windows firewall needed by 3rd party applications

Ever since using CIS I have always disabled the windows firewall. Now, using windows 7, I have disabled the windows firewall service rather than deconfigure any of the windows 7 firewall options.

I have encountered a couple of problems with having windows 7 firewall turned off:

  • Can not enable windows rdp server
  • Some installers (Rosetta stone for example) expect to find the windows firewall service active in order to add rules, otherwise the installer bails out.

I expect the Rosetta MSI installer will complete OK if windows firewall is turned on just whilst it installs. Incidentally, the fact an application can silently create windows firewall rules is disconcerting.

WRT to remote desktop server, is it the same sort of thing, or does it require windows firewall turned on all the time in order to work?

What are the suggested workarounds?

Thanks for any help.

You enabled windows firewall; In windows vista/7 (I believe 7) you have to have windows firewall enabled to do many things (File sharing/PrinterSharing etc etc) - From what i hear of course;

I believe you won’t notice anything major except a pop up from windows firewall here and there because it doesn’t have a whitelist like CIS does.

Hope this helps

Jake

Thanks Jacob.

So, are you suggesting I just leave the windows 7 firewall running all the time?

First, What are your system Specs? :CPU/RAM/Operating system:

Jake

Hey and warm welcome to the forum! :slight_smile:

You could have WF(Windows Firewall) on as long as CF(Comodo Firewall) and WF don’t conflict. I had WF and CF at the same for some days but nothing happened. You have to see.

Regards,
Valentin N

So is it a good idea to have Windows Firewall enabled?

I’ve always had it disabled without finding any problems. What about everyone else (excepting those who already commented above ;D)?

In this case; File Sharing;Printer Sharing is needed so Windows Firewall is enabled;
Install Vista/7 and Enable Filesharing without the firewall and send a screenshot :stuck_out_tongue:

Jake

The Windows Firewall has several dependencies as you may have noticed. See attached image.

You can try to set the Windows Firewall Service to manual instead of automatic.

[attachment deleted by admin]

My work around, and it seems to have worked, was to temporarily enable the windows firewall service whilst I installed Rosetta stone and enabled RDP server. They both needed the firewall service up in order to create (in this case redundant) firewall rules. But neither application looks for the windows firewall service once running.
I then disabled the windows 7 firewall again.

Both Rosetta stone and inbound rdp connections work without the windows firewall service running.

I was surprised that Comodo did not alert me to an inbound RDP connection. Then, I spotted a firewall entry for ‘System’ wildcard that appears to encompass evertything in the windows/system(32) directory. This had a single rule to allow all inbound/outbound traffic. I have modified that rule to now to log and ask and I will add specific rules accordingly.

If it is the case that the windows firewall service must be running in order for certain things to work, then it defeats the object of accomodating 3rd party firewall applications (which windows does seem to recognise). Running two firewalls may work OK but it’s a waste of resources, must introduce some latency and is an administritive headache.

What would be good is if WFW allows rule creation whilst not actually running.

There are services listed there that are required by the firewall service itself.
But as I read it, that dialog shows there aren’t any services that depend on the firewall. Makes sense as I can’t see any reason why something would need it. That’s assuming it does nothing other than packet filtering.

Jake, I think this is a similar issue to that which I experienced installing certain applications and switching on server processes like rdp.

I believe windows will complain if you try to globally enable/disable shares whilst the firewall service is off. When turning on/off sharing, it is trying to create/delete certain firewall rules. Therefore, it’s only necessary to run the windows firewall service whilst you globally turn on/off sharing. Once activated, you can then delete and create print/file shares without re-enabling the windows firewall. I can confirm that I have accessible non-default shares that are still available whilst the windows firewall is off, even after reboot.