Security for Everyone - The Windows 7 Firewall & Security Essentials
Roughly one month prior to the release of Windows 7, Microsoft debuted its consumer antivirus and antispyware solution, Microsoft Security Essentials. This solution does not include a firewall which is understandable since Windows 7 does include one. Microsoft has a sketchy past with previous firewall incarnations that either left systems open for attack or did not provide the customization options that existed in commercial solutions. In this review I will take a closer look at the capabilities of Microsoft Security Essentials and the Windows 7 firewall. I will try to determine if the software giant has managed to stroll into the desktop security space as a solid contender.
Microsoft Security Essentials is a very small download at just under 7 MB. The installation is rather uneventful yet does require answering one UAC (User Account Control)  prompt before beginning. Thankfully a restart is not required for Microsoft Security Essentials to begin protecting your system. Immediately after installation you are presented with an option to do an initial scan and update of virus and spyware definitions. On my system the scan took less than 15 minutes to complete.
A quick check of the system finds that Microsoft does disable Windows Defender , the antispyware application that comes with every version of Windows 7. This is a very good thing since too many security solutions running at the same time can cause more harm than good.
You are now met with the Home tab of the very minimalist Microsoft Security Essentials application. All the essential information is displayed, such as whether or not the definitions are up to date and when the last scan was performed. The Home tab also provides easy access to kick off a quick, full or custom scan.
The interface is certainly not as overwhelming as in other security solutions. While this may seem like a welcome surprise it remains to be seen if this seemingly light application is going to do the job of securing Grandma’s computer. Let’s dig a bit deeper into the ease of use and configuration.
Ease of Use and Configuration
One explanation for the minimalist design of Microsoft Security Essentials is due to the fact that this application protects your computer from viruses and spyware only. It does not include a firewall therefore reducing the number of items that can be configured within its interface. This makes sense since Microsoft Security Essentials is a Microsoft product and Windows 7 already includes a fine built-in firewall which we’ll discuss in the next section.
In addition to the Home tab you will find the Update, History and Settings tabs. The Update tab displays the virus definition version and date created. You will also find the version of spyware definitions. You may choose a manual update which is something I’d recommend if Grandma has been away from her computer for a few days or if it were down for repair. The History tab gives you insight into any threats Microsoft Security Essentials has detected as well as any applications you have chosen to allow.
The overall interface, while not beautiful in its design, is perfectly functional and easy to understand. In addition to the system status and easy access to beginning a scan, the Home tab allows for editing the time and date of the scheduled scan.
Selecting ‘Change my scan schedule’ delivers you to the scheduled scan section within the settings tab. From here you can set the day, time and type of scan and set whether or not Microsoft Security Essentials should check for updates prior to scanning and to start the scheduled scan only when the computer is on but not in use, the latter two options are enabled by default.
A question arose for me regarding the last option and whether or not Microsoft Security Essentials would wake a computer to perform a scan. Nowhere within the application is this spelled out clearly. A bit of searching online determined that Microsoft Security Essentials does not wake the computer. There is a way to force the computer to wake up and complete a scan but it involves editing the scheduled task within Windows 7.
Let’s look at the remaining options in the settings tab:
The default actions section allows you to set the default action performed when a severe, high, medium or low level alert is identified. By default each threat level is set to ‘Recommended Action’ . However, Microsoft Security Essentials does not tell you what the recommended action is. To determine this, you are forced to select the link provided which delivers you to the Microsoft Security Essentials site explaining what these actions are. It turns out the recommended action for severe and high level alerts is to remove the application or file immediately. For medium and low level threats the details of the threat can be displayed and you can choose whether or not the presumed threat should be blocked or allowed. If you choose not to use the recommended action, you can set severe and high level threats to remove or quarantine. ‘Allow’ is an available option for medium and low level alerts.
The real-time protection settings allow one to disable the real-time scan (not something Grandma should do) as well as the option to disable the monitoring of application and file activity and the scanning of downloaded files and attachments. Settings also exist for excluding files and locations, file types and processes. Exclusion is as simple as browsing to the file or location or identifying the file type or process.
The advanced settings allow you to enable the scanning of compressed files and removable media, the latter is not enabled by default. An additional advanced setting allows for the creation of a daily restore point before any cleaning is done. Lastly is the advanced option to allow any computer access to the Microsoft Security Essentials history. This last is enabled by default and would make threat history available to all users of the computer, even non administrative users.
The last set of options within the settings tab are around your participation in Microsoft SpyNet. This is an online community that can help you determine the appropriate response to a threat. Your choices of sending data to SpyNet include choosing Basic or Advanced Membership. There is no option to opt out of SpyNet.
The difference between the two memberships is that the Advanced membership sends more information about any threats you might encounter. This can include the file name and path of the infected file. Some folks may not be comfortable with this level of participation. The choice is entirely yours and Microsoft does say any information collected, accidentally or on purpose, will not be used to identify or contact you.
As you can see from screens above, Microsoft Security Essentials could not be much easier to use. Everything Grandma might need to know is easily accessible. Microsoft Security Essentials also does a nice job with visual cues. If everything is up to date and no threats have been detected the interface has a green tone. If Microsoft Security Essentials is out of date or a medium or low level threat has been identified the interface has an orange tone. Lastly, if a severe or high level threat is identified the interface is predominantly red. These color cues are applied to the tray icon as well.
As previously mentioned, Microsoft Security Essentials does not include a firewall due to the existence of the built in firewall in Windows 7. Microsoft’s first inclusion of a firewall in Windows XP was in 2001. This version of the firewall, if it can be considered such, was disabled by default and was dealt a serious blow when the blaster worm moved into existence in mid 2003. Shortly thereafter the firewall was upgraded a bit and enabled by default but still lacked many features of the commercial firewall. In Windows 7, the firewall has been improved dramatically and handles all the tasks one would expect. Plus, it handles them in a relatively user friendly manner.
The firewall is accessible from two different interfaces, basic and advanced. The basic interface allows for stopping and starting the firewall , editing the notification settings and restoring defaults. You can also access the advanced firewall settings from the basic interface.
A very intrusive nmap scan produced no results at all. A nice surprise was the sheer absence of any alerts while the scan was taking place. The firewall simply did its job and did it well. When alerts are issued they are easy enough to understand and supply ample information for the tech savvy Grandma to make a choice between block and allow.
Several Windows Firewall tutorials have been written right here on 7 Tutorials. Refer to the list below for a better understanding of the specifics of managing the firewall:
Antivirus and antispyware features
Whenever Microsoft enters onto the scene with any new product it is met with great skepticism and scrutiny. This isn’t necessarily because Microsoft develops poor software, quite to the contrary. Microsoft software is so well known, and has leading market share in its core applications and operating systems, that any software it develops has a great chance to be adopted by many many users. When a security solution enters into the fray the scrutiny is very well deserved.
Thankfully, Microsoft Security Essentials has held up very well in terms of detecting existing and new viruses or spyware. This is due to several factors. Among these are SpyNet, the community driven site which goes a long way toward the identification of new rogue software and therefore the creation of new definitions. Microsoft Security Essentials definitions are also updated several times a day, however a specific installation may only look for new definitions once every 24 hours. I have seen reports of some folks noticing 12 hour auto-updates but can find nothing to verify a long standing schedule aside from the understanding that Microsoft Security Essentials will try to update once a day.
There is little to miss when a threat, or threats, have been identified. The red icon and text make sure of that. When a severe or high level alert is identified, Grandma need only select the option to clean the computer for the threat to be removed. Had the threat been of a medium or low level variety the option to ‘allow’ would have been available as well.
Independent tests  consistently place Microsoft Security Essentials  among the best in terms of detection and removal of viruses and spyware. Also, the Windows 7 firewall finally offers the features you would expect from a firewall.
This reliability, coupled with a very clean and easy to follow interface, make Microsoft Security Essentials and the Windows 7 firewall a clear winning combination for Grandma. Microsoft’s solutions may not provide access to the detailed settings other solutions have but this is part of the appeal, after all it’s Grandma we’re looking out for.