Windows Firewall Windows Firewall Integration

Microsoft OSs come with a built-in personal firewall which provides a barrier against network-based intrusions. Advanced Installer helps integrate your networking applications with Windows Firewall, providing the best possible firewall experience for your users.

While Windows Firewall helps prevent many inbound opportunistic attacks, some compatibility issues arise with applications that expect incoming network connections. If your application can function as a server or implements a peer-to-peer communication protocol, it may be blocked automatically.

Windows Firewall operation

When an application not registered with Windows Firewall attempts to open a TCP or UDP port for incoming network traffic, it is immediately blocked with a Security Alert popup dialog:

Windows Firewall Security Alert dialog
Application attempting to open an inbound connection

Adding your network-aware applications to the Windows Firewall Exceptions List becomes increasingly important, similarly to using an Authenticode certificate to digitally sign your installation package and binaries.

Windows Firewall and online multiplayer games

Online multiplayer games, in particular, may be affected to some degree.

The Security Alert system modal dialog box will appear underneath when running a fullscreen Direct3D application. Since this dialog will be hidden from the user looking at the game fullscreen, it will confuse players attempting to use the online features of your multiplayer game.

Furthermore, administrator privileges are required to unblock applications, privileges which may be unavailable to players under parental control rules.

Seamless firewall integration

You can offer a better firewall experience for your users by adding your application to the Firewall Exceptions List automatically at install time and removing it at uninstall.

Configuring firewall rules and their appurtenance to groups is simple and painless in Advanced Installer: you can authorize certain TCP or UDP ports, or register a whole process (your application) with the Windows Firewall with just a few mouse clicks.

Additionally, the firewall configuration tool in Advanced Installer is completely integrated with the Windows Installer technology, allowing the use of Properties and Formatted values, localizable display name for authorized applications and ports as well as conditional configuration of firewall rules.

Configuring the Windows Firewall

Besides specifying firewall rules for your application (or individual ports), you can also alter the global firewall configuration, when installing and/or uninstalling.

Finally, it is possible to change the System Services authorization options or the Internet Control Message Protocol (ICMP) settings, which give you full control on how the Windows Firewall is configured.