Can anyone shed some light on these firewall entries in Windows 10. I think some were enabled by default that shouldn't have been - I'm just configuring the firewall after doing an upgrade from Win7 These ones look like they are for server/remote access/internal/etc so i've disabled them... World Wide Web (HTTP Trafic-in) World Wide Web (HTTPS Trafic-in) Message Queuing Inbound/outbound Dial protocol server Distributed Transaction Coordinator These ones I had no idea... so i disable them LINE windows_ie_ac_001 This one I have no idea, but i've read it's needed? so it's still enabled AllJoyn Router I've also disabled all inbound rules for Windows Apps - I've removed many anyway, but I've read they hog a fair bit of bandwidth and disabling inbound rules (+ disable running in background) keeps them quiet. Can anyone confirm? Also a general question - the only Apps/Softs I allow inbound access are my VOIP services - no browsers... i just enable the default rules for Core Networking & printing. Is there a security benefit to blocking inbound access for browsers or should i just let them have it?
ok - how about this... does anyone know a reason i should leave any of the above default rules enabled? or... who else has disabled these and other default rules? There's a ton of default 'allow' for window 10 firewall compared to windows 7
I have all of these rules removed from my Windows Firewall. I do not have any inbound rule and the outbound rules that I need are below. I can browse the Internet, chat on Skype, print on my network printer, connect to my local network resources. For other scenarios, probably I will have to add new firewall rules, but for now, these 10 rules are enough for me.
Great, thanks for the reply - I've been slowly cutting out more rules as I dig up more information - not sure I'll make it down to your lean list though
When you enable/disable some features from Windows (like Network Discovery, File and Printer Sharing), the operating system enables/disables some group names from the default set of rules. If you have removed these rules, then the operating system can't actually enable these functionalities because the rules from their corresponding groups are not there anymore. In this case, my recommendation is to reset your rules to the default set and start over with the removing carefully of the default rules.
rm22 I always use this site as a start Harden Window http://hardenwindows10forsecurity.com/ scroll down to Windows Advanced Firewall, turn on outbound blocking and logging. Dont delete anything just disable. Export your rules so you can keep a backup.
Good advice - I had to do this twice when I first started using WFC 'Secure rules' - I was too lazy and let too many rules get deleted Thanks for the link, I've used that site as well, but hadn't read through the FW rules I like the Binisoft Windows Firewall Controller for adding outbound filtering & to lock my inbound/outbound rules from being changed.
I have a licence for that as well, very good firewall. Just installed the Windows 10 Anniversary thought I'd start my security setup again. Just using Windows Firewall, Windows Defender, Umatrix, Smart Object Blocker.