Windows Tip Sheet

Too Many Firewalls

Adding Windows OneCare Live on top of Windows Firewall can build a barrier even the user can't get past.

A friend of mine was complaining about work the other night, and we got into this story about users who install software they shouldn't. It appears my friend was trying to solve a problem for the user (who works for the same company as my friend) who "suddenly" couldn't use half the applications on his WinXP SP2 computer. "Oh, he messed up the Windows Firewall," I said, anticipating where this was going. "I wish!" my friend said. In fact, when checking the Windows Firewall, he'd found both the "On" and "Off" radio buttons grayed out, with the "Off" button selected. All of the Firewall's exceptions appeared to be in order, but things were definitely not working correctly.

That's when he noticed a curious little icon in the notification area. It was green, and shaped like a little 3-D ball with the number "1" on it. That's right, Windows OneCare Live (available at www.live.com), Microsoft's new firewall/antivirus/antispam/backup/everything software. Unfortunately, OneCare isn't intended for a corporate installation -- Microsoft has another, parallel product intended for companies, which includes centralized management via Group Policy. This user had gone out and installed -- and even paid for -- OneCare on their own.

OneCare overrides the Windows Firewall and provides its own UI for Firewall actions. Unlike the Windows Firewall, OneCare, by default, blocks outgoing traffic, as well. Of course, when it sees a new application trying to talk to the Internet, it asks what you want to do -- and the user, for some reason, selected "block" every time. I guess the message about malware is getting through, which is nice, but it effectively turned his computer into a disconnected doorstop. Uninstalling OneCare -- which my friend's company officially does not allow on their corporate machines -- put Windows Firewall back in charge and my friend was able to clean things up and get the machine working correctly again.

About the Author

Don Jones is a multiple-year recipient of Microsoft’s MVP Award, and is an Author/Evangelist for video training company Pluralsight. Don is also a co-founder and President of PowerShell.org, a community dedicated to Microsoft’s Windows PowerShell technology. Don has more than two decades of experience in the IT industry, and specializes in the Microsoft business technology platform. He’s the author of more than 50 technology books, an accomplished IT journalist, and a sought-after speaker and instructor at conferences worldwide. Reach Don on Twitter at @concentratedDon, or on Facebook at Facebook.com/ConcentratedDon.

comments powered by Disqus

SharePoint Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.