ICT Security Recommendations and Warnings
The Microsoft Internet Connection Firewall on Windows XP
A firewall is a security system that acts as a protective boundary between a network and the outside world. Windows XP includes Internet Connection Firewall (ICF) software you can use to restrict what information is communicated between the Internet and your home or small office network. ICF also protects a single computer connected to the Internet with a cable modem, a DSL modem, or a dial–up modem.
If your network uses Internet Connection Sharing (ICS) to provide Internet access to multiple computers, you should use ICF on the shared Internet connection. However, ICS and ICF can be enabled separately. You should not enable the firewall on any connection that does not directly connect to the Internet. ICF is not needed if you already have a firewall or proxy server on your network in your home or office.
You must be logged on to your computer with an administrator account in order to enable the firewall.
You should not enable Internet Connection Firewall on virtual private networking (VPN) connections, which are typically used to securely log in to a corporate network. You should not enable ICF on client computers that are part of a large company or school network with a server-client structure. ICF will interfere with file and printer sharing in these scenarios.
If you are sharing an Internet connection, enable the firewall only on the host computer that is connected to the Internet. The host computer appears to the Internet as the only computer on the Internet, hiding the computers in your home network. The host computer with ICF enabled provides a single point of security for your host computer and home network computers. In such home networks, computers running earlier versions of Windows are protected without the need for additional firewalls. See the illustrations in this Home Networking and the Internet article to help you understand where ICF should be enabled on your home network.
Some Internet service providers (ISPs) do not allow the use of the Windows XP ICF. If this is the case, you should contact your ISP for their recommended security measures.
To enable or disable Internet Connection Firewall
- Open Network Connections (Click Start, click Control Panel, and then double–click Network Connections as shown in Figure 1 below.)
Figure 1. Open Control Panel, then open Network Connections.
Note If your Control Panel is set to Category View, click Network and Internet Connections as show in Figure 2 below. Then click Network Connections as show in Figure 3.
Figure 2. In Category View, click Network and Internet Connections.
Figure 3. In Category View, click Network Connections.
- Click to select the Dial–up, LAN or High–Speed Internet connection that you want to protect as shown in Figure 4 below.
Figure 4. Click on the connection that you want to protect.
- In the task pane on the left, under Network Tasks, click Change settings of this connection as shown in Figure 5 below.
(Or, within the Network Connections folder, right-click on the connection that you want to protect and then click Properties as shown in Figure 6 below.)
Figure 5. Under Network Tasks on the left, click Change settings of this connection.
Figure 6. Alternatively, right-click on the connection, and click Properties.
- On the Advanced tab as shown in Figure 7 below, under Internet Connection Firewall, select one of the following:
-
- To enable Internet Connection Firewall (ICF), select the Protect my computer and network by limiting or preventing access to this computer from the Internet check box.
- To disable Internet Connection Firewall, clear the Protect my computer and network by limiting or preventing access to this computer from the Internet check box. This disables the firewall, your computer and network are then vulnerable to intrusions.
Figure 7. Check the box to enable the firewall.