How to Work with the Outbound Windows Vista Firewall - dummies

How to Work with the Outbound Windows Vista Firewall

By Woody Leonhard

So you know that there’s both an inbound and outbound firewall, but you can’t figure out how to get the outbound firewall in Windows Vista to work. You are not alone. Working with the outbound Windows Vista Firewall is a pain in the neck. The reason? Microsoft “forgot” to build an interface for the outbound firewall.

Why would Microsoft “forget” to build that interface? Probably because getting an outbound firewall to work reasonably well is an enormously hairy problem. The customer support budget for a “consumer” outbound firewall can start to look like the national debt of some small countries in a hurry.

Outbound firewalls can be so complicated because to make an outbound firewall useful, you have to preload it with a bunch of exceptions for common programs. Then you’ve got to step each customer through a double-edged learning process — a process in which the firewall learns which programs are allowed to send data out and the customer learns to identify suspicious-looking outbound activity. Vista’s outbound firewall doesn’t have any of those capabilities. It’s as though Microsoft just stopped about halfway along the path toward building a decent firewall.

In theory, getting into the outbound side of the Windows Firewall isn’t all that difficult. But in practice, well, the devil’s in the details.

  1. Click Start, type firew, and press Enter.


    Vista makes you click Continue through a User Account Control dialog box and then shows you the Microsoft Management Console, with Windows Firewall with Advanced Security (WFwAS) loaded. Note that for all profiles types, the outbound firewall in Vista is turned off by default.

    Note how WFwAS maintains three separate profiles, one called Domain (to be used when you’re attached to a Big Corporate Network), one for Private (associated with the Private network connection type, which incorporates both Home and Office choices), and one for Public (associated with the Public network connection type).

  2. On the left, double-click the entry marked Outbound Rules.


    Vista shows you an enormous array of outbound rules, like the one in this figure — none of which matter as long as the outbound firewall is turned off.

  3. If you want to create a rule that prevents a specific program from sending data out of your PC, on the right, under Actions, click New Rule.


    Vista’s New Outbound Rule Wizard takes you through the steps to create a rule that blocks a specific program or port.

    Because the outbound firewall is such a hairy process, it can be risky making changes here. With the wrong rule, you risk completely trashing your computer’s ability to communicate.

  4. Choose File→Exit to exit the WFwAS main dialog box.