Windows Firewall may not be enough protection for Your Device

 

You may believe that Windows Firewall provides adequate protection, however this is not the case. Microsoft asserts that their firewall is adequate, yet here are some reasons why it is not:

Why no?

Because security requires more than just a firewall. A firewall protects you from some types of threats, such as worms and port scans. A firewall, on the other hand, offers virtually little to protect you from viruses and other security risks. You must continue to use antivirus software. You must still allow your computer to update once a month. You need to run a supported Windows version. Your e-mail still requires spam filtering. Allow your machine to install monthly security updates. And I strongly urge you to switch your DNS server to one that prevents malware domains.


All of these things are important. Which one is more important depends on your unique situation. Firewalls are very advantage for someone who travels a lot and is always connecting to hotel and restaurant and airport wifi. Firewalls are less important for desktop PCs that spend their entire life sitting on one trusted network.

Windows Firewall enough protection? Yes!

Windows Firewall provides adequate firewall protection. A third-party firewall is not required. All third-party firewalls do is increase the number of notifications or questions you are asked, effectively turning them into nagware.

I dislike nagware. Nagware inevitably leads to two extremes: saying yes to everything and saying no to everything. If you say yes too often, you will lose your security. Nothing works if you say no too often, and your computer becomes a glorified Etch-a-Sketch.


Windows Firewall strikes an appropriate balance. It protects you when you connect to wifi networks in coffee shops, as long as you tell Windows that you're connecting to a public network. It rarely bothers you and rarely gets in your way. When it does block something, it is simple to unblock it.

We ran Windows Firewall on every PC on the network in the most secure business environment I've ever worked in. We had policies in place that prevented workstations from communicating with one another and even with some servers. PCs that needed to talk to each other might, but if two PCs had no reason to talk, we had rules that prevented them from doing so.

So the Windows Firewall is good enough to be an integral part in a really paranoid company’s security. But it wasn’t the only thing that company did. Which leads me to the counter-argument.


Firewalls don’t make you invisible or invincible

Unfortunately, some people recall Steve Gibson's turn-of-the-century rhetoric that a firewall renders you invisible on the Internet and, as a result, believe that if you have a decent firewall, you're invincible. Every year, large corporations spend millions of dollars on security. A strong corporate firewall can set you back roughly $20,000. They purchase far more than just firewalls.

Some opportunistic attacks do hit firewalls. But a modern attack is much more likely to come via e-mail or a web page. So while you need a firewall to block those opportunistic attacks, being immune to network attacks doesn’t make you invincible. This is a little morbid, but think of it like a bulletproof vest. It protects you from bullets. But it won’t do much to keep you from getting hit by a bus.

But my computer is acting funny. How do I know it’s not hackers?

I have seen people get paranoid about hackers, buy aggressive security tools, and turn every setting up to the max. Then their computer quits working right. And then what? They blame hackers.

I don’t chase hackers for a living, but I’ve chased down enough of them that I can tell you if a competent hacker is on your computer, you won’t know it.

More often than not, a malfunctioning computer is due to misconfigured or poorly behaved software. What do you have installed besides what came with your operating system? I install an office suite, Chrome, sometimes Firefox, an image editor, an image viewer, and that’s about it. I rely on the firewall and antivirus that come with Windows 10. I use software that has a good reputation, downloaded from the people who published it.

Is the Windows Firewall sufficient security if you do this? Yes, in conjunction with antivirus software and the installation of updates. I don't had any issues with hackers or anyone else. Neither do the other people I know who practice those practices.

If you're experiencing issues, I recommend installing a fresh copy of Windows, followed by reputable core apps from the original vendor, rather than a warez site or other sources. Then, if you need anything other than the fundamentals listed above, install them one by one and keep an eye out for difficulties. You've located your culprit when the problems resurface.