Since the release of Windows XP and, later, its companion Windows Server 2003, Microsoft have packaged a basic firewall with its operating systems. Formerly known as “Internet Connection Firewall”, this has become a popular addition to the bundled packages, with many users finding it effective for basic firewalling of their internet connections.
But is there a downside to using it? After all, it is a free firewall, simplified and integrated into the operating system… what could be better?
Well in the context of a business-oriented server, almost anything, actually.
The benefits of Windows Firewall to home users are fairly obvious, and can effectively protect a home PC from inbound attacks from the vast number of hackers on the internet. The problems for servers arise due to their usually “remote” nature.. ie. locked up in a server room in the basement, or even 100 miles away in a world-class datacentre such as our own(!)
The firewall runs as a service within Windows itself and, although it will likely spend most of its time disabled, it can be activated by the occasional Windows Update, and can then lock you out of the server altogether, involving costly technician intervention. The default Windows Firewall configuration may well allow your webserver to run, but can block RDP for remote desktop administration, or even ICMP Ping, often used for checking a system’s “alive status”. We regularly take calls from customers whose Windows Firewall has been accidentally enabled.
When you use the firewall’s control panel, you have the option to turn it “On”, or “Off”, but this is not a secure method of deactivation. We recommend disabling the Windows Firewall service entirely from within Control Panel > Administrative Tools > Services.
Even a third-party firewall may give you problems if it is run on the server it is intended to protect. The best practice option is to either opt for a hardware-based firewall or even a small computer set up as an internet security device to go between your critical server and the internet.
Here at Melbourne, we offer an Enterprise-Class shared firewall solution called “Ultrafire” which uses a simple but powerful web-based interface for setting up rules, network aliases and IP services. More details can be found here: http://www.melbourne.co.uk/ultrafire.htm
In conclusion then, it’s best to view Windows Firewall as a handy utility for home use, but to completely disable it if you are running a server.
This entry was posted on Thursday, February 19th, 2009 at 10:18 pm and is filed under Helping Hints from our Techies. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
