Windows Firewall Notifier to Control and Troubleshoot Outbound Network Traffic

Windows built-in firewall has gotten better and better since its first debut in Windows XP SP1. Most of the security issues have been dealt with in the feature quite nicely. But there are still a few things that I wish it could do better, such as notification as well as troubleshooting. Since a lot more attacks are initiated from a computer inside the network calling outside address, it would be a lot helpful if there is a tool available to control and troubleshoot what’s going out. And that’s where I found this little 3rd party open source program could be very handy and useful.

Windows Firewall Notifier is a portable free network firewall tool that extends the default Windows embedded firewall behavior by displaying notifications to allow users to control over outgoing connections. It works on Windows Vista and above, compatible with both 32-bit and 64-bit editions.

Windows Firewall Notifier - 2014-08-28 14_49_19

Download the tool from its CodePlex page, unzip it, and launch the console.exe file, you will see what’s coming.

First of all, you will be prompted by the Notifications Setting dialog box asking whether you want to enable or disable the notification. Basically, enabling the notifications means all outgoing connections will be filtered by the time you hit OK button. If you do not want to exam all outgoing connections but only to monitor them, choose “Do no enable the notifications” option.

Windows Firewall Notifier - Notifications - 2014-08-28 14_46_48

then, probably a few seconds after you hit OK button, you will see a stream of notification box popping up from the system tray corner asking for your permission to either Allow or Block outgoing connections.

Windows Firewall Notifier - Notifications

Clicking Advanced button at the bottom of the pop-up box will reveal more details about this outgoing connection, such as target port, target IP, path of the program, etc.

Windows Firewall Notifier - Notifications details

What’s a little behind scene is that the tool creates a task in Windows Task Scheduler, called WindowsFirewallNotifierTask, triggered by the built-in Windows Firewall event log entries. It will basically launches Windows Firewall Notifier whenever an outgoing connection is blocked by the Firewall.

WindowsFirewallNotifierTask Properties (Local Computer) - 2014-08-28 15_34_40

To disable the notification and revert all Firewall Outbound rules back to default, click Notif. settings button, choose “Do not enable the notifications” option, and click OK.

Windows Firewall Notifier - restore

Verdict

Windows Firewall Notifier is a very handy useful network tool that adds a lot value to the built-in Windows Firewall, which gives you a lot more control to all your outbound network traffic. It’s especially useful to troubleshoot and pin down the program that sends unwanted outbound traffic to outside your network.

Kent Chen

Microsoft MVP, IT Professional, Developer, Geek, and the co-founder of Next of Windows.

Last updated: 08/28/2014

Posted in: Security , Tools
Discover more: , , ,