The Windows Defender Firewall with Advanced Security is a tool which gives you detailed control over the rules that are applied by the Windows Defender Firewall. You can view all the rules that are used by the Windows Defender Firewall, change their properties, create new rules or disable existing ones. In this tutorial, we share how to open the Windows Defender Firewall with Advanced Security, how to find your way around it, and talk about the types of rules that are available and what kind of traffic they filter.
NOTE: This guide covers Windows 10, Windows 7, and Windows 8.1. If you do not know the version of Windows that you have, read this tutorial: What version of Windows do I have installed?.
What is Windows Defender Firewall with Advanced Security?
First, let's clarify the name. The native firewall in Windows is named Windows Defender Firewall in Windows 10 while in Windows 7 and Windows 8.1 it retains the old name of Windows Firewall. Similarly, the tool we cover in this tutorial is named Windows Defender Firewall with Advanced Security in Windows 10 and Windows Firewall with Advanced Security in Windows 7 and Windows 8.1. The tool looks and functions identically in all three Windows versions. For this article, we use screenshots from Windows 10 and use the name Windows Defender Firewall with Advanced Security, but our tutorial is valid for all three Windows versions.
Windows Defender Firewall helps secure your Windows device by filtering the network traffic permitted to enter or exit your device. The tool is built as a snap-in on the Microsoft Management Console, and its executable file is named wf.msc. For more details on Windows Defender Firewall, read What is the Windows Firewall and how to turn it on or off?.
Control Panel provides a couple of basic settings for Windows Defender Firewall while Windows Defender Firewall with Advanced Security gives you access to all its features. Windows 10 has introduced basic firewall settings in its Settings app, but for full control of Windows Defender Firewall, it sends you to the Windows Defender Firewall with Advanced Security.
How to access the Windows Defender Firewall with Advanced Security
The easiest method to open Windows Defender Firewall with Advanced Security in all three Windows versions is to search for its executable file. Type "wf.msc" in the Windows search box and click or tap on the result.
In Control Panel you can access the Windows Defender Firewall with Advanced Security by going to "System and Security -> Windows Defender Firewall," and then by clicking or tapping Advanced settings.
In Windows 10, you can find a shortcut for Windows Defender Firewall with Advanced Security in the Start Menu using the following path: "Start Menu → Windows Administrative Tools → Windows Defender Firewall with Advanced Security."
What can you do with Windows Defender Firewall with Advanced Security?
The tool gives you access to all the features of Windows Defender Firewall. Here are some of the benefits of using it:
- Reduces the risk of security attacks from the network. Windows Defender Firewall is not a complete security solution, but it reduces the chances of a successful network attack.
- Authenticates access to your device. It can do it using IPsec (Internet Protocol Security), which enforces the integrity of data and protects confidentiality.
- Provides firewall capability with no additional investment. Windows Defender Firewall is part of Windows. You get the firewall without spending money or installing additional software.
Windows Defender Firewall with Advanced Security delivers the benefits using these features:
- Inbound and Outbound Rules
- Connection Security Rules
What are the inbound and outbound rules?
To provide the security you need, the Windows Defender Firewall has a standard set of inbound and outbound rules, which are enabled depending on the location of the connected network.
Inbound rules are applied to the traffic that is coming from the network and the internet to your Windows computer or device. Outbound rules apply to the traffic from your computer to the network or the Internet.
These rules can be configured so that they are specific to computers, users, programs, services, ports or protocols. You can also specify to which type of network adapter (e.g., wireless, cable, virtual private network) or user profile it is applied.
In the Windows Defender Firewall with Advanced Security, you can access all rules and edit their properties. All you have to do is click or tap the appropriate section in the left-side panel.
The rules used by the Windows Defender Firewall can be enabled or disabled. The ones which are enabled or active are marked with a green checkbox in the Name column.
Let's pick as an example one of the rules for Windows Media Player Network Sharing Service. If you manage your media library on your Windows device with Windows Media Player, you can decide to share it over the network. The rules for this purpose are disabled by default (the green checkbox is missing next to their names).
If you want to know more about a specific rule and see its properties, right click on it and select Properties or select it and press Properties in the column on the right, which lists the actions that are available for your selection.
In the Properties window, you find complete information about the selected rule, what it does and when it is applied. You can also edit its properties and change any of the available parameters. To enable the rule in our example, mark the checkbox Enabled and press the OK button.
When we return to the Windows Defender Firewall with Advanced Security window, the rule has the green checkbox showing it is enabled.
For more details on managing these rules, read How to Add & Manage Rules in the Windows Firewall with Advanced Security.
What are the Connection Security Rules?
Connection security rules are used to secure traffic between two computers while it crosses the network. One example would be a rule which defines that connections between two specific computers must be encrypted. These rules define how and when computers are authenticated using IPsec (Internet Security Protocol).
While the inbound or outbound rules are applied only to one computer, connection security rules require both computers to have the same rules defined and enabled. If you want to see if there are any such rules on your computer, click or tap "Connection Security Rules" on the panel on the left. By default, there are no such rules defined on Windows computers and devices. They are generally used in business environments, and the network administrator sets such rules.
Windows Defender Firewall with Advanced Security - What does it monitor?
The Windows Defender Firewall with Advanced Security includes some monitoring features as well. In the Monitoring section you can find the following information: the firewall rules that are active (both inbound and outbound), the connection security rules that are active and whether there are any active security associations.
You should note that the Monitoring section shows only the active rules for the current network location. If there are rules which get enabled for other network locations, you do not see them in this section.
What rules do you want in Windows Defender Firewall?
We have reviewed all that you find in the Windows Defender Firewall with Advanced Security. Now that you know the kinds of rules that exist on your Windows device, you can learn more about adding and managing firewall rules. Let us know in a comment below what kind of rules you would like to set up for your Windows Defender Firewall.