Since the release of Service Pack 2 for Windows XP, Microsoft has bundled their custom-made firewall with each download. This firewall even made the transition to Windows Vista, which seemingly shows that Microsoft is serious about cracking down on security breaches users might encounter. The big question is - is it effective enough to save you from spending more money on security software?
Not all Firewalls were Created Equal
Almost every firewall on the market today will provide two types of protection against incoming attacks: restricting “bad” traffic coming into a network, and restricting the same “bad” traffic from leaving the network. Apparently Microsoft forgot these two basic principles of security in the Windows XP release, and in fact does not restrict outgoing traffic. This single fact means that as long as items such as Trojans, viruses, and other malicious pieces of code are downloaded - they are free to communicate with their maker and to do their bidding.
So, what then, is this Microsoft firewall trying to prove? Apparently, the “firewall” that shipped with Windows XP SP2 was not much of a firewall. Its main goal was to provide the most basic protection against intrusions, and help against attacks from worms. Microsoft even states in its knowledge base that the firewall they provide in Windows XP SP2 will not protect against many types of intrusions or threats - including spyware, adware, spam, and many other threats.
If You Made the Switch to Windows Vista, You’re in Luck!
If you weren’t hesitant about making the switch to Windows Vista, you will be rewarded with an upgraded firewall. This time, it earns the right to be called a firewall - as it restricts outbound traffic! Even with this fix, there are a few kinks to workout with the program. First, even Microsoft admits that the right malicious code could turn Windows Firewall off - something other firewalls will do automatically when installing. If it is this easy to turn it off, just how safe are users who depend on it for protection?
When pressed for answers, Microsoft told analysts that the Windows Firewall is simply a tool to aid in restricting access to a computer. If it fails, it is the job of an antivirus or spyware removal tool to do their respective jobs. When pressed for answers on the lack of outbound traffic restrictions in the Windows XP edition, they claim it is the job of yet other programs to determine whether or not the outbound traffic is good or bad. Clearly, even Microsoft is starting to admit that their firewall isn’t too handy. Just like the Windows XP version, the Windows Vista firewall is likely to fail at desperate times.
Weighing Your Options
Just like every other firewall, there are benefits and pitfalls that have to be considered when deciding on what to ultimately use. Windows Firewall is obviously free - however, so are many other more capable firewalls. Past this benefit, it’s tough to say anything good about the level of security it provides. Spam, spyware, adware, Trojans, and other malicious programs are flat-out unprotected against. In fact, only the most basic protection is being offered here. If money is indeed an issue, taking a look at other free solutions will be the best choice - just so long as Windows Firewall isn’t being depended on. The idea was nice, but Microsoft just seemed a little too busy pushing the idea into production to make it worth anything.
Windows Firewall can be considered to be the most basic of all firewalls. The security flaws, lack of options, and unreliability are enough to make anyone search for alternatives. It is highly recommended that a different firewall be used when trying to securitize a network or home computer. In fact, using Windows Firewall at all is not recommended. You should never run two or more firewalls at once - so as soon as a replacement is found, it is a good idea to shut Windows Firewall down for good.
We aren’t exactly sure where Microsoft was going with the release of this firewall, as it seems more like an unfinished product. If you haven’t already, shut it down and install a more worthy firewall.