locked
Relationship between Onecare Firewall and the Windows Firewall built into Windows XP and Vista RRS feed

  • Question

  • All,

    how does the Oncare Firewall relate to the Windows Firewall that is built into Windows XP and Vista? Does the Oncare Firewall use the services of the built-in Windows Firewall? I would hope so because I know that the Windows Firewall is deeply integrated into the operating systems itself and, in particular, the Windows Firewall carefully manages access to the TCP/IP stack during system startup.

    I do notice that when I open up the control panel GUI for the Windows Firewall that the control radio buttons and check boxes are greyed out suggesting that the Oncare Firewall has taken over. On the other hand, in that same control panel GUI it is possible to manipulate the settings on the Exceptions and Advanced tab. That seems a little inconsistent with the fact that the front panel of the GUI is greyed out.

    If there is a white paper from Microsoft that explains the relationship between these two components I would appreciate knowing how to get it,


    I have the same question with respect to Windows Defender.  Is it superceded by Oncare or are these two ships passing in the night. Prior to installing Oncare I had Windows Defender running at regular intervals (weekly I think).

    Best Regards

    John Holmblad


    Friday, August 29, 2008 2:15 PM

Answers

  • OneCare disables the Windows Firewall in XP using Group Policy trickery at install and enables it once again at uninstall. The Windows Firewall does not "manage" the network stack. It adds protection for network traffic for any adapters it is enabled for.

    In Vista, I believe that the Firewall service is explicitly disabled, but OneCare adds its own protection to the firewall service in the form of rules and exclusions.

    I am not aware of any white paper that explains this relationship for OneCare to the Windows Firewall in XP or Vista.

     

    Defender is disabled by OneCare at install, as well. OneCare includes the protection of Defender and expands on it. Since Defender cannot be removed from Vista, you can enable it to gain access to the other Defender tools, but OneCare will disable it again.

     

    -steve

     

    Friday, August 29, 2008 2:37 PM
    Moderator

All replies

  • OneCare disables the Windows Firewall in XP using Group Policy trickery at install and enables it once again at uninstall. The Windows Firewall does not "manage" the network stack. It adds protection for network traffic for any adapters it is enabled for.

    In Vista, I believe that the Firewall service is explicitly disabled, but OneCare adds its own protection to the firewall service in the form of rules and exclusions.

    I am not aware of any white paper that explains this relationship for OneCare to the Windows Firewall in XP or Vista.

     

    Defender is disabled by OneCare at install, as well. OneCare includes the protection of Defender and expands on it. Since Defender cannot be removed from Vista, you can enable it to gain access to the other Defender tools, but OneCare will disable it again.

     

    -steve

     

    Friday, August 29, 2008 2:37 PM
    Moderator
  • Steve,

    thanks for you insights.

    I understand that, as you assert,

    The Windows Firewall does not "manage" the network stack.

    What I said was that the Windows Firewall manages access to the network stack (i.e. using filtering rules) some of which are hard-coded during system startup.

    The Windows Firewall is not completely disabled at least insofar as the Windows Firewall GUI interface is concerned because, if you open the Windows Firewall control panel on a system that has Microsoft Onecare enabled you will see that it is still possible to manipulate settings on the exceptions and advanced tabs of the Windows Firewall GUI. If the Windows Firewall were completely disabled, this should not be possible because the interface should be 100% disabled.

    Best Regards

    John Holmblad

     




    Friday, August 29, 2008 7:23 PM
  • Oops. You're correct, I missed the word "access" when reading your post.

     

    The Windows Firewall can be configured, but it isn't running when OneCare is installed and active.

    -steve

     

    Tuesday, September 2, 2008 6:09 PM
    Moderator