Here are answers to some common questions about firewalls.

Show all

What is a firewall?

A firewall is software or hardware that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer, depending on your firewall settings.

Why do I need a firewall?

A firewall can help prevent hackers or malicious software (such as worms) from gaining access to your computer through a network or the Internet. A firewall can also help stop your computer from sending malicious software to other computers.

Even if you think there is nothing on your computer that would interest anyone, a worm could completely disable your computer, or someone could use your computer to help spread worms or viruses to other computers without your knowledge.

What does "allowing a program through the firewall" mean?

Allowing a program through the firewall, sometimes called unblocking, is when you create an exception to enable a particular program to send information back and forth through the firewall. You can also allow a program through the firewall by opening one or more ports. For more information, see Allow a program to communicate through Windows Firewall.

What are the recommended settings for Windows Firewall?

We recommend the default firewall settings:

  • The firewall is on.

  • The firewall is on for all network locations (Home or work, Public place, or Domain).

  • The firewall is on for all network connections.

  • The firewall is blocking inbound connections that do not match an exception.

How can I be sure that Windows Firewall is on?

Windows Firewall is on by default in this version of Windows. To make sure it has not been turned off, follow these steps:

  1. Open Windows Firewall by clicking the Start button Picture of the Start button, clicking Control Panel, clicking Security, and then clicking Windows Firewall.

  2. Click Turn Windows Firewall on or off. Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

  3. Click On (recommended), and then click OK.

What are some of the things that a firewall can't prevent?

  • E‑mail viruses

    E‑mail viruses are attached to e‑mail messages. A firewall can't determine the contents of e‑mail, so it can't protect you from these types of viruses. You should use an antivirus program to scan and delete suspicious attachments from an e‑mail before you open it. Even when you have an antivirus program, you should not open an e‑mail attachment if you're not positive it's safe. For more information, see Avoiding e‑mail viruses.

  • Phishing scams

    Phishing is a technique used to trick computer users into revealing personal or financial information, such as a bank account password. A common online phishing scam starts with an e‑mail message that appears to come from a trusted source but actually directs recipients to provide information to a fraudulent website. Firewalls can't determine the contents of e‑mail, so they can't protect you from this type of attack. For more information, see Phishing Filter: frequently asked questions.

Why can't I change some Windows Firewall settings?

If your computer is connected to a domain, your system administrator might be controlling those settings through Group Policy.

How do I view and edit all firewall properties?

You must be logged on as an administrator to perform these steps.

The new Windows Firewall with Advanced Security is a Microsoft Management Console (MMC) snap-in that provides more advanced options for IT professionals. With this firewall you can set up and view detailed inbound and outbound rules and integrate with Internet Protocol security (IPsec).

Follow these steps to open Windows Firewall with Advanced Security:

  1. Open Administrative Tools by clicking the Start button Picture of the Start button, clicking Control Panel, clicking System and Maintenance, and then clicking Administrative Tools.

  2. Double-click Windows Firewall with Advanced Security. Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

Note

  • You must be a member of the Administrators group or the Network Operators group to use Windows Firewall with Advanced Security.

For more information about Windows Firewall with Advanced Security, go to Windows Firewall with Advanced Security - Content Roadmap and Windows Firewall with Advanced Security Getting Started Guide on the Microsoft website.

What happened to the ICMP and logging settings in Windows Firewall?

You must be logged on as an administrator to perform these steps.

To find ICMP and logging settings, open Windows Firewall with Advanced Security.

  1. Open Administrative Tools by clicking the Start button Picture of the Start button, clicking Control Panel, clicking System and Maintenance, and then clicking Administrative Tools. Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

  2. Double-click Windows Firewall with Advanced Security.

To change logging settings:

  1. Under Public Profile, click Windows Firewall Properties.

  2. Click the tab for the profile that you want to change.

  3. Under Logging, click Customize.

  4. In the dialog box that appears, change the settings you want to change, and then click OK.

You can specify ICMP settings by creating inbound or outbound rules using the ICMPv4 or ICMPv6 protocol.

Can I use more than one firewall on my computer?

Yes, but running more than one firewall program at the same time could cause conflicts. It's best to just use one firewall program.

If I have a router with a built-in firewall, should I also turn on Windows Firewall?

Yes, because router-based firewalls only provide protection from computers on the Internet, not from computers on your home network. For example, if a mobile computer or guest computer connects to some other network, becomes infected with a computer worm, and then connects to your home network, your router-based firewall won't be able to prevent the spread of the worm. However, a firewall running on each computer on your network can help control the spread of worms.

When I try to restore my Windows Firewall settings to what they were originally, I see a warning message. What does this mean?

If you have allowed certain programs through the firewall, those settings will be lost for all network locations, not just the location of the network that you are currently connected to, and the programs you allowed will now be blocked by the firewall.

What else besides a firewall do I need to help protect my computer?

You should do three things:

  • Turn on Windows automatic updating and make sure that updates are automatically installed on your computer. For more information, see Change how Windows installs or notifies you about updates.

  • Get a good antivirus program and keep it up to date by regularly downloading updates from the program manufacturer's website. Many antivirus programs update automatically. For more information, see How can I help protect my computer from viruses?

  • Use Microsoft‌ Windows Defender or another antispyware program. These programs can help protect your computer from spyware and other malicious software. For more information about Windows Defender, see Using Windows Defender.

Why do multiple instances of the same program appear on the Exceptions tab?

If you install, uninstall, or re-install a program when you are connected to different networks, several instances of that program can appear on the Exceptions tab. This is because if each network that you connect to has a different network location, you must create an exception for each category. For example, you might create an exception while you are connected to a "Public place" network, and then, later, you might connect to a "Home or work" network and create that exception again.

This can also happen when Group Policy is applied.