Windows firewall

As a third party firewall vendor I just want to know if your product can work side by side with windows firewall as windows advises third party firewall vendors not to disable it as that the Windows firewall is connected to some other (non-firewall) features, such as IPSec.

You should never run two firewalls at the same time. You can disable the Windows Firewall, but you must leave the Windows Firewall service on because processes such as Event Logging depend on it for some reason.

Well microsoft advises firewall vendors not to turn off windows firewall not just the service, I am not sure why but microsoft must have their reasons. So in effect maybe windows firewall is sort of semi disabled or something but still able to do it’s thing.

It’s also here Avast WEBforum - Index as their firewall keeps windows firewall on for the reasons above.

First time that i see this, only one thing even the security center says when you have more than one firewall activated that you shouldn’t use 2 firewalls enabled ate the same time…

That’s microsoft for you.

Sometimes some personal firewall software aren’t automatically turn windows firewall off.
It should be disable before install firewall software.

Note : That’s my suggestion.

Bottom line is that Windows Firewall isn’t needed when CFP/CIS is running.

Comodo is a bit quirky in this respect. On my machines, installing it will not automatically disable the Windows firewall. However, on both of my sister’s machines, it does. Don’t ask me why…

Bottom line to whom? I think microsoft would say differently…As they have said.

Where have they said this? Link please!

And no, a link to another forum where someone says this is what they say to do doesn’t cut it…

If they really thought this, I don’t think their very own security center would mention the fact that you have two firewalls running which isn’t a good idea, and supply a link you to the help file that actually tells you to turn the Windows firewall off if you want to use another firewall…

[b]Why you should only use one firewall[/b]

If you have more than one firewall installed on your computer, you should not have both firewalls turned on at the same time. Two firewalls turned on at the same time can cause compatibility problems that result in some programs not working correctly.

To help protect your computer against viruses and other security threats, you should always have one firewall installed and turned on. Windows includes a firewall that is turned on by default. (However, some computer manufacturers and network administrators might turn it off.) If you want to install and run a second firewall, turn off Windows Firewall.

Obviously MS is going to say something different. It’s called marketing. They want people to use their firewall…

Its very simple. Windows Firewall on XP is inbound only. They have no outbound control. With vista and 7 they have outbound control but its no where near that of a 3rd party one.

One can have as many inbound firewalls as they choose. Hell most of us use routers but we still have firewalls. A multiple layer of inbound only firewalls dosent hurt, only induces lag and more work for the administrator (as he/she will have to open ports in many different interfaces).

Having XP firewall alongside your 3rd party is neither good nor bad it just it.

Eg. configure CIS to control only outbound connections and create rules for them. Dont use any inbound rules. Use XP firewall to control inbound only and have such rules. I dont see the extra worth of the effort, but hey it can be done. One reason could be that windows inbound is really simple (for file sharing etc etc within a network) whereas CIS’s outbound is excellent.

With 7 this changes a bit as they have outbound too. IMO, There is little reason besides leaktests to use a 3rd party wall with 7. Caveat: havent used 7 so i dont know how effective their outbound wall is.

ps. security centre is just a gimmick. I dont know any (advanced) user who uses it.

Actually, there is a big difference between running a hardware and a software firewall as opposed to running two software firewalls… 88)

As the hardware firewall is outside your machine, the two will not be competing for resources/network traffic. Everything hits your hardware firewall first, then it passes stuff on and your software firewall gets a chance to act. The two are completely separate entities. No interaction whatsoever.

With two software firewalls, they are both at the same time trying to intercept your network traffic as well as competing for system resources. Not hard to imagine this isn’t always going to end well…

“Advanced users” don’t realize this? :wink:

Think of it a bit like this. You want to put two large security doors on your house to keep you safe. The logical approach I think from anyone’s viewpoint would be to mount the doors in separate frames. Instead you have a contractor that wants to mount both doors using the exact same set of hardware telling you there would be no problems. Sounds perfect to me, install those doors!

they will not compete for traffic but they WILL filter it. its redundant … i see no use in using both, but people do. A hardware router is only good for blocking incoming and some outgoing services. It will not filter out applications. Neither does XP’s wall. So if you have XP + CIS i see no problem whatsoever. Hardware router=a bunch of code on another machine. Software router=a bunch of code on your machine. same code, same functions. most routers have 4-16mb memory so they are pretty cheap programs.

Try this (or you can use it as a thought experiment): install an anti-excutable(CIS does fine). Enable SRP. Try to run a file… what happens? Windows ALWAYS intercepts the file first. you dont even get an alert from your program, you get a windows alert.

Same is for its firewall functions. Block Domain using IPSEC and then using CIS. its filtered using ipsec. Hooking the kernel is not the same as being the kernel. Windows will always intercept ‘stuff’ faster. So you can using xp wall + cis or any other.

i am not saying you should use 2-3-4-5 firewalls. i am saying you can use 2, but its useless. its almost the same as using multi antivirus. eventually all catch the big malware. in the beginning i.e. 0-day none will. grin

ps. advanced users = dont use any products. :stuck_out_tongue: they just talk a lot. he he he.

It’s not a good idea to run more than one active AV at a time either…

You should turn off the Windows Firewall when using CIS, or any other Firewall program. You cannot, however , remove it and it’s associated services without causing problems with things such as detection of routers and other UPnP devices. Some programs also need to have exceptions in the Windows Firewall settings even if it is not being used. Turn it off in the security center and don’t go any further than that.

As well as having Windows Firewall turned off in the Security Center I also have the “Windows Firewall / Internet Connection Sharing (ICS)” feature turned off in Services. I have had it this way a long time and never noticed any negative aspects to having it turned off.?.

Thanks Renaebayos, yes mine is also a standalone desk top PC. Would it be advisable to switch it on again?.

Hi bluesjunior,

that is not necessarily “advisable”. That depends on circumstances/usage, as Guys pointed above.

The discussed service is for Internet Connection Sharing.

If your computer is standalone you don’t need it.
The networked computers may not need the said service too.

If you have a router with one port and you created the network (PCs are connected by the network cable) but only one PC is connected to the router (1 port). The latter PC has access to the Internet.

You want another PC to be on Internet as well
In this case you are using ICS and setting it up having the main PC as the Host for Internet connection.

But when you have the router with several ports - you are connecting your computers independently to their own router ports and they do have connection to Internet straight away.

At the same time you have your network being setup as well, kinda without physically connecting your PCs … and despite you have a networked computers you don’t need the service in this case too.

I hope the above was understandable
(well it’s possible to draw pictures here …but I’m lazy ;D)

So if you have configurations as described - it’s better to disable the service.
Thing is (and it was said many times in this forum) if the native Windows Firewall (WF) is disabled but the ICS is not – you may find that MS can sometimes silently re-enable WF.
Unfortunately Comodo does not check such event.

But when ICS is disabled, the attempts to access WF’s Properties or re-Enabling it will end with an Error notifying you that you need to enable ICS too.

My regards