Microsoft is now ready to introduce a highly configurable new firewall application in the next-generation operating system, Windows Vista. This type of firewall is designed to provide administrators with greater control over which applications are allowed to operate.
Just one month after being tested within Microsoft’s Community Technology Preview, this new firewall application has quickly developed and is ready for its final release when Vista officially launches later this year.
The new firewall application is referred to as a “two-way firewall” because it has the capability to filter network packets in both directions – inbound and outbound. This means the application can be used to block systems attempting to connect to the computer running the firewall, as well as applications on the computer running the firewall that want to connect to external networks.
The ability to block outbound network traffic was not available in the built-in firewall of Windows XP. This feature is hoped to become a new strength in Vista. By utilizing this new two-way firewall system, administrators can ensure that their PCs, for example, are only used for sending and receiving instant messages. “If you try to use a different IM application than the one that is permitted, that application will be immediately blocked. This is truly something we want to offer system administrators in businesses.”
The two-way firewall version tested in the Community Technology Preview last month was Build 5270. However, this firewall version was quite difficult to use and seemed more like a “monstrous” application than what the testing community had hoped for.
“After installing the Windows Vista Build 5270 firewall and testing all the security features in the Control Panel, we can conclude that Windows Firewall hasn’t changed much,” a member of the testing community reported.
To access the features of this new firewall type, users of the Vista operating system need to create a customized management console and configure it to run Windows Firewall with Advanced Security.
This management console can operate in two modes. It can function in “single machine mode” to control only the PC with the firewall installed, or it can be configured to use Active Directory to set policies applicable to a large number of different systems. “If we have more than 10,000 different systems, we can set a policy to block various applications across multiple systems.”
While there are currently many security applications with similar capabilities, the fact is that integrating two-way blocking features within an operating system will make administration easier for enterprise system administrators.
Although this firewall version – Windows Filtering Platform – has been completely rewritten for Windows Vista, most users will not pay much attention to the differences between the firewall version in Windows XP and this new two-way firewall version.
“In fact, there are two different firewall management modes in the Vista firewall version. If you access Control Panel | Firewall, you will only see the traditional management console as in Windows XP. If you switch to another console, you will see Windows Firewall with Advanced Security, where you can find the inbound/outbound filtering feature.”
The Windows Filtering Platform is applied in both management modes of the new two-way firewall version in Vista and has been programmed to enhance Windows’ ability to manage inbound and outbound traffic flows, helping software work more efficiently on the Windows operating system kernel.
Microsoft is currently considering plans to add outbound network traffic filtering features to firewall versions in operating systems prior to Windows Vista. However, first, the company must ensure that this two-way firewall is user-friendly.
