Software Firewalls





Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi Experts

Could you point a way to check if a port is released at Win 10 firewall?

I followed the steps to release the port 7890 at win10 but after all I don't know if the operation was successful.
Maybe not since it looks blocked.

Thanks in advance.
CompTIA Cloud+
LVL 19
CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

Port 25 is open but I've got the following. Any advice?
C:\Users\Administrator>telnet localhost 25
Connecting To localhost...Could not open connection to the host, on port 25: Connect failed

Please do you have a method via GPO or key registry  to allow the message (attached).

Thx for your help.
Microsoft Products not signing into the new network.

Hello all, we implemented a new network, that is behind a firewall.
when I image a machine newly, I try to open outlook , it fails to connect, I tries onedrive, same thing. word and excel can't activate.
I connect to a different wifi (without the firewall and corporate connectivity) they all work fine. I activate and authnitcate and configure all products fine.
I switch back to corporate, they continue to work fine, for hours, or days. and suddenly the error happens again.
I have to switch to unprotected wifi, open the applications (or at least one of them) and get back to corporate network, where all will work fine again for a while.

I am thinking of the following scnarios:

1- it could be one of the many firewall rules missing on the firewall. that is used to authenticate or check the license of MS products.
2- expected it could be outdated drivers of WLAN, I updated those, but problem continued.

any ideas where should I start looking?
A client of mine has this issue when attempting to open up QB on the work station, QB Sees the file on the server but then pops up a message saying that it cannot communicate with it. I have uploaded a picture of the error.  I tried to find the connection diagnostic tool that it is talking about, but it seems to be hidden. The instructions always says to download it from the "OEM" website, where ever that is.  I couldn't seem to find it.  
But for some reason QB sees the files on the server, but cannot access them.  a little help would be appreciated.
I've got Ubuntu 16.04 and OpenVPN installed and seems to be working fine. But when I check firewall rules using "sudo ufw status", then I see this:
Status: active

To                         Action      From
--                         ------      ----
80                         ALLOW       Anywhere                  
443                        ALLOW       Anywhere                  
53                         ALLOW       Anywhere                  
465                        ALLOW       Anywhere                  
25                         ALLOW       Anywhere                  
110                        ALLOW       Anywhere                  
995                        ALLOW       Anywhere                  
143                        ALLOW       Anywhere                  
993                        ALLOW       Anywhere                  
10025                      ALLOW       Anywhere                  
10024                      ALLOW       Anywhere                  
80 (v6)                    ALLOW       Anywhere (v6)             
443 (v6)                   ALLOW       Anywhere (v6)             
53 (v6)                    ALLOW       Anywhere (v6)             
465 (v6)                   ALLOW       Anywhere (v6)             
25 (v6)                    ALLOW       Anywhere (v6)             
110 (v6)                   ALLOW       Anywhere (v6)             
995 (v6)                   ALLOW       Anywhere (v6)             
143 (v6)                   ALLOW       

Open in new window

I would like to know if someone knows a firewall that I can set an authentication page before hitting the target page, let's say that I have my server idrac page available on a public IP, I would like to know if there is a way to have the firewall to authenticate access first and then forward the request to the dell idrac web server in order to add an additional layer of protection.
Hello Experts,

I am looking for a solution to meter Internet usage and bandwidth by user on a LAN.

In other words I would like to have the ability for a user on the LAN to (based on that user's account information):

1. Restrict bandwidth based on user settings.
2. Restrict total usage (time) using the internet based on user settings.
3. Be able to reset usage etc. based on user settings.
4. Logs/reports showing All User statistics while on the Internet.

Does anyone know how to do this?


I have industrial machine needs to connect to an Access Point in order to download data through a software designed by the manufacturer, I am thinking instead of getting Physical Access Point "especially the machine is working in a sever application" to use Virtual Access point on the LAPTOP, tried ICS "Mobile Hotspot"  but this is not helpful because I need the machine to use /

Is there any Free Virtual Access Point can be download works with Windows instead of using ICS  instead of physical AP? or is there a way in Windows 10 to change IP address and subnet Mask for the clients ?

Thank You
Hi EE,

I am in the process locking down the connectivity of a Windows Server via the Windows Firewall. I have my inbound rules setup by in large, my question is how do I restrict the VPN / Remote Desktop Services on server only to allow connections from specific IP ranges.

Attached is snapshot of my current firewall configuration.

Using windows server 2016.

Any assistance is welcome.

Thank you.
OWASP: Avoiding Hacker Tricks
LVL 19
OWASP: Avoiding Hacker Tricks

Learn to build secure applications from the mindset of the hacker and avoid being exploited.

Is there any possibility / way to configure Win7 firewall (on users' PCs)
such that it blocks users' access to Internet (namely Tcp80 & 443)
unless the user's VPN is connected or the user is connected to
our corporate LAN/Wifi?   Ie when user is at home or connects to
outside Wifi, the firewall rules will block the access (& only a single
firewall rule that permits connection to our corporate VPN appliance).
Officially my SonicWall Global Anti-Virus service blocks Macros VBA 5 and above.  I wanted to know if everyone here feels if this is sufficient protection from documents that have malicious macros or is it better to enable a GPO to disable Macros from the internet?

I am using FortiGate 100E firewall and firmware version is v5.4.4,build7650. I have registered IPS & Application Control service. Please refer to my attached JPG.

My question are:

1. How to know if I enable the IPS ? If I have not enable the IPS, how to enable the IPS?
2. How to enable Anti-spam service on this firewall?
3. What is sandbox service on firewall? I have enabled anti-virus function, but some people suggest me to enable sandbox function on firewall.

Best Regards,
In Azure I am creating a storage account, but need it to be accessible from our vNet's only.  During the Storage Account setup you can specify a vNet. The problem is we have two separate vNets in two different regions that needs access to this account. Instead of using vNet can we create a NSG for our Storage Account?
Dear Experts

We are replacing firewall to cisco ASA and planning to go for cisco AMP for endpoints, would like to understand if we go for AMP do we still need antivirus solution please suggest, thanks.
Just wondering if there is a way to not redirect away certain hosts/subnets and redirect the rest of the internet traffic using policy based routing on a Dell switch.  This post has a similar issue but not sure what the solution might be (or if there is anyway):

Thank you in advance!
Will the following URL going through proxy appliance need port 19443 open on our firewall or https port:-
How can I configure windows Xp firewall to block all multicast traffic 224.*.*.* inbound and outbound ?
The windows firewall requires specifying a por ( not a port range)
Hi Experts,

Could anyone please explain to me the different options and items from

as well, the difference between software and hardware firewalls.

Thanks so much.
JavaScript Best Practices
LVL 19
JavaScript Best Practices

Save hours in development time and avoid common mistakes by learning the best practices to use for JavaScript.

Hi there experts,

So im looking into webcontent filter and app monitoring. Since we have a Cisco  ASA i figure cisco Firepower services would be the a good choice and it offers IPS, Apps, AMP, and URL. We're also in the process of renewing our contract with the endpoint provider so this may be an opportunity to implement AMP.

My question is, is Cisco firepower an industry leader for endpoint protection and web web content filtering? I know there are many security companies out there with amazing products but having them under one umbrella would make life easier.

What has your experience been with Cisco firepower? good or bad..


If I'm in a Window 2008 or 2012 servers and I want to proof that some ports like Tcp 80, 443, 339 for example are opened not blocked by firewall how I can do that? Some time port are opened but there is just nothing listening, I mean there is no application installed which can respond.

Is there cmd or tool that just show what are opened?

Does anyone know the cause of the high kernel CPU usage on the CheckPoint firewall?  It seems to be happening on the active firewall, even after failover.  Nothing seems to be there on the arp table.

FW-1: [cul_load_freeze][CUL - Cluster] Setting CUL FREEZE_ON, high kernel CPU usage (XX%) on local Member 0, threshold = XX%
I have a FortiWiFi30E working at a given location. It has a static IP from the ISP on the public facing side and a private 192.168.x.x address on the private side. I've copied the configuration to another FortiWiFi30E (Box2). I need to log into the Box 2 in order to update the static IP for a different location. However, I can't log into Box 2. I'm connected from my laptop to port 1 on the 30E. Neither IP address will allow me to log into it.
I need to setup a Site-to-Site VPN between a SmoothWall v3.1 and a SonicWall TZ.    I have tried to configure the connection on both ends but so far have been unable to get any kind of a connection between the two.  

I have played with the IKE and IPSEC proposals on the SonicWall but have not found a combination which works. I do not see anywhere I can set these on the SmoothWall  Has anyone managed to accomplish this?
I have a Windows Adv Firewall GPO with several rules that have several IP subnets in each rule.  We are moving to a new building, and the subnets are changing.  So I have a lot of subnets to add/remove for a bunch of rules.  Is there an easy way to make bulk changes to the scope of a firewall GPO from the command line?  I found one example where someone used an answer file. But the example lacked so many details, I couldn't quite determine how to use it to make "scope" changes.

I would really like to avoid clicking through all the subnet add/delete's.  

We are mostly Windows 7 with a growing Windows 10 user base.  Our DC's are W2K12 R2.

Any and all advice is greatly appreciated!!

Software Firewalls





Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Top Experts In
Software Firewalls