Windows Security: Firewall and Network Protection: The Complete Guide

"Windows Security" is a standard feature of Windows 11.

Among these, "firewall and network protection" acts as a "gatekeeper" that prevents unauthorized access from outside and protects your PC.

We will provide a thorough explanation of useful features to know in an emergency, such as the differences between networks such as "domain," "private," and "public," and communication permission settings for each app.

We will also touch on the specification that "the screen will be different (grayed out) if security software is installed."

1. What is "Firewall and Network Protection"?

This screen is where you manage the security strength (firewall settings) depending on which network (Wi-Fi or wired LAN) you are connected to.

Basically, if you see "Firewall is enabled," it means that Windows Defender is protecting your PC properly.

Differences between the three network profiles

This screen shows three network types. Click on each item toIndividual detailed settings screen, where you can turn the firewall on or off for each type of network, or block all incoming connections.

Domain network

• This setting applies when you are connected to an internal network (Active Directory) at work, etc. In an ordinary home, it is usually set to "Not connected."

Private Network

• This setting is for home or trusted corporate networks.
• This allows your device to communicate with other devices on your network (such as printers and family computers). If you're connecting to your home Wi-Fi, make sure this is active.

Public Network

• This setting is for free Wi-Fi in cafes, airports, hotels, etc.
• This profile has the highest security setting and strictly blocks external connections. When connecting to the internet while on the go, be sure to make sure this profile is applied.

Microsoft Defender Firewall settings (on/off)

Click "Microsoft Defender Firewall" in the center of the screenThe switch has a firewall function.This is the main power supply.

Normally it is set to "On (blue)", but you can stop the firewall monitoring function by clicking it to switch it to "Off".

• Individual settings for each profile
  • This switch is independent for each of the three networks: "Domain," "Private," and "Public."
  • For example, you can set individual settings, such as turning off only "Domain" and "Private" as shown in the image, and leaving "Public" on.

Warning when firewall is turned off

If you turn off the firewall, Windows will consider this a security risk and display a warning like the one below.

• Warning message: "Microsoft Defender Firewall uses settings that won't keep your device safe."
• Recovery method: Pressing the "Restore Settings" button at the top of the screen will turn the firewall on for all networks at once.

When to turn it off? (Recommended use)

Basically, this switchIt is not recommended to leave it off all the time. This is because the risk of viruses and unauthorized access increases dramatically.

It is mainly used when troubleshooting (isolating the cause).

1. Check for communication problems: When you experience issues like "I can't connect to online games" or "I can't see shared folders,"Temporarily turn off the firewallLet's try it.
2. Identifying the cause: If you can connect after turning it off, you know the firewall is the problem.
3. Solution: Once the cause is identified, the firewallImmediately turn it back onThen, set the "Allowed Apps" settings to allow only those games or apps through.

About the "Incoming Connections" checkbox

The "Block all incoming connections, including those in the allowed apps list" option on each details page is a very powerful security setting.

• What does it do?
  • Normally, a firewall allows communication from apps on the "allow list" (e.g., Skype, online games, etc.).
  • However, if you check this box,Ignores the entire allow list and blocks all external calls international success.
• When should you use it?
  • Public places (cafes, hotels, etc.): If you are in a place where there are many people, checking this box will help to prevent unauthorized access from outside (we recommend enabling it on public networks).
  • If you suspect you are under attack: It is used for emergency shutdowns such as when a virus infection is suspected.
• Warnings
  • While this is enabled, some apps that communicate with the outside world, network printers, file sharing, etc. may not function. At home (private network), it is generally fine to leave it off (unchecked).

2. [Important] If you have installed security software from another company

If you have third-party security software installed, such as Virus Buster, Norton, or ESET, this screen will appear differently than usual.

▼ Normal screen (Windows Defender enabled)

All items are operational and "Firewall is enabled" is displayed.

▼ Screen when installing security software

in this way,"No action required" may be displayed, and the detailed links below may be grayed out and become unclickable.

This is not a bug. To prevent security conflicts, the standard Windows firewall is automatically turned off, leaving management to the security software.

In this case, if you want to change the settings, you will need to open the settings screen of the security software you have installed, rather than the Windows settings.

3. Explanation of each setting item (detailed link)

You can configure detailed firewall settings from the link at the bottom of the screen. (This can only be done when Windows Defender is enabled.)

Allowing Applications Through the Firewall

Clicking the link on the main screen will open a window where you can fine-tune communication rules for each installed app.

If you are having trouble connecting to online games, FTP software, or the casting (projection) function on your smartphone, it's possible that the communication for that app is being blocked here.

1. To change the settings When you first open this screen, all the items will be grayed out and you won't be able to change them. First, click the "Change Settings" button (shield icon) in the upper right corner. This will allow you to change the checkboxes in the list.

2. What the checkboxes mean The list has three checkboxes.

• Leftmost check (before name):
  • This switch enables the communication permission rule for that app. If this is off, communication will be blocked no matter what you do on the right.
• Private:
  • Home Wi-Fi, etc.This app will only be allowed to communicate when connected to a (private network).
• public:
  • Wi-Fi in cafes and hotelsAllow this app to communicate even when connected to a (public network).

💡 Security Recommendations Basically, we strongly recommend that you check only "Private" and uncheck "Public."

For example, apps such as "network camera" and "printer communication" are necessary at home (private), but if you allow them when you are out at a cafe (public), there is a risk that third parties will be able to see your data.The rule of thumb is to leave the public field blank..

However, do not touch the "items that are there from the beginning"

Looking at the list, you'll see that many items, such as "Core Network" and "Delivery Optimization," already have "Public" checked.

They are The minimum system functionality required for Windows to connect to the Internet(For example, if you block these, the hotel Wi-Fi login screen will not appear or Windows Update will not be possible.)

• Golden rules apply to:
  • Apps I installed(Games, Zoom, FTP software, etc.)
  • In these cases, you should generally uncheck "Public."
• Exceptions (don't touch):
  • Difficult English and Katakana items on the list from the beginning
  • These are standard Windows features,Even if it is checked,Please keep it as is.

3. Adding an app that is not on the list If the app or game you want to allow is not in the list, you can add it by directly specifying the executable file (.exe) using the "Allow another app" button at the bottom right of the screen.

Network and Internet Troubleshooter

Clicking this link will open the Windows Settings > System > Troubleshooting screen.

From here, it takes a few more steps to actually perform a diagnosis.

1. In the window that opens, click "More troubleshooters."
2. Find "Network and Internet" in the list.
3. Press the "Run" button on the right to start the automatic diagnosis.

When you experience problems with your internet connection, Windows will automatically check for the cause (such as a disconnected LAN cable or a faulty driver) and repair the problem, so this is the first thing you should try if you're having trouble.

Configuring Firewall Notifications

Clicking "Firewall Notification Settings" at the bottom of the screen will open the Security Provider and Notification Settings screen.

You can set whether to display a "notification" in the bottom right corner of the screen when the firewall blocks communication of a new app. If you find the notifications annoying, you can adjust them here.

Clicking "Manage Notifications" will take you to a screen where you can fine-tune when notifications are displayed.

On the "Manage Notifications" screen, you can turn security notifications on or off for each category. Here, you can set whether to receive notifications for information such as "Warnings (Virus detected!)" or "Reports (Scan completed)."

1. Virus and threat protectionNotice regarding Notification settings from antivirus software.

• Receive information notifications (master switch)
  • Turning this on will enable three detailed notifications:
• Recent Activity and Scan Results
  • When a scheduled scan is completed successfully, you will be notified with the message "Scan completed. No threats found."
  • Recommendation: If you find it annoying to receive notifications every time, there is no security problem if you uncheck this box.
• Threats found, but no immediate action is required
  • This is a notification when an item that is low risk but should still be reported (such as a suspicious file) is found.
• File or activity is blocked
  • 【重要】 This is a notification that appears when an app or file that is not a virus but is behaving suspiciously is blocked.
  • Recommendation: Be sure to check this box (turn it on). This will prevent you from being confused as to why the file won't open.

2. Account Protection Notification Notifications related to signing in to Windows and locking the computer.

• Dynamic Locking Issues
  • "Dynamic Lock" is a feature that automatically locks your PC when you move away from your PC while carrying your paired smartphone.
  • It will notify you when your smartphone's Bluetooth is disconnected or there is a problem with the connection. If you don't use this function, you can turn it off.

3. Firewall and Network Protection Notifications (*As explained earlier, this is a notification when communication is blocked.)

• Get notified when a new app is blocked by Microsoft Defender Firewall
  • Recommendation: Turn them all "on."
  • If you turn this off, when a new game or app won't connect to the internet, it will be silently blocked, making it difficult to determine the cause.

Advanced Settings (Advanced Settings for Professionals)

Clicking on this link will open another window titled "Windows Defender Firewall with Advanced Security."

This is the management screen for creating very detailed communication rules that cannot be handled with the standard Windows settings.

Main functions Configure the settings using the following items in the menu on the left side of the screen.

• Inbound Rules
  • Controls the traffic coming into your PC from outside.
  • Usage: This is used when you want to open a specific port number or block access from a specific country (e.g., when setting up a Minecraft server).
• Outbound Rules
  • Controls the communication that leaves your PC.
  • Usage: This is used in cases such as "I want to prevent certain children's software from connecting to the Internet without permission."
• Monitoring
  • You can check what communication rules are currently in effect.

⚠ Advice for beginners This screen is very powerful, but if you make a mistake in the settings, it can lead to problems such as "I can't connect to the Internet at all" or "I can't update Windows." Unless you have a clear purpose such as "opening a port" and are operating it while looking at a reliable manual (Wiki or technical blog),Do not change the settings unnecessarilyis highly recommended.

I want to read it together

How to block specific apps from accessing the Internet with Windows Defender in Win11 This time, we will show you how to block Internet communication for specific applications using the Windows Defender firewall included with Windows 11.

Restore the firewall to default settings

If you've messed around with "Allowed Apps" and now you can't remember the settings, or you've added the wrong app and can't delete it, use the "Restore Firewall to Defaults" function.

1. Firewall and Network Protection Return to the main screen.
2. Click the link at the bottom that says "Restore firewall defaults."
3. A confirmation screen will appear, so press the "Restore Defaults" button.

⚠ Attention Doing this will reset (initialize) the settings of all apps that you have allowed up until now. After doing so, the first time you launch a game or Zoom, you will again see a pop-up asking "Do you want to allow this app to communicate?", but if you click "Allow," everything will be back to normal.

Remember this as a "last resort" when you just can't fix the settings.

Summary

This time, we explained the core of Windows security, "Firewall and Network Protection." While it may seem difficult due to the many technical terms, there are only three points you need to remember:

1. "Public" when out and about When using free Wi-Fi at cafes, hotels, etc., make sure it's set to a "public network." This is your best defense.
2. If you have any problems, check the "Permission Settings" If you are having trouble connecting to specific apps, the solution is not to turn off the firewall, but to review the "application permissions" settings.
3. Graying out is "normal" If you have security software installed, it is normal for this screen to become inoperable.

A firewall is a "gatekeeper" that protects your PC from unauthorized access. Don't just turn it off, but set it up correctly to enjoy a safe online life.