{"id":815,"date":"2007-06-13T00:12:52","date_gmt":"2007-06-12T23:12:52","guid":{"rendered":"http:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm"},"modified":"2007-06-13T23:00:42","modified_gmt":"2007-06-13T22:00:42","slug":"improvements-to-the-windows-firewall-in-vista","status":"publish","type":"post","link":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm","title":{"rendered":"Improvements to the Windows firewall in Vista"},"content":{"rendered":"<p>I recently attended a Windows Vista security session at Microsoft, presented by <a href=\"http:\/\/blogs.technet.com\/steve_lamb\">Steve Lamb<\/a>.  Windows Vista security is too broad to cover in a single presentation (or even in a single blog post!) but some of the key points that Steve concentrated on were around the Windows firewall and <a href=\"https:\/\/www.markwilson.co.uk\/blog\/2005\/08\/introduction-to-ipsec.htm\">IPsec<\/a>.  This post picks up on the main points from Steve&#8217;s presentation.<\/p>\n<p>The Windows XP firewall was criticised by some because it only inspected inbound traffic.  Microsoft responded to customer demands and, in Windows Vista, the firewall also inspects outbound traffic; however it should be noted that a compromised machine can have its firewall disabled, so the presence of the firewall is not a reason to feel complacent; indeed Steve Lamb used the term security theatre (http:\/\/en.wikipedia.org\/wiki\/Security_theatre) to highlight security products that promise much and offer little.<\/p>\n<p>Consider the following process:<\/p>\n<p><img data-recalc-dims=\"1\" decoding=\"async\" class=\"inline\" src=\"https:\/\/i0.wp.com\/www.markwilson.co.uk\/blog\/images\/firewall-issue.png?w=700&#038;ssl=1\" alt=\"The fundamental issue with client firewalls\" \/><\/p>\n<p><a href=\"https:\/\/www.markwilson.co.uk\/blog\/2005\/11\/plea-for-user-friendly-firewall.htm\">I wrote about this problem a while back<\/a>, but in short, outbound control can only be relied upon where the computer is not compromised and the user cares about security &#8211; i.e. not on those machines where it is needed (compromised computers where the users don&#8217;t care about security)!  It can be useful for restricting known software from communicating; however in such cases, prompting should be disabled.<\/p>\n<p>Trying to find a balance between ease of use\/flexibility and security, the default actions for the Windows firewall are:<\/p>\n<ul>\n<li>Inbound &#8211; block most traffic, with a few exceptions.<\/li>\n<li>Outbound &#8211; allow all interactive traffic but restrict services.<\/li>\n<\/ul>\n<p>Allow\/block rules can be configured for programs, services, users, computers, protocols or ports.<\/p>\n<p>The Windows Vista firewall feature list is extended in other ways too:<\/p>\n<table>\n<thead>\n<th>\n<\/th>\n<th>Windows XP SP2\n<\/th>\n<th>Windows Vista\n<\/th>\n<\/thead>\n<tbody>\n<tr class=\"even\">\n<td>Direction<\/td>\n<td>Inbound<\/td>\n<td>Inbound and outbound<\/td>\n<\/tr>\n<tr class=\"odd\">\n<td>Default action<\/td>\n<td>Block<\/td>\n<td>Configurable for direction<\/td>\n<\/tr>\n<tr class=\"even\">\n<td>Packet Types<\/td>\n<td>TCP, UDP, some ICMP<\/td>\n<td>All<\/td>\n<\/tr>\n<tr class=\"odd\">\n<td>Rule types<\/td>\n<td>Application, global ports, ICMP types<\/td>\n<td>Multiple conditions (programs, services, users, computers, protocols or ports)<\/td>\n<\/tr>\n<tr class=\"even\">\n<td>Rule actions<\/td>\n<td>Block<\/td>\n<td>Block, allow, bypass; with rule merge logic<\/td>\n<\/tr>\n<tr class=\"odd\">\n<td>UI and tools<\/td>\n<td>Control Panel, <code>netsh<\/code><\/td>\n<td>Control Panel, <code>netsh<\/code>, MMC<\/td>\n<\/tr>\n<tr class=\"even\">\n<td>APIs<\/td>\n<td>Public COM, private C<\/td>\n<td>More COM to expose rules, more C to expose features<\/td>\n<\/tr>\n<tr class=\"odd\">\n<td>Remote management<\/td>\n<td>None<\/td>\n<td>Hardened RPC interface<\/td>\n<\/tr>\n<tr class=\"even\">\n<td>Group policy<\/td>\n<td>Administrative template<\/td>\n<td>MMC, <code>netsh<\/code><\/td>\n<\/tr>\n<tr class=\"odd\">\n<td>Terminology<\/td>\n<td>Exceptions; profiles<\/td>\n<td>Rules; categories<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>The Windows filtering platform (WFP) is a series of APIs, designed to allow developers to hook into the network stack without requiring kernel changes.  WFP provides authenticated communication, dynamic firewall configuration, a foundation for the Windows firewall and IPsec, works with encrypted traffic, and because it is fully documented there is little risk that a service pack release will break third-party applications.  Architecturally, this also provides improvements with synchronous API calls, exposure of the user context for auditing policy changes, access control lists on API calls (no longer using registry ACLs and escaltion of privilege) and incremental policy updates.<\/p>\n<p>Firewall configuration is still available from the Control Panel (with a few minor presentation differences); however a new Windows Firewall with Advanced Security MMC snap-in is provided which can also be used to assign settings to remote computers and to apply IPsec configuration.  The new MMC snap-in is complemented with a new <code>netsh advfirewall<\/code> command line interface.<\/p>\n<p>When merging and evaluating rules, the following order is applied, from highest priority to lowest:<\/p>\n<ul>\n<li>Service restrictions (restricting connections that can be established by services &#8211; operating system services are configured appropriately by default).<\/li>\n<li>Connection rules (restricting connections from particular computers using IPsec for authentication and authorisation).<\/li>\n<li>Authenticated bypass (allowing specified computers to bypass other rules).<\/li>\n<li>Block rules (explicitly blocking incoming or outgoing traffic).<\/li>\n<li>Allow rules (explicitly allowing incoming or outgoing traffic).<\/li>\n<li>Default rules (the default behaviour for a connection).<\/li>\n<\/ul>\n<p>It should be noted that these rules are stored in the registry; however editing them directly is unsupported.<\/p>\n<p>Firewall exceptions are also more flexible, including the ability to filter based on:<\/p>\n<ul>\n<li>Active Directory user accounts and groups.<\/li>\n<li>Source\/destination IP addresses\/range.<\/li>\n<li>Source\/destination TCP\/UDP ports.<\/li>\n<li>Comma-delimited list of ports.<\/li>\n<li>IP protocol number.<\/li>\n<li>Interface type.<\/li>\n<li>ICMP type and code.<\/li>\n<li>Services.<\/li>\n<\/ul>\n<p>Support is also provided for multiple network profiles:<\/p>\n<ul>\n<li>Domain &#8211; domain joined and connected to the domain (i.e. able to authenticate).<\/li>\n<li>Private &#8211; connected to a defined private network (home or work).<\/li>\n<li>Public &#8211; all other networks.<\/li>\n<\/ul>\n<p>Network location awareness (NLA) detects networking changes and assigns each connection a GUID, whereby the network profile service (NPS) creates a profile upon connection and notifies the firewall whenever NLA detects a change.  Local administrator privileges are required in order to define that a network is private and the computer defines the category when multiple interfaces are in use based on the logic in the accompanying diagram.<\/p>\n<p><img data-recalc-dims=\"1\" decoding=\"async\" class=\"inline\" src=\"https:\/\/i0.wp.com\/www.markwilson.co.uk\/blog\/images\/vista-networkclassification.png?w=700&#038;ssl=1\" alt=\"Determining network state with multiple interfaces\" \/><\/p>\n<p>Windows Firewall group policy processing is also enhanced.  Previously, computer policies were applied on operating system boot and user policies at logon, with a periodic refresh.  Windows Vista extends this to apply computer and user policies when establishing a VPN connection or when resuming from hibernation\/standby.  Of course, firewall policies are set at the computer level, although they can be further restricted with per-user settings as previously described.<\/p>\n<p>Windows Vista enhanced IPsec capabilities are integrated with the Windows Firewall, eliminating confusion with overlapping rules and allowing firewall rules to be IPsec-aware.  IPsec configuration has been simplified in Windows Vista but it is still a complex subject, worthy of a separate post; however there are a couple of points worth noting:<\/p>\n<ul>\n<li>Authenticated headers (AH) traffic is not compatible with network address translation (NAT) as it cannot be routed &#8211; an alternative is to use encapsulated payload (ESP) with 0-bit encryption to effectively provide the same function.<\/li>\n<li>Shared secrets are stored as plain text in the registry so should not be used in production scenarios &#8211; certificates or Kerberos should be used instead for authentication.<\/li>\n<\/ul>\n<p>In summary, Microsoft has made significant improvements to the Windows Firewall in Vista and anyone who is not using a third party product (and I would question the need for the use of third party firewalls in Vista) should turn it on right away, otherwise they are asking for trouble.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I recently attended a Windows Vista security session at Microsoft, presented by Steve Lamb. Windows Vista security is too broad to cover in a single presentation (or even in a single blog post!) but some of the key points that Steve concentrated on were around the Windows firewall and IPsec. This post picks up on &hellip; <a href=\"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Improvements to the Windows firewall in Vista<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[],"tags":[98,43],"class_list":["post-815","post","type-post","status-publish","format-standard","hentry","tag-windows-vista","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Improvements to the Windows firewall in Vista - markwilson.it<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Improvements to the Windows firewall in Vista - markwilson.it\" \/>\n<meta property=\"og:description\" content=\"I recently attended a Windows Vista security session at Microsoft, presented by Steve Lamb. Windows Vista security is too broad to cover in a single presentation (or even in a single blog post!) but some of the key points that Steve concentrated on were around the Windows firewall and IPsec. This post picks up on &hellip; Continue reading Improvements to the Windows firewall in Vista\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm\" \/>\n<meta property=\"og:site_name\" content=\"markwilson.it\" \/>\n<meta property=\"article:published_time\" content=\"2007-06-12T23:12:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2007-06-13T22:00:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.markwilson.co.uk\/blog\/images\/firewall-issue.png\" \/>\n<meta name=\"author\" content=\"Mark Wilson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@markwilsonit\" \/>\n<meta name=\"twitter:site\" content=\"@markwilsonit\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mark Wilson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm\"},\"author\":{\"name\":\"Mark Wilson\",\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/#\\\/schema\\\/person\\\/98f61365e7c39d6be942174b8c4de468\"},\"headline\":\"Improvements to the Windows firewall in Vista\",\"datePublished\":\"2007-06-12T23:12:52+00:00\",\"dateModified\":\"2007-06-13T22:00:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm\"},\"wordCount\":1009,\"commentCount\":2,\"publisher\":{\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/#\\\/schema\\\/person\\\/98f61365e7c39d6be942174b8c4de468\"},\"image\":{\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/images\\\/firewall-issue.png\",\"keywords\":[\"Microsoft Windows Vista\",\"Security\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm\",\"url\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm\",\"name\":\"Improvements to the Windows firewall in Vista - markwilson.it\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/images\\\/firewall-issue.png\",\"datePublished\":\"2007-06-12T23:12:52+00:00\",\"dateModified\":\"2007-06-13T22:00:42+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm#primaryimage\",\"url\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/images\\\/firewall-issue.png\",\"contentUrl\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/images\\\/firewall-issue.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/2007\\\/06\\\/improvements-to-the-windows-firewall-in-vista.htm#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Improvements to the Windows firewall in Vista\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/\",\"name\":\"markwilson.it\",\"description\":\"get-info -class technology | write-output &gt; \\\/dev\\\/web\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/#\\\/schema\\\/person\\\/98f61365e7c39d6be942174b8c4de468\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/#\\\/schema\\\/person\\\/98f61365e7c39d6be942174b8c4de468\",\"name\":\"Mark Wilson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/www.markwilson.co.uk\\\/blog\\\/uploads\\\/image-4.png?fit=800%2C800&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/www.markwilson.co.uk\\\/blog\\\/uploads\\\/image-4.png?fit=800%2C800&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/www.markwilson.co.uk\\\/blog\\\/uploads\\\/image-4.png?fit=800%2C800&ssl=1\",\"width\":800,\"height\":800,\"caption\":\"Mark Wilson\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/www.markwilson.co.uk\\\/blog\\\/uploads\\\/image-4.png?fit=800%2C800&ssl=1\"},\"description\":\"A Chartered IT Professional, with recent experience in technology leadership, IT strategy and practice management roles, Mark Wilson is an Enterprise Architect in the Advisory and Management Group at risual. During a career spanning more than two decades, Mark has gained widespread recognition as an expert in his field including both industry and national press exposure. In addition to certifications from Microsoft, VMware, Red Hat, The Open Group and Axelos, Mark held a Microsoft Most Valuable Professional (MVP) award for three years and is now part of the MVP Reconnect programme. Mark is also well-known on social media and maintains an award-winning blog.\",\"sameAs\":[\"http:\\\/\\\/www.markwilson.co.uk\\\/\",\"https:\\\/\\\/www.instagram.com\\\/markwilsonuk\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/markawilson\\\/\",\"https:\\\/\\\/x.com\\\/markwilsonit\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UCWHlZCoHRTocdvtrOJ2IL4A\"],\"url\":\"https:\\\/\\\/www.markwilson.co.uk\\\/blog\\\/author\\\/mark-wilson\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Improvements to the Windows firewall in Vista - markwilson.it","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm","og_locale":"en_GB","og_type":"article","og_title":"Improvements to the Windows firewall in Vista - markwilson.it","og_description":"I recently attended a Windows Vista security session at Microsoft, presented by Steve Lamb. Windows Vista security is too broad to cover in a single presentation (or even in a single blog post!) but some of the key points that Steve concentrated on were around the Windows firewall and IPsec. This post picks up on &hellip; Continue reading Improvements to the Windows firewall in Vista","og_url":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm","og_site_name":"markwilson.it","article_published_time":"2007-06-12T23:12:52+00:00","article_modified_time":"2007-06-13T22:00:42+00:00","og_image":[{"url":"https:\/\/www.markwilson.co.uk\/blog\/images\/firewall-issue.png","type":"","width":"","height":""}],"author":"Mark Wilson","twitter_card":"summary_large_image","twitter_creator":"@markwilsonit","twitter_site":"@markwilsonit","twitter_misc":{"Written by":"Mark Wilson","Estimated reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm#article","isPartOf":{"@id":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm"},"author":{"name":"Mark Wilson","@id":"https:\/\/www.markwilson.co.uk\/blog\/#\/schema\/person\/98f61365e7c39d6be942174b8c4de468"},"headline":"Improvements to the Windows firewall in Vista","datePublished":"2007-06-12T23:12:52+00:00","dateModified":"2007-06-13T22:00:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm"},"wordCount":1009,"commentCount":2,"publisher":{"@id":"https:\/\/www.markwilson.co.uk\/blog\/#\/schema\/person\/98f61365e7c39d6be942174b8c4de468"},"image":{"@id":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm#primaryimage"},"thumbnailUrl":"https:\/\/www.markwilson.co.uk\/blog\/images\/firewall-issue.png","keywords":["Microsoft Windows Vista","Security"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm","url":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm","name":"Improvements to the Windows firewall in Vista - markwilson.it","isPartOf":{"@id":"https:\/\/www.markwilson.co.uk\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm#primaryimage"},"image":{"@id":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm#primaryimage"},"thumbnailUrl":"https:\/\/www.markwilson.co.uk\/blog\/images\/firewall-issue.png","datePublished":"2007-06-12T23:12:52+00:00","dateModified":"2007-06-13T22:00:42+00:00","breadcrumb":{"@id":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm#primaryimage","url":"https:\/\/www.markwilson.co.uk\/blog\/images\/firewall-issue.png","contentUrl":"https:\/\/www.markwilson.co.uk\/blog\/images\/firewall-issue.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.markwilson.co.uk\/blog\/2007\/06\/improvements-to-the-windows-firewall-in-vista.htm#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.markwilson.co.uk\/blog"},{"@type":"ListItem","position":2,"name":"Improvements to the Windows firewall in Vista"}]},{"@type":"WebSite","@id":"https:\/\/www.markwilson.co.uk\/blog\/#website","url":"https:\/\/www.markwilson.co.uk\/blog\/","name":"markwilson.it","description":"get-info -class technology | write-output &gt; \/dev\/web","publisher":{"@id":"https:\/\/www.markwilson.co.uk\/blog\/#\/schema\/person\/98f61365e7c39d6be942174b8c4de468"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.markwilson.co.uk\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":["Person","Organization"],"@id":"https:\/\/www.markwilson.co.uk\/blog\/#\/schema\/person\/98f61365e7c39d6be942174b8c4de468","name":"Mark Wilson","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/i0.wp.com\/www.markwilson.co.uk\/blog\/uploads\/image-4.png?fit=800%2C800&ssl=1","url":"https:\/\/i0.wp.com\/www.markwilson.co.uk\/blog\/uploads\/image-4.png?fit=800%2C800&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.markwilson.co.uk\/blog\/uploads\/image-4.png?fit=800%2C800&ssl=1","width":800,"height":800,"caption":"Mark Wilson"},"logo":{"@id":"https:\/\/i0.wp.com\/www.markwilson.co.uk\/blog\/uploads\/image-4.png?fit=800%2C800&ssl=1"},"description":"A Chartered IT Professional, with recent experience in technology leadership, IT strategy and practice management roles, Mark Wilson is an Enterprise Architect in the Advisory and Management Group at risual. During a career spanning more than two decades, Mark has gained widespread recognition as an expert in his field including both industry and national press exposure. In addition to certifications from Microsoft, VMware, Red Hat, The Open Group and Axelos, Mark held a Microsoft Most Valuable Professional (MVP) award for three years and is now part of the MVP Reconnect programme. Mark is also well-known on social media and maintains an award-winning blog.","sameAs":["http:\/\/www.markwilson.co.uk\/","https:\/\/www.instagram.com\/markwilsonuk\/","https:\/\/www.linkedin.com\/in\/markawilson\/","https:\/\/x.com\/markwilsonit","https:\/\/www.youtube.com\/channel\/UCWHlZCoHRTocdvtrOJ2IL4A"],"url":"https:\/\/www.markwilson.co.uk\/blog\/author\/mark-wilson"}]}},"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":199,"url":"https:\/\/www.markwilson.co.uk\/blog\/2005\/12\/wireless-security-and-secure-remote.htm","url_meta":{"origin":815,"position":0},"title":"Wireless security and secure remote access","author":"Mark Wilson","date":"Friday 9 December 2005","format":false,"excerpt":"Last night, I attended Steve Lamb's Microsoft TechNet UK briefing on wireless security and secure remote access. I won't repeat the entire content here, because Steve has an article in the November\/December issue of Microsoft TechNet magazine, entitled improve your web security with encryption and firewall technologies, which, when combined\u2026","rel":"","context":"In \"Microsoft ISA Server\"","block_context":{"text":"Microsoft ISA Server","link":"https:\/\/www.markwilson.co.uk\/blog\/tag\/isa"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":105,"url":"https:\/\/www.markwilson.co.uk\/blog\/2005\/05\/anyone-worried-about-running-microsoft.htm","url_meta":{"origin":815,"position":1},"title":"Anyone worried about running Microsoft ISA Server as a firewall?","author":"Mark Wilson","date":"Thursday 26 May 2005","format":false,"excerpt":"Over the last few years just about every network administrator I've worked with has laughed at the idea of a Microsoft firewall in an enterprise environment (at least as a front line of defence - many organisations use Microsoft ISA Server behind another firewall). When forced by the American parent\u2026","rel":"","context":"In \"Microsoft ISA Server\"","block_context":{"text":"Microsoft ISA Server","link":"https:\/\/www.markwilson.co.uk\/blog\/tag\/isa"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":69,"url":"https:\/\/www.markwilson.co.uk\/blog\/2005\/03\/securing-network-using-microsoft-isa.htm","url_meta":{"origin":815,"position":2},"title":"Securing the network using Microsoft ISA Server 2004","author":"Mark Wilson","date":"Thursday 3 March 2005","format":false,"excerpt":"Several months ago, I attended a Microsoft TechNet UK event where the topic was ISA Server 2004 network design\/troubleshooting and inside application layer firewalling and filtering. It's taken me a while to get around to writing up the notes, but finally, here they are, with some additional information that I\u2026","rel":"","context":"In \"Microsoft ISA Server\"","block_context":{"text":"Microsoft ISA Server","link":"https:\/\/www.markwilson.co.uk\/blog\/tag\/isa"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":15,"url":"https:\/\/www.markwilson.co.uk\/blog\/2004\/09\/should-you-run-windows-firewall-third.htm","url_meta":{"origin":815,"position":3},"title":"Should you run the Windows Firewall, a third party firewall, or both?","author":"Mark Wilson","date":"Friday 17 September 2004","format":false,"excerpt":"\"Which firewall should I use?\" - it's an interesting question. Microsoft are positioning the Windows Firewall (part of Windows XP service pack 2) as a major leap forward in terms of network protection, and it is; but there are many good third-party firewall products out there. Should you use the\u2026","rel":"","context":"In \"Microsoft Windows XP\"","block_context":{"text":"Microsoft Windows XP","link":"https:\/\/www.markwilson.co.uk\/blog\/tag\/windows-xp"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":842,"url":"https:\/\/www.markwilson.co.uk\/blog\/2007\/07\/windows-fast-user-switching-zone-alarm-bad-it-day.htm","url_meta":{"origin":815,"position":4},"title":"Windows fast user switching + Zone Alarm = bad IT day","author":"Mark Wilson","date":"Thursday 12 July 2007","format":false,"excerpt":"My poor colleagues had to put up with a lot of complaining yesterday. I was having a bad IT day (when nothing seems to go well). And it seems to be continuing today. I recently rebuilt my company notebook PC to run Windows Vista and Office 2007. That's going well\u2026","rel":"","context":"In \"Microsoft Windows Vista\"","block_context":{"text":"Microsoft Windows Vista","link":"https:\/\/www.markwilson.co.uk\/blog\/tag\/windows-vista"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":298,"url":"https:\/\/www.markwilson.co.uk\/blog\/2006\/05\/does-windows-vista-have-more-than-just.htm","url_meta":{"origin":815,"position":5},"title":"Does Windows Vista have more than just a pretty face?","author":"Mark Wilson","date":"Wednesday 3 May 2006","format":false,"excerpt":"I've written a bit about Windows Vista on this blog previously but generally left the product reviews to people like Paul Thurrott (who has both the time to do a review justice and the readership to make it worthwhile). Yesterday, I saw yet another Windows Vista presentation and (with my\u2026","rel":"","context":"In \"Microsoft Windows Vista\"","block_context":{"text":"Microsoft Windows Vista","link":"https:\/\/www.markwilson.co.uk\/blog\/tag\/windows-vista"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.markwilson.co.uk\/blog\/wp-json\/wp\/v2\/posts\/815","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.markwilson.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.markwilson.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.markwilson.co.uk\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.markwilson.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=815"}],"version-history":[{"count":0,"href":"https:\/\/www.markwilson.co.uk\/blog\/wp-json\/wp\/v2\/posts\/815\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.markwilson.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.markwilson.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.markwilson.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}