How to Configure Windows Defender Firewall with Advanced Security?

All versions of Windows starting from XP have a built-in firewall that can be used to protect the operating system and filter all network traffic. The functionality and capabilities of the built-in Windows Firewall are not inferior to many third-party commercial firewall software: it allows you to restrict access to a computer from an external network, as well as allow or block Internet access for installed apps and services. Starting from Windows 10 1709, the built-in firewall is called Windows Defender Firewall with Advanced Security. In this article, we will show you how to set up Windows Defender Firewall on Windows 10.

In order to open the Windows Defender Firewall settings panel, run the classic Control Panel and go to System and Security > Windows Defender Firewall.

The screenshot below shows that Windows Defender Firewall is enabled and protects your computer.

To completely enable/disable Firewall in Windows 10, use the Turn Windows Defender Firewall on or off button.


Hint. Also you can enable/disable the Windows Firewall using PowerShell or from the elevated command prompt using the following command:

windows defender firewall with advanced security

netsh advfirewall set allprofiles state off


netsh advfirewall set allprofiles state on

If you incorrectly configured your Defender Firewall and completely blocked network access, you can reset all settings using the button Restore defaults (or following the guide).

Note that Windows Defender Firewall has three network profiles types:

  • Domain profile – used if your computer joined to the Active Directory domain network;
  • Private profile – your computer will be discovered on the network by other devices and will be available to share files and printers (used in home networks or in a workgroup);
  • Public (Guest) profile – the settings of this profile limit access to your computer from the network and its detection as much as possible. This profile is usually used in public places – hotel, airport, café.

The profile is selected by the user when connecting to a new network for the first time, or is selected automatically (in the case of a domain).

To allow/block inbound or outbound connections for a specific profile, click Advanced Setting, right-click on the root of Windows Defender Firewall with Advanced Security > Properties.

You can manage the settings for each profile on a separate tab.

Please note that by default Windows Defender Firewall in Windows 10 blocks all incoming connections and allows all outgoing ones.


windows firewall with advanced security windows 10

If you want to block Internet access from your computer, select Outbound Connection -> Block on all three tabs. In this case, outgoing connections will be denied for all programs except those allowed (Windows 10 has several pre-configured rules for system processes: access to Windows Update, Windows Store, updating the Windows Defender antivirus signatures, etc.).

Let’s try to add the Mozilla Firefox browser to the list of allowed programs.

Click on the Allow an app or feature through Windows Defender Firewall button in the left pane. A list of allowed Windows applications and services appears in the list. To add a new rule, click Allow another app.

windows 10 advanced security settings

Use the Browse button to specify the path to the executable file that you want to allow access to the Internet. We selected our browser’s executable file C:\Program Files\Mozilla Firefox\firefox.exe

advanced firewall settings windows 10


Click OK and select for which network profiles this rule should be active.

windows 10 firewall advanced settings

You can configure Windows Defender Firewall rules more finely from the wf.msc console. Here you can create separate allowing or blocking rules for a specific program, protocol (TCP/UDP/ ICMP/IPsec), IP address or port number.

To create a new outbound rule, right click on Outbound Rules -> New Rule.

advanced firewall windows 10

Next, follow a simple wizard to help you to create your own rule in Windows Defender Firewall.

windows firewall with advanced security on windows 10

In this example, we’ve enabled outbound connections for the putty.exe client.


firewall with advanced security on windows 10

Select Allow the connection and provide a name for the rule.

advanced security settings on windows 10

The new rule will appear in the Outbound rules list. You can disable it via the Disable rule option in context menu. This does not delete the rule, but it becomes inactive.

advanced firewall settings in windows 10

I enjoy technology and developing websites. Since 2012 I'm running a few of my own websites, and share useful content on gadgets, PC administration and website promotion.
Latest posts by Cyril Kardashevsky (see all)

One comment

  1. Thank you so much for this! I have been struggling for days. My ISP Telus is not aware of how to integrate Outlook with Google. I appreciate your info and expertise.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.