Configuring Windows Defender Firewall

Rollback to version 1

0:01 - 0:03

another tool that we'll use
0:03 - 0:06

for managing our windows 10 security
0:06 - 0:09

is going to be the windows firewall now
0:09 - 0:10

just like windows defender we don't want
0:10 - 0:12

this to be the only thing we're using
0:12 - 0:15

we do want to use a windows firewall but
0:15 - 0:18

we want other firewalls and other places
0:18 - 0:19

on our network to provide overall
0:19 - 0:21

network protection as well
0:21 - 0:24

so this is not a
0:25 - 0:28

solution to every firewalling issue
0:28 - 0:31

but it is a good useful tool to have
0:31 - 0:34

and you don't if at all possible we
0:34 - 0:36

don't want to turn it off
0:36 - 0:38

because we want that protection in case
0:38 - 0:40

something gets through
0:40 - 0:42

our network-based firewall so let's look
0:42 - 0:45

at how we can manage it so i'm here
0:45 - 0:46

under settings
0:46 - 0:49

and update and security and then windows
0:49 - 0:50

security
0:50 - 0:52

and here is my firewall and network
0:52 - 0:53

protection
0:53 - 0:55

so i'm going to click on that and i'm
0:55 - 0:56

going to have
0:56 - 0:59

a simple way to deal with a firewall and
0:59 - 1:00

then we call it windows firewall with
1:00 - 1:02

advanced security for more detailed
1:02 - 1:04

information
1:04 - 1:06

so here is our firewall and network
1:06 - 1:07

protection you see we have different
1:07 - 1:09

domain pro or different network profiles
1:09 - 1:11

the domain network the private network
1:11 - 1:13

and the public network
1:13 - 1:14

and then this right here tells me that
1:14 - 1:16

i'm currently on the private network
1:16 - 1:18

profile
1:18 - 1:20

and currently the firewall is on now let
1:20 - 1:22

me go ahead and click on that
1:22 - 1:25

and i've got a couple of options here so
1:25 - 1:28

i can turn off my firewall now i don't
1:28 - 1:30

recommend doing this as a long-term
1:30 - 1:31

solution
1:31 - 1:33

but if you need to turn off the firewall
1:33 - 1:35

while you're troubleshooting an issue
1:35 - 1:37

that actually can be useful
1:37 - 1:39

something's not working i'm trying i'm
1:39 - 1:41

having a network connectivity issue let
1:41 - 1:42

me turn off my firewall
1:42 - 1:44

see if that fixes the problem now if
1:44 - 1:46

that does i don't want to leave my
1:46 - 1:47

firewall
1:47 - 1:49

off but now i know there's a firewall
1:49 - 1:51

setting that i'm going to need to adjust
1:51 - 1:54

so i'm going to try to find that
1:54 - 1:55

firewall setting so that i can
1:55 - 1:58

bring my firewall back up but allow that
1:58 - 1:59

particular application through the
1:59 - 2:00

firewall
2:00 - 2:03

so this turns it off
2:03 - 2:07

and then back on and it's now paranoid
2:07 - 2:09

because i turned his firewall off
2:09 - 2:11

i'm going to turn his firewall back on
2:11 - 2:12

that'll make it happy again
2:12 - 2:15

okay now so this is this
2:15 - 2:18

on or off all or nothing thing the other
2:18 - 2:20

all or nothing thing is this one right
2:20 - 2:21

here
2:21 - 2:24

so a firewall will control data coming
2:24 - 2:26

into your computer and data going
2:26 - 2:28

out from your computer and by default
2:28 - 2:30

windows firewall is going to allow
2:30 - 2:33

some things going out block most things
2:33 - 2:35

coming in unless they're specifically
2:35 - 2:36

allowed
2:36 - 2:39

what this does is this blocks all
2:39 - 2:40

incoming connections
2:40 - 2:41

and again this is going to be a
2:41 - 2:43

temporary thing this is not permanent
2:43 - 2:44

right
2:44 - 2:47

so i'm down at starbucks
2:47 - 2:49

i'm probably going to be on a public
2:49 - 2:51

network not a private network but i'm
2:51 - 2:53

down at starbucks
2:53 - 2:56

and for some reason i i just think you
2:56 - 2:58

know what i'm on the
2:58 - 2:59

network i'm on the network i'm surfing
2:59 - 3:02

the internet uh i'm working on a
3:02 - 3:03

document
3:03 - 3:06

but i really don't want
3:06 - 3:08

any access to my computer across this
3:08 - 3:09

network
3:09 - 3:11

so i can come in here and say just block
3:11 - 3:13

all incoming connections
3:13 - 3:14

including those who would otherwise be
3:14 - 3:16

allowed and that's just gonna you know
3:16 - 3:18

slam the door shut
3:18 - 3:22

so when we turn off windows defender you
3:22 - 3:23

know
3:23 - 3:24

get rid of all the locks on the doors
3:24 - 3:26

throw open the windows knock down the
3:26 - 3:28

walls just let anybody come in
3:28 - 3:30

this is the exact opposite go complete
3:30 - 3:32

lockdown
3:32 - 3:34

okay those are our two all or nothing
3:34 - 3:36

options and we can do that for
3:36 - 3:38

any one of these three profiles so i can
3:38 - 3:40

send my public network i want to block
3:40 - 3:43

all incoming connections while still
3:43 - 3:45

leaving incoming connections allowed on
3:45 - 3:46

a private network that i trust
3:46 - 3:49

a little bit better all right now
3:49 - 3:51

those are all or nothing most of the
3:51 - 3:54

time we don't want all or nothing
3:54 - 3:55

most of the time we're going to want
3:55 - 3:57

specific things and that's
3:57 - 4:00

here allow an app through the firewall
4:00 - 4:02

so let me bring this up and this is
4:02 - 4:03

going to show
4:03 - 4:06

a bunch of apps that are already allowed
4:06 - 4:08

through my firewall
4:08 - 4:10

and so you'll see the list of apps here
4:10 - 4:11

and a bunch of these are going to be
4:11 - 4:12

microsoft
4:12 - 4:14

apps but there are some of them that are
4:14 - 4:16

not going to be microsoft apps
4:16 - 4:18

like i have packet tracer installed on
4:18 - 4:19

my system
4:19 - 4:22

and so packet tracer created a rule for
4:22 - 4:23

the firewall
4:23 - 4:25

and it said hey go ahead and allow this
4:25 - 4:28

and i didn't do that right when i
4:28 - 4:29

installed the software the software did
4:29 - 4:30

that
4:30 - 4:32

for me so that actually makes this
4:32 - 4:34

easier to work with but if for some
4:34 - 4:35

reason
4:35 - 4:37

i decide that there's an app that i
4:37 - 4:38

don't want access to
4:38 - 4:41

after all then i can come in here and i
4:41 - 4:42

can change that
4:42 - 4:44

so we'll do that by going to change
4:44 - 4:46

settings and let's look at this one
4:46 - 4:47

right here
4:47 - 4:49

paint 3d so paint 3d is currently
4:49 - 4:51

allowed for both the private and the
4:51 - 4:52

public network
4:52 - 4:54

now if i want to change which networks
4:54 - 4:56

it's allowed on i can just
4:56 - 4:59

click that and uncheck or check those
4:59 - 5:01

boxes if i want to turn it off entirely
5:01 - 5:04

i check the box over here pretty
5:04 - 5:05

straightforward
5:05 - 5:08

if i don't see the app in here that i
5:08 - 5:09

want so let's say i'm having a problem
5:09 - 5:12

with a particular application connecting
5:12 - 5:13

through my network
5:13 - 5:15

i've proven that because i turned off
5:15 - 5:16

the firewall and it worked fine turned
5:16 - 5:18

the firewall back on it stopped working
5:18 - 5:20

okay so that told me where the problem
5:20 - 5:22

was so now what i can do
5:22 - 5:26

is i can come in and add another app
5:26 - 5:28

so i allow my other app i browse to
5:28 - 5:30

wherever it is blah blah blah i find my
5:30 - 5:32

app i'm already in packet tracer go to
5:32 - 5:34

click that just for the fun of it
5:34 - 5:35

so i'm going to pack a tracer and then
5:35 - 5:37

i'm going to choose network types public
5:37 - 5:39

or private network
5:39 - 5:41

and then go and cancel that because i
5:41 - 5:43

don't need it
5:43 - 5:47

that will add that executable to
5:47 - 5:49

this particular firewall rules to allow
5:49 - 5:50

them
5:50 - 5:53

out either public or private networks
5:53 - 5:56

so this is the easy way to manage it
5:56 - 5:58

this is not the detailed way
5:58 - 6:01

this it does it based on application
6:01 - 6:04

not on specific port number now if we
6:04 - 6:06

want it on specific port number
6:06 - 6:08

and i want more detailed settings that's
6:08 - 6:10

where i go to
6:10 - 6:12

my advanced settings so i'm going to
6:12 - 6:15

click my advanced settings
6:15 - 6:19

and here is my windows firewall with
6:19 - 6:22

advanced security
6:22 - 6:23

now over here i've got different types
6:23 - 6:25

of rules inbound rules
6:25 - 6:27

outbound rules connection security rules
6:27 - 6:29

here's my little overview
6:29 - 6:33

and specific actions i can take so for
6:33 - 6:35

each of these profiles
6:35 - 6:37

the windows defender firewall is on
6:37 - 6:38

inbound connections
6:38 - 6:40

do not match rule are blocked outbound
6:40 - 6:41

connections do not match rule are
6:41 - 6:42

allowed
6:42 - 6:44

now obviously i can change these however
6:44 - 6:46

i want as well by going to windows
6:46 - 6:48

defender firewall properties
6:48 - 6:50

and so then for let me go to my public
6:50 - 6:53

profile and from my public profile i can
6:53 - 6:54

say
6:54 - 6:56

firewall state is on inbound connections
6:56 - 6:57

blocked by default
6:57 - 6:59

outbound connections i'm going to block
6:59 - 7:01

outbound connections
7:01 - 7:03

now obviously i don't want to actually
7:03 - 7:05

do that but
7:05 - 7:07

if i did want to you know completely
7:07 - 7:09

block any access
7:09 - 7:13

to this uh in or out of this computer
7:13 - 7:14

while i'm on that public network that
7:14 - 7:15

would be a way to do it this is going to
7:15 - 7:17

block my outbound connections
7:17 - 7:19

so nothing originating on my computer
7:19 - 7:21

going out will work
7:21 - 7:23

and then on my inbound connections i can
7:23 - 7:24

block default
7:24 - 7:26

block all connections or allow all
7:26 - 7:27

connections
7:27 - 7:30

allow all connections no security block
7:30 - 7:31

all connections
7:31 - 7:33

at this point i would go into complete
7:33 - 7:34

isolation mode
7:34 - 7:36

let me go and apply that because i'm not
7:36 - 7:38

on this network anyway
7:38 - 7:40

and we'll see right here windows
7:40 - 7:42

defender firewall is on and we are
7:42 - 7:43

blocking
7:43 - 7:45

everything so if i ever switch my
7:45 - 7:48

network profile to public
7:48 - 7:50

it's my firewall goes into complete
7:50 - 7:52

lockdown
7:52 - 7:55

so let me go to
7:57 - 7:59

get my right profile here again to reset
7:59 - 8:01

that
8:03 - 8:08

okay so those are very very similar to
8:08 - 8:09

some of the things we were looking at
8:09 - 8:11

when we were looking at the basic setup
8:11 - 8:13

view and create firewall rules all right
8:13 - 8:15

let's take a look at our inbound and
8:15 - 8:17

outbound rules inbound rules impact
8:17 - 8:18

traffic coming
8:18 - 8:20

in outbound rules impact traffic going
8:20 - 8:22

out let's start with inbound rules
8:22 - 8:25

here are all of my inbound rules let me
8:25 - 8:26

go and maximize this give us a little
8:26 - 8:28

more real estate here
8:28 - 8:30

so let's take a look at this packet
8:30 - 8:32

tracer executable
8:32 - 8:34

what profile we're looking at is an
8:34 - 8:35

enabled
8:35 - 8:38

what action does it take block or allow
8:38 - 8:40

what program does it entail
8:40 - 8:42

what's the local address what's the
8:42 - 8:44

remote address
8:44 - 8:46

and then as we scroll over what protocol
8:46 - 8:48

what port number what remote
8:48 - 8:50

port local and remote port number are
8:50 - 8:52

there any authorized users or computers
8:52 - 8:52

or
8:52 - 8:54

as you can tell these can get fairly
8:54 - 8:56

detailed maybe the best way to look at
8:56 - 8:56

this
8:56 - 8:58

is going to be to go and create a new
8:58 - 9:00

rule so i'm going to come over here and
9:00 - 9:00

click new
9:00 - 9:04

new rule and i can do this based on a
9:04 - 9:06

particular program a particular port
9:06 - 9:08

number a predefined rule or a custom
9:08 - 9:08

rule
9:08 - 9:11

let me start with a port number let's
9:11 - 9:12

say i want to allow
9:12 - 9:16

port 25 for smtp connections
9:16 - 9:18

in only be relevant if i'm running a
9:18 - 9:19

mail server i'm not but
9:19 - 9:21

we're not going to save the rule anyway
9:21 - 9:23

so let's click on we're going to do a
9:23 - 9:25

port rule and we're going to go next
9:25 - 9:29

is this going to be a tcp or udp port as
9:29 - 9:29

you can tell
9:29 - 9:31

right away in order to do this you need
9:31 - 9:32

to know which port numbers you're
9:32 - 9:34

working with what protocols you're
9:34 - 9:35

working with
9:35 - 9:38

so this for a mail server is going to be
9:38 - 9:40

tcp port 25
9:40 - 9:42

so i'm going to specify port 25 i really
9:42 - 9:44

don't want to specify all local ports
9:44 - 9:46

that's opening things up way too much
9:46 - 9:48

and notice i can set up more than one
9:48 - 9:50

port here you see their examples
9:50 - 9:52

separated by commas or a dash for a
9:52 - 9:53

range
9:53 - 9:56

i'm going to do port 25 and then
9:56 - 9:58

i have three options here i can allow
9:58 - 9:59

the connection allow
9:59 - 10:03

only if it's secure so these are ipsec
10:03 - 10:04

connections
10:04 - 10:07

or i can block the connection now
10:07 - 10:10

blocking connections is kind of weird
10:10 - 10:12

normally you don't need to block
10:12 - 10:13

connections
10:13 - 10:15

you just don't allow it if it's not
10:15 - 10:17

allowed it's blocked
10:17 - 10:19

but sometimes you'll have another rule
10:19 - 10:22

somewhere that's allowing something
10:22 - 10:24

and this particular type of traffic is
10:24 - 10:26

part of what's being allowed
10:26 - 10:28

but you really don't want this in that
10:28 - 10:29

case you might need to use
10:29 - 10:32

a block rule but your better option is
10:32 - 10:32

to
10:32 - 10:35

only create rules for the data that you
10:35 - 10:36

want allowed
10:36 - 10:37

and just let everything else be
10:37 - 10:39

automatically blocked
10:39 - 10:40

so i'm going to allow this because i'm
10:40 - 10:42

going to be running a local mail server
10:42 - 10:45

and then what profile do these apply to
10:45 - 10:47

domain private public
10:47 - 10:50

and i'm only going to run this when i'm
10:50 - 10:52

on a domain network
10:52 - 10:54

and click next and then i'm going to set
10:54 - 10:56

the name in the description for the rule
10:56 - 10:57

and click finish and that will
10:57 - 10:59

create the rule for me i'm going to
10:59 - 11:00

cancel that because i don't want to
11:00 - 11:02

actually do that
11:02 - 11:03

let's open up another rule here so that
11:03 - 11:06

we can look at once we get it created
11:06 - 11:08

this is going to be all the details for
11:08 - 11:10

it so this is a
11:10 - 11:12

rule 4 packet tracer so we got the name
11:12 - 11:14

of it the description whether it's
11:14 - 11:14

enabled
11:14 - 11:16

or not what it does it allows the
11:16 - 11:17

connection
11:17 - 11:19

we can look at the programs and services
11:19 - 11:21

that are allowed to use this
11:21 - 11:24

and then any remote computers are there
11:24 - 11:26

only specific computers that we want
11:26 - 11:29

are we going to make exceptions so by
11:29 - 11:31

default it's going to allow anything
11:31 - 11:34

but i can say you know what only allow
11:34 - 11:36

these specific computers
11:36 - 11:38

or skip this rule for these specific
11:38 - 11:39

computers
11:39 - 11:41

so i want packages to work with
11:41 - 11:42

everybody except
11:42 - 11:44

and then i can specify my specific
11:44 - 11:46

exceptions you can also identify
11:46 - 11:47

specific
11:47 - 11:50

uh protocols and ports so what if i
11:50 - 11:52

don't want packet tracer to use
11:52 - 11:55

all ports well i could specify specific
11:55 - 11:57

ports it would be allowed to use
11:57 - 11:59

obviously i'd have to modify the rule
11:59 - 12:00

but
12:00 - 12:03

um you see here where we can set it
12:03 - 12:05

we can set the scope so local ip
12:05 - 12:07

addresses remote ip addresses that we're
12:07 - 12:09

going to be connecting to
12:09 - 12:11

so i can say only allow packet tracer to
12:11 - 12:13

connect to specific remote i p
12:13 - 12:16

addresses rather than any of them and
12:16 - 12:16

then
12:16 - 12:20

the profiles the interface types
12:20 - 12:22

local principles are the specific users
12:22 - 12:23

that are allowed to do this
12:23 - 12:25

or not or are there remote users that
12:25 - 12:27

are allowed to use this rule or not
12:27 - 12:29

so you can see we can actually get very
12:29 - 12:30

very precise
12:30 - 12:34

in our windows firewall rules
12:34 - 12:37

which is great because it gives us
12:37 - 12:39

this screen with the windows firewall
12:39 - 12:41

with advanced security which gives us
12:41 - 12:43

very very detailed by the way
12:43 - 12:44

outbound rules work basically the same
12:44 - 12:46

way as inbound rules
12:46 - 12:48

except that outbound rules filter
12:48 - 12:49

traffic because it's leaving your
12:49 - 12:50

computer
12:50 - 12:52

inbound rules filter traffic is coming
12:52 - 12:54

into your computer
12:54 - 12:57

so these are probably the inbound rules
12:57 - 12:58

are probably going to be your little
12:58 - 12:58

more
12:58 - 13:01

important ones but one of the nice
13:01 - 13:03

things with windows defender firewall
13:03 - 13:06

is that it does give you the ability to
13:06 - 13:07

be
13:07 - 13:09

very very detailed here if you're doing
13:09 - 13:10

advanced security
13:10 - 13:14

but using your basic options
13:14 - 13:17

it still allows you to kind of customize
13:17 - 13:18

your network protection
13:18 - 13:21

your firewall protection a little bit
13:21 - 13:23

without being so overwhelming that
13:23 - 13:25

somebody who's not comfortable with
13:25 - 13:28

networking and firewalls is going to be
13:28 - 13:29

overwhelmed
13:29 - 13:33

and not do it

Title:: Configuring Windows Defender Firewall
Description:: more » « less
Video Language:: English
Duration:: 13:31

	OEVIDEOS edited English subtitles for Configuring Windows Defender Firewall
	OEVIDEOS edited English subtitles for Configuring Windows Defender Firewall

English subtitles

Revisions Compare revisions

Revision 2 Edited

OEVIDEOS
Revision 1 Uploaded

OEVIDEOS

	Revision Number	Author	Created
	2	OEVIDEOS
	1	OEVIDEOS

Configuring Windows Defender Firewall

Revisions Compare revisions

Our website uses cookies

Operating cookies (Required)