When Windows Vista is released early next year, it will have an updated firewall that looks at incoming as well as outgoing traffic, the company has said--an advance on the firewall in Windows XP service pack 2, which only watches incoming data.
But the default on the firewall in Vista will be set to block incoming traffic only, Microsoft said. The protection will be curbed in order to make life easier for the company's enterprise customers, it said.
Piecing together Windows Vista
"Because the nature of an outbound firewall is to restrict the traffic sent to specific ports, the outgoing access in the Windows Vista firewall is open by default," a representative for the software maker told ZDNet Australia. "The reason for this is Microsoft has received strong feedback from its customers, especially from large organizations and government departments, saying that they would like to manage this feature from an administrator level."
Configuring the Vista firewall to stop outgoing connections made by rogue applications and malicious software will require a varying degree of technical knowledge, depending on each user's security requirements, Microsoft said.
"Users need to understand how their applications undertake communication and connections, and the associated threats and risks. This security requirement will vary amongst users, and Microsoft is providing the capability to allow users to determine how they wish to leverage this security capability," the Microsoft representative said.
Firewall specialist Zone Labs said that people will require a "fairly high level of sophistication" in order to properly configure the Vista firewall. For consumers, the company said the task will be nothing less than "challenging."
"Outbound protection requires a fairly high level of sophistication to engage, and reports indicate that Microsoft expects that functionality to be used by IT professionals in a business-networking environment," Laura Yecies, general manager at Zone Labs, said.
Security specialist Michael Warrilow, director of Sydney-based analyst firm Hydrasight, believes that Microsoft has found it too difficult to create an all-encompassing firewall. However, he said that by not putting the capabilities of the firewall into full play, the company is not ignoring its nontechnical customer base.
"In effect, Microsoft is putting outbound (protection) in the 'too hard' basket for the time being," Warrilow said. "The firewall is to protect against inbound attacks--instead of protecting the rest of the world from you."
Vista's firewall is just one layer of security in the new operating system, according to Microsoft. "New features such as User Account Control, Windows Defender, and Internet Explorer Protected Mode, along with improvements to Windows Firewall and Windows Update, work together to help shield Windows Vista PCs from malware," or malicious software, the company's representative said.
Munir Kotadia of ZDNet Australia reported from Sydney.
