Find and Use the Windows 10 Firewall

How to use the Windows 10 Firewall

An image of a firewall separating laptops, a server, and various other computers.
Figure 1-1 A firewall keeps users safe by protecting the data that goes in and out of the machine.

All Windows computers include features that protect the operating system from hackers, viruses, and various types of malware. There are also protections in place to prevent mishaps that are brought on by the users themselves, such as the unintentional installation of unwanted software or changes to crucial system settings. Most of these features have existed in some form for years. One of them, Windows Firewall, has always been a part of Windows and was included with XP, 7, 8, 8.1, and more recently, Windows 10.

It’s enabled by default. Its job is to protect the computer, your data, and even your identity, and runs in the background all the time.

But what exactly is a firewall and why is it necessary? To understand this, consider a real-world example. In the physical realm, a firewall is a wall designed specifically to stop or prevent the spread of existing or approaching flames. When a threatening fire reaches the firewall, the wall maintains its ground and protects what’s behind it.

Windows Firewall does the same thing, except with data (or more specifically, data packets). One of its jobs is to look at what’s trying to come into (and go out of) the computer from websites and email, and decide if that data is dangerous or not. If it deems the data acceptable, it lets it pass. Data that could be a threat to the stability of the computer or the information on it is denied. It is a line of defense, just as a physical firewall is.

This, however, is a very simplistic explanation of a very technical subject. If you’d like to dive deeper into it, this article “What is a Firewall and How Does a Firewall Work?” gives more information.

Why and How to Access Firewall Options

Windows Firewall offers several settings that you can configure.

For one, it’s possible to configure how the firewall performs and what it blocks and what it allows. You can manually block a program that’s allowed by default, such as Microsoft Tips or Get Office. When you block these programs you, in essence, disable them. If you’re not a fan of the reminders you get to buy Microsoft Office, or if the tips are distracting, you can make them disappear.

You can also opt to let apps pass data through your computer that aren’t permitted by default. This often occurs with third-party apps you install like iTunes because Windows requires your permission to allow both installation and passage. But, the features can also be Windows-related such as the option to use Hyper-V to create virtual machines or Remote Desktop to access your computer remotely. 

You also have the option to turn off the firewall completely. Do this if you opt to use a third-party security suite, like the anti-virus programs offered by McAfee or Norton. These frequently ship as a free trial on new PCs and users often sign up. You should also disable the Windows Firewall if you’ve installed a free one (which I’ll discuss later in this article). If any of these are the case, read “How to Disable the Windows Firewall” for more information.

Note: It is vitally important to keep a single firewall enabled and running, so don’t disable the Windows Firewall unless you have another in place and don't run multiple firewalls at the same time.

When you’re ready to make changes to Windows Firewall, access the firewall options:

  1. Click in the Search area of the Taskbar.
  2. Type Windows Firewall.
  3. In the results, click Windows Firewall Control Panel.

From the Windows Firewall area you can do several things. The option to Turn Windows Firewall On or Off is in the left pane. It’s a good idea to check here every now and then to see if the firewall is indeed enabled.

Some malware, should it get by the firewall, can turn it off without your knowledge. Simply click to verify and then use the Back arrow to return to the main firewall screen. You can also restore the defaults if you’ve changed them. The option Restore Defaults, again in the left pane, offers access to these settings.

How to Allow an App Through the Windows Firewall

When you allow an app in Windows Firewall you choose to allow it to pass data through your computer based on whether you’re connected to a private network or a public one, or both. If you select only Private for the allow option, you can use the app or feature when connected to a private network, such as one in your home or office. If you choose Public, you can access the app while connected to a public network, such as a network in a coffee shop or hotel. As you’ll see here, you can also choose both.

To allow an app through the Windows Firewall:

  1. Open the Windows Firewall. You can search for it from the Taskbar as detailed earlier.
  2. Click Allow an App or Feature Through Windows Firewall.
  3. Click Change Settings and type an administrator password if prompted.
  4. Locate the app to allow. It won’t have a check mark beside it.
  5. Click the checkbox(es) to allow the entry. There are two options Private and Public. Start with Private only and select Public later if you don’t get the results you want.
  6. Click OK.

How to Block a Program with the Windows 10 Firewall

The Windows Firewall allows some Windows 10 apps and features to pass data into and out of a computer without any user input or configuration. These include Microsoft Edge and Microsoft Photos, and necessary features like Core Networking and Windows Defender Security Center. Other Microsoft apps like Cortana might require you to give your explicit permissions when you first use them though. This opens the required ports in the firewall, among other things.

We use the word “might” here because the rules can and do change, and as Cortana becomes more and more integrated it could be enabled by default in the future. That said, this means that other apps and features could be enabled that you do not want to be. For instance, Remote Assistance is enabled by default. This program allows a technician to remotely access your computer to help you resolve a problem if you agree to it. Even though this app is locked down and quite secure, some users do consider it an open security hole. If you’d rather close that option, you can block access for that feature.

There are also third-party apps to consider. It’s important to keep unwanted apps blocked (or possibly, uninstalled) if you don't use them. When working through the next few steps then, check for entries that involve file sharing, music sharing, photo editing, and so forth, and block those that don’t need access. If and when you use the app again, you’ll be prompted to allow the app through the firewall at that time. This keeps the app available should you need it, and is thus better than uninstalling in many instances. It also prevents you from accidentally uninstalling an app that the system needs to function properly.

To block a program on a Windows 10 computer:

  1. Open the Windows Firewall. You can search for it from the Taskbar as detailed earlier.
  2. Click Allow and App or Feature Through Windows Firewall.
  3. Click Change Settings and type an administrator password if prompted.
  4. Locate the app to block. It will have a check mark beside it.
  5. Click the checkbox(es) to disallow the entry. There are two options Private and Public. Select both.
  6. Click OK.

Once you’ve done this, the apps you’ve selected are blocked based on the network types you’ve selected.

Note: To learn how to manage the Windows 7 Firewall, refer to the article “Finding and Using the Windows 7 Firewall”.

Consider a Free Third-Party Firewall

If you would rather use a firewall from a third-party vendor, you can. Remember though, the Windows Firewall has a good track record and your wireless router, if you have one, does a good amount of work too, so you don’t have to explore any other options if you don’t want to. It’s your choice though, and if you want to try it out, here are a few free options:

  • ZoneAlarm Free Firewall – ZoneAlarm has been around for a very long time and is a trusted name. It protects your computer on many levels from hiding open ports to real-time security updates. It’s easy to download and set up and doesn’t require a lot of attention once it’s running. Explore ZoneAlarm Free here.
  • TinyWall – Simple to use, effective, and non-intrusive, this firewall is a good choice for those users with only a little experience but a healthy curiosity. Download TinyWall safely from CNet.
  • Comodo Firewall - This firewall comes with a full security suite and is best for more advanced users. It includes automatic updates but not a lot of built-in help. Check out Comodo here.

For more information about free firewalls, refer to this article "10 Free Firewall Programs".

Whatever you decide to do, or not do, with the Windows Firewall, remember that you need a working and running firewall to protect your computer from malware, viruses, and other threats. It’s also important to check every now and then, perhaps once a month, that the firewall is engaged. If new malware gets by the firewall, it can disable it without your knowledge. If you forget to check though, it’s highly likely you’ll hear from Windows about it through a notification. Pay attention to any notification you see about the firewall and resolve those immediately; they'll appear in the notification area of the Taskbar on the far right side.