The firewall provides a barrier against network-based intrusions. It blocks unsolicited incoming traffic, and makes the system mostly invisible on the internet by rejecting Internet Control Message Protocol (ICMP) requests. This means that ping and tracert will not work. The firewall also looks and rejects invalid packets.
This barrier prevents opportunistic attacks - attacks spread by finding many systems with the same vulnerability. The firewall can reject many attacks by putting up a "do not disturb" sign for those features not currently in use. The Windows Firewall's benefits are its features and applications that are not used cannot be avenues for attack.
Advanced Installer configures the system to identify what applications and features are needed and should be open to the network. This happens when the package is installed.
In the "ON with no exceptions" mode, all static holes are closed. API calls to open a static hole are allowed but deferred and they are not applied until the firewall switches back to normal operation. All listen requests by applications will also be ignored. Outbound connections will still succeed.
The firewall is here to stay. These recommendations will give your customers a good Firewall experience with your Windows application:
- Don't tell your clients to disable the Firewall to use your application. This makes their entire machine vulnerable even when they aren't using the program.
- Make the Firewall configuration seamless for your users. Add your application to the exception list during installation, and remove your application from the exception list during uninstallation.