What is a Windows Firewall with Advanced Security?
Windows Firewall with Advanced Security is a built-in firewall that can be used to protect the Operating system and filter all network traffic. In addition, it allows you to restrict access to a computer from an external network and allow or block internet access for installed apps and services.
Understanding Inbound, Outbound & Connection Security Rules:
Three important types of rules occur in Windows Firewall with Advanced Security:
Inbound Rules - These rules can be applied to traffic coming into your Windows computer or device from your network or the Internet. For example, if you download a file via BitTorrent, an inbound rule will filter the download of that file.
Outbound Rules - These rules apply to traffic leaving your computer to your network and the Internet. For example, searching an article on how to enable TLS 1.2 in Windows 7 on the internet is outbound and is filtered by outbound rules. When a website is downloaded and loaded by a browser, it's inbound traffic.
Connection Security Rule - It is a less common rule used to secure traffic between two specific computers as it traverses a network. It is used in very controlled environments with unique security requirements. Unlike inbound and outbound rules, which apply only to computers or devices, connection security rules require the same rules to apply to both computers involved in communication.
How to prevent access of a Windows program from specific IP using a Windows firewall?
Below are the steps on how to prevent access of a Windows program from a specific IP address using the Windows Firewall.
Step 1: Click on the Start button on the screen's bottom left side. After then, click on the Administrative tools option.
Step 2: Once you click on it, a new window will be opened with the name administrative tools. Search Windows Firewall with Advanced Settings and click on it.
Step 3: In the Windows Firewall with Advanced Security window, click on the Inbound Rules.
Step 4: Go to the right side of the screen and click on the New Rule option.
Step 5: In the New Inbound rule wizard, select the custom option to create a custom rule. Click on the Next button to proceed further.
Here, we have selected a custom rule because it can block both programs and ports or a specific combination of both. You can also select the program rule to block the access of the application for a specific IP.
Step 6: In the Program window, select this program path option and browse the application you want to block for a specific IP address. Here, we have chosen Firefox browser as an example. Click on the Next button to go to the next window.
Step 7: Keep the options as it is in the Protocol and Ports window. Click on the Next button.
Step 8: In the Scope window, go to the option "Which remote IP addresses does this rule apply-to?" and select These IP addresses' radius button.
Step 9: Click on the Add button to add the IP address from which you do not want to access the application.
Step 10: Once you click on it, a new window will be opened with the IP address. Enter the IP address in the This IP address or subnet field.
If you want to block the application for a specific IP address range, select This IP address range and click on the Okay button to add the IP address.
Step 11: By clicking on the Okay button, the IP address will be added in these IP addresses field. Click on the Next button to proceed further.
Step 12: In the Action window, Select the option Block the connection because we want to prevent the application's access from the specific IP address. Then, click on the Next button to go to the next window.
Step 13: In the Profile window, you are asked to select when the rule applies. This means the network location when the rule is applied:
Domain – the rule is applied only when the computer is connected to a network domain.
Private – the rule is applied only when the computer is connected to trusted private networks.
Public – the rule is applied only when the computer is connected to untrusted public networks.
Ensure that you have ticked all three options Domain, Private and Public. Click on the Next button to go to the next window.
Step 14: In the Name window, you need to define a name for the rule so you can quickly identify it in the firewall rule list. Enter the name in the Name field. Here, we have entered Blocked the Firefox browser for a specific IP address.
The description field is optional. If you want to mention additional information about rules, then you can enter in this field. Click on the finish button to add the rule.
Step 15: Once you click the finish button, the rule will be created and listed under the Inbound Rules section. It will be visible in the Red color.