Windows firewall: Overhead or additional protection?

Too many times the value of built-in firewalls may be overlooked. In the course of administering servers, I’ve generally preferred to use firewalls via an appliance to dictate traffic patterns at the network level. Using firewalls, namely Windows firewall, that comes built-in with operating systems, I have generally preferred not to use. So much so, that I have committed to memory the command on modern Windows systems to disable the firewall service for all profiles:

netsh advfirewall set allprofiles state off

Read the entire post at the Network Administrator blog at TechRepublic.

image

Advertisements

3 responses to this post.

  1. Hi Rick,

    In my opinion, built in windows firewall is as useless as they come. In past 10 years, I have yet to see windows firewall do what it is suppose to do but so far all I’ve seen is it affecting production environment with blocked AD services, DNS not functioning properly because of it, not being able to join AD domain… I know, you can open those ports and get things to work but shouldn’t an intelligent OS/end point firewall already know the OS it is installed on needs to function?

    I’ve even seen techs troubleshoot an issue to death and at the end you find out it was the windows firewall. So, I have made it a ritual as well to disable windows firewall on new systems first thing since the time of windows xp pro sp2.

    Haroon

    Reply

  2. I’m not necessarily disagreeing with you, as most of the time we end up disabling it. As I said, I committed the disabling of Windows Firewall to memory.

    Reply

  3. Posted by DaveUK on August 27, 2010 at 6:22 pm

    There is a big difference between deciding to turn off a built-in firewall on a server/production machine vs. a home user turning it off (bearing in mind that many home users do not have any other form of protection against unsolicited inbound connections).

    Let’s be clear that home users should not turn the firewall off unless they know what their doing!

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: