Windows Firewall comprises both a firewall application, a Windows service called ipnathlp, and a Security Center service called wscsvc. The Windows Firewall is switched "on" by default when XP SP2 is installed. The older ICF application, on the other hand, required users to manually set the service to start. The new Security Center also makes Windows Firewall easy for the average non-technical person to understand and use.
Windows Firewall provides one-way network protection only. It blocks incoming traffic as configured, but it will not block any outgoing traffic. This behavior is by design, as Microsoft and various security experts recommend controlling outgoing traffic through a separate network device such as the broadband router. On the other hand, alternative software firewall products on the market today usually support traffic blocking in either direction. Modern trojans and spyware applications can easily disable these outbound firewall traffic blocks, however. Overall, the lack of outbound traffic blocking in Windows Firewall detracts very little from its power.
The design of Windows Firewall has also been criticized in another respect. Some feel that it is too easy for Windows Firewall to be switched off by malicious applications and users. It appears more likely, however, that Windows Firewall is no more or less secure in this respect than any other popular software firewall for Windows.
The introduction of XP SP2 requires makers of other commercial firewall software for Windows to ensure their applications are compatible with Windows Firewall. Users of ZoneAlarm and other commercial firewalls will upgrade their software to new versions that are built to coexist with Windows XP SP2. Running Windows Firewall together with another company's firewall on the same computer could cause networking problems.
Bottom line: Windows Firewall for Windows XP is a significant step forward in improving the security of Windows computers. With SP2, home computer users will get a significant additional level of network security support without needing to fuss with detailed technical configurations. Those who already run "third-party" firewall software should consult the vendor's Web site to ensure they have the needed SP2-related updates.
