at the bottom of the window.

Important advice! The system configuration utility can also be enabled by pressing the "Win + R" key combination (execute). In the window that appears, enter the name "msconfig" and click "OK".

Helpful Video: Disabling Protection in Windows 7

Read also:

Parental Controls in Windows 7: Limiting Internet Information for Kids
Windows 8 Parental Controls: Programs and How to Configure Them for Security

Security is one of the main criteria for the quality of the network. An immediate component of its provision is correct setting firewall(firewall) of the operating system, which is called a firewall on Windows computers. Let's find out how to optimally configure this protection tool on a Windows 7 PC.

Before proceeding with the configuration, it should be borne in mind that if you set too high protection settings, you can block browser access not only to malicious sites or close virus programs access to the Internet, but also complicate the work of even secure applications, which for some reason will raise suspicion of the firewall. At the same time, if you set an underestimated level of protection, there is a risk of exposing the system to a threat from intruders or allowing malicious code to penetrate your computer. Therefore, it is recommended not to go to extremes, but to use the optimal parameters. In addition, when adjusting the firewall, you should take into account what kind of environment you are working in: in a dangerous (world wide web) or relatively safe (internal network).

Stage 1: Go to Firewall Settings

Let's immediately figure out how to go to the firewall settings in Windows 7.


Stage 2: Activating the firewall

Now let's look at the direct procedure for configuring the firewall. First of all, the firewall must be activated if it is disabled. This process is described in our separate article.

Stage 3: Adding and Removing Applications from the Exclusion List

When setting up a firewall, you need to add those programs that you trust to the list of exclusions for their correct operation. First of all, this concerns the antivirus, in order to avoid a conflict between it and the firewall, but it is quite possible that it will be necessary to do this procedure with some other applications.

  1. In the left part of the firewall settings window, click on "Allow launch ...".

  2. A list of installed on the PC will open. software... If in it you did not find the name of the application that you are going to add to the exclusions, you need to click on the button "Allow another program"... If you find that this button is inactive, click "Change parameters".

  3. After that, all buttons will become active. You should now be able to click on the item "Allow another program ...".

  4. A window with a list of programs will open. If the required application is not found in it, press "Overview…".

  5. In the window that opens "Explorer" move to that directory hard disk where the executable file is located desired application with the extension EXE, COM or ICD, select it and press "Open".

  6. After that, the name of this application will be displayed in the window "Adding a program" firewall. Highlight it and press "Add".

  7. Finally, the name of this software will appear in the main Add Firewall Exceptions window.

  8. By default, the program will be added to the exclusions for home network... If you need to add it to the exceptions of the public network, click on the name of this software.

  9. The window for changing the program will open. Click on the button "Types of network locations ...".

  10. In the window that opens, check the box next to "Public" and press "OK"... If you want to remove the program from the home network exceptions at the same time, uncheck the box next to the corresponding label. But, as a rule, in reality this is almost never required.

  11. Back in the program change window, click "OK".

  12. Now the application will be added to exceptions and on public networks.

    Attention! It is worth remembering that adding a program to exceptions, especially over public networks, increases the vulnerability of your system. Therefore, disable protection for public connections only when absolutely necessary.

  13. When you identify the erroneous addition of a program to the list of exceptions or find that it creates unacceptable high level security vulnerabilities from attackers, such an application must be removed from the list. To do this, highlight its name and press "Delete".

  14. In the dialog box that opens, confirm your intentions by clicking "Yes".

  15. The application will be removed from the exclusion list.

Stage 4: Adding and Removing Rules

More precise changes to the firewall parameters by creating specific rules are made through the window additional settings of this tool.

  1. Return to the main firewall settings window. How to go there from "Control panels", described above. If you need to return from the window with the list of allowed programs, just click the button "OK".

  2. Next, click on the element on the left side of the shell "Extra options".

  3. The additional parameters window that opens is divided into three areas: in the left part - the name of the groups, in the central part - the list of rules of the selected group, in the right part - the list of actions. To create rules for incoming connections, click on the item "Rules for Inbound Connections".

  4. A list of already created rules for incoming connections will open. To add a new item to the list, click on the item in the right part of the window "Create a rule ...".

  5. Next, you should select the type of rule to create:
    • For the program;
    • For the port;
    • Predefined;
    • Customizable.

    In most cases, users are required to select one of the first two options. So, to configure the application, set the radio button to the position "For the program" and press "Further".

  6. Then, by setting the radio button, you need to choose whether this rule will apply to all installed programs or only to a specific application. In most cases, you will need to choose the second option. After setting the switch, in order to select a specific software, press "Overview…".

  7. In the launched window "Explorer" go to the directory where the executable file is located for the program for which you want to create a rule. For example, it might be a browser blocked by a firewall. Highlight the name of this app and press "Open".

  8. After the path to executable file displayed in the window Rule Wizards, press "Further".

  9. Then you will need to select one of three options by rearranging the radio button:
    • Allow connection;
    • Allow secure connection;
    • Block connection.

    The first and third paragraphs are most often used. The second point is used by advanced users. So, select the option you want depending on whether you want to allow or deny the application access to the network, and click "Further".

  10. Then, by setting or unchecking the checkboxes, you should select for which profile the rule is created:
    • private;
    • domain;
    • public.

    If necessary, you can activate several options at once. After selecting, press "Further".

  11. In the last window in the box "Name" you should enter any arbitrary name of this rule, under which you can find it in the list in the future. Also in the field "Description" you can leave a short comment, but this is not required. After assigning a name, click "Ready".

  12. The new rule will be created and displayed in the list.

A port rule is created in a slightly different scenario.


Rules for outbound connections are created in exactly the same scenario as for incoming ones. The only difference is that on the left side of the advanced firewall settings window, select the option Outbound rules and only after that press the element "Create a rule ...".

The algorithm for removing a rule, if such a need suddenly arises, is quite simple and intuitive.


In this material, we have considered only the basic recommendations for setting up a firewall in Windows 7. Fine-tuning this tool requires a lot of experience and a whole baggage of knowledge. At the same time, the simplest actions, for example, allowing or denying access to the network for a specific program, opening or closing a port, deleting a previously created rule, using the presented instructions are available for execution even for beginners.