In this section, you’ll learn how to protect your Windows 10 computer.
We’ll start this first chapter by looking at how to protect your computer from external attacks by configuring the Windows 10 firewall.
Block Traffic for High-Risk Types of Access
A firewall is a software or hardware which inspects network traffic between two devices. In other words, it allows you to give access to certain traffic and deny access to others. It’s a bit like allowing the people you know into your home but keeping strangers out.
Windows has its own firewall, which is part of Windows 10.
To access it, go to "Settings > Network & Internet > Windows Firewall", or click on the icon at the bottom right of the screen, which will open Windows Security Center.
Before we start, let’s take a brief look at how the firewall works. Windows 10 divides your firewall into three parts:
A domain firewall, which monitors the traffic between your computer and the domain it’s joined to (if it is joined to a domain).
A private firewall, which monitors the traffic between your computer and the devices on the same network as you. In a company, these are your colleagues’ computers; at home, these are the other devices connected to your network, whether through Wi-Fi or Ethernet.
A public firewall, which can be considered the most important part. It monitors the traffic between your computer and the Internet. We’re going to focus on this firewall, as it deals with the most high-risk aspect.
Enable the Public Firewall
The first thing to check is that the public firewall is turned on. When the firewall is enabled:
Some traffic is authorized, such as internet traffic, and traffic necessary for certain apps which need to connect to the internet.
All other traffic is blocked.
This is the basic configuration of the Windows firewall. As mentioned above, it gives access to the traffic you recognize and blocks the rest.
To enable it, simply select it and click “On”.
Allow an App to Use the Network
This security policy, which involves initially blocking everything and then only allowing a small number of apps, could cause you some problems. Some apps need to connect to the internet or a local network. For example, a business app used in your company is likely to need to connect to a company server or to the internet.
In this case, you will need to:
Allow the app to use the entire local network, or
Allow traffic, specifying the host, destination, type of protocol, and port.
Allow an app through the firewall
To authorize an app, click on “Allow an app through firewall”, at the bottom of the Firewall & Network Protection menu.
The window that opens lists the applications installed on your computer.
To authorize an app and all associated traffic, just tick the boxes next to it.
Now let’s look at how to allow a certain type of traffic.
Allow a type of traffic through the firewall
To allow a certain type of traffic through the firewall, we need a slightly more advanced configuration. To access this, click on “Advanced Settings” at the bottom of the “Firewall & network protection” menu.
Here we are going to allow UDP and TCP traffic. To allow or block traffic, you need to find out which port it uses. For example, HTTP traffic uses port 80. You can find the port numbers used by different types in this Wikipedia article.
One scenario where you may need to allow a type of traffic on a network is when a web server is installed on a developer’s computer.
If you’ve ever tried to install a server, you’ll know that you can install web servers on a workstation. Software developers sometimes use these to test their code before transferring it to the test or production server.
But aren’t these ports already open, seeing as I’m using the internet?
Good point, these ports are indeed open seeing as you’re using the internet. However, they are open on the Windows 10 public firewall. On the private firewall, they are closed, and this is the firewall we’re going to be looking for in the next example.
The rule that you need to add is “HTTP / HTTPS Allow - Inbound” (this is inbound traffic).
Go to “Inbound rules”:
Right-click and go to New Rule:
Select “Port” and enter ports 80 and 443 separated by a comma:
Choose “Allow the connection”.
Here you need to select the firewall used by your rule. In our case, the public firewall is not applicable, as the developers are on the same network as the webserver.
Give it a name.
You can see your rule in the inbound rules section of the firewall.
Take a look below at how I configure Windows Firewall to allow HTTP and HTTPS traffic:
Your Turn!
🎯 Today's mission at CleanFuture: CleanFuture will create a new web application to use internally. The web developer working on the project has sent you an email:
Hi,
I’m testing our new web app and want to make sure the Firewall doesn’t block any traffic. Can you make sure Mozilla Firefox and all traffic from ports 80 & 443 are allowed through the Firewall?
⚙️ The actions you need to take:
Allow Mozilla Firefox through the Firewall
Create a rule to allow inbound traffic from ports 80 & 443.
✅ Double-check your work: You’ll know you’ve succeeded when Mozilla Firefox has both boxes checked in the “Allowed Apps” menu and you have an outbound policy that explicitly allows traffic from ports 80 and 443.
Let's Recap!
A firewall is a way of protecting a computer or a network from another network.
Your Windows 10 computer already has a very effective public firewall installed.
Windows 10 has three types of firewall:
A domain firewall to control traffic between your computer and the domain it is joined to.
A private firewall to control traffic between your computer and the private network it’s connected to.
A public firewall to control traffic between your computer and the internet.
When switched on, the Windows firewall blocks all traffic by default, except that which you explicitly allow.
You can allow apps to use the network or different types of traffic between your computer and a network.
Understanding how Windows Firewall functions will help keep your computers protected from a number of external threats. It is a complicated topic so make sure you have understood everything and completed the exercise before moving on to the next chapter - which will be dedicated to understanding backups!
