8 Best Practices for Windows 11 Firewall to Keep Your System Secure

Always keep the Firewall turned on

Windows 11 » Explainers

Reading time icon 6 min. read

Calendar icon Published on

by Srishti Sisodia 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

8 Best Practices for Windows 11 Firewall to Keep Your System Secure

With increasing concerns for privacy and security, it has become essential to understand and implement the best settings on your device for safety. Though Windows 11 has a robust firewall, you need to optimize the settings to maximize the first line of defense. In this guide, we will discuss some of the best practices for the Windows 11 firewall. Read on!

What are the Windows 11 Firewall best practices?

1. Always keep the Windows Firewall enabled

  1. Press Windows + I to open the Settings app.  
  2. Go to Privacy & security, then select Windows Security.Privacy & security - Windows Security - 8 Best Practices for Windows 11 Firewall to Keep Your System Secure
  3. On the Windows Security app, locate and click Firewall & network protection.Firewall and network protection
  4. You will see a Domain network, a Private network, and a Public network. Check if all three say the Firewall is on.
  5. If you see the Firewall is off message under any of them, click Turn on.Turn on - Windows Security - 8 Best Practices for Windows 11 Firewall to Keep Your System Secure
  6. Click Yes on the UAC prompt and locate Microsoft Defender Firewall, and toggle on the switch to enable it.Turn on Windows Firewall

The most fundamental thing is to keep the Windows Firewall enabled at all times, as a disabled firewall risks exposing your device to various threat actors.

2. Block the unused ports

  1. Press the Windows key, type windows security in the search box, and click Open.Windows Security - 8 Best Practices for Windows 11 Firewall to Keep Your System Secure       
  2. Go to Firewall & network protection.
  3. Click the Advanced settings option to access the Windows Defender Firewall with the Advanced Security window.Advanced settings
  4. Click Inbound Rules or Outbound Rules from the left pane, and click New Rule from the right.New rule - 8 Best Practices for Windows 11 Firewall to Keep Your System Secure
  5. Select Port and click Next.Rule1
  6. Now, select TCP or UDP, enter the specific port number to block and click Next.TCP or UDP, click Next
  7. Select Block the connection and click Next.Block the connection -8 Best Practices for Windows 11 Firewall to Keep Your System Secure
  8. Place a checkmark next to all the network profiles (Domain, Private, and Public), then click Next.Choose the network profile
  9. Name the rule and click Finish.Name the rule

Reduce the number of entry points for unauthorized access to maintain system security and minimize the attack surface.

3. Enable security notifications

  1. Press the Windows key, type control panel in the search box, and click Open.Control Panel start menu
  2. Select Category for View by and click System and security.   System and Security CP Windows 11 Firewall to Keep Your System Secure 
  3. Click Security and Maintenance.System security - 8 Best Practices for Windows 11 Firewall to Keep Your System Secure
  4. Click Change Security and Maintenance settings.Security maintenance
  5. Under Turn messages on or off, make sure Network Firewall is selected, and click OK to save the changes.Turn off messages and click OK

Enabling the notifications will help you get alerts whenever the firewall blocks apps or connection attempts, allowing you to identify and respond to unauthorized access requests.

4. Create outbound or inbound rules

  1. Press the Windows key, type Windows security in the search box, and click Open.
  2. Go to Firewall & network protection.  
  3. Click the Advanced settings option to access the Windows Defender Firewall with the Advanced Security window.Advanced settings
  4. Click Inbound Rules or Outbound Rules from the left pane, and click New Rule from the right.New rule - 8 Best Practices for Windows 11 Firewall to Keep Your System Secure
  5. Follow the on-screen instructions and create rules, such as Allowing only trusted applications and services and restricting unwanted outbound connections to reduce exposure to threats.

Creating inbound and outbound rules can help you manage network security, protect sensitive information, and ensure that only authorized apps communicate with the network.

5. Enable Log settings

  1. Press the Windows key, type windows security in the search box, and click Open.
  2. Go to Firewall & network protection.
  3. Click the Advanced settings option to access the Windows Defender Firewall with the Advanced Security window.  Properties - Windows 11 Firewall to Keep Your System Secure
  4. Select Windows Defender Firewall with Advanced Security on Local Computer, and click Properties from the right pane.
  5. Go to the Domain Profile tab, locate Logging, and click Customize.customize - Windows 11 Firewall to Keep Your System Secure
  6. Look for the Size limit option and increase the log file size.
  7. Locate Log dropped packets and select Yes from the drop-down menu.Logging Firewall
  8. Now go to the Public and Private profiles and do the same.
  9. Click OK, then OK to save the changes.

Enabling the logging of dropped packers and increasing the size of the log file will help you identify blocked connections when the Firewall is causing connection issues.

6. Customize network profiles

  1. Press the Windows key, type windows security in the search box, and click Open.Windows Security - 8 Best Practices for Windows 11 Firewall to Keep Your System Secure  
  2. Go to Firewall & network protection.
  3. You will see three network profiles: Domain, Private, and Public
  4. Click Domain network, and under Incoming connections, select Blocks all incoming connections, including those in the list of allowed apps.
  5. Click Yes on the UAC prompt. Then, use the arrow on the left side to return to the previous page.
  6. Go to the private and public networks and make the same changes under these profiles.

Customizing network profiles in Windows 11 Firewall is essential for adapting security measures to different environments.

7. Setup connection rules

  1. Press Windows + R to open the Run window.  wf.msc and click OK - 8 Best Practices for Windows 11 Firewall to Keep Your System Secure
  2. Type wf.msc and click OK to open the Windows Defender Firewall with the Advanced Security window.
  3. Click Connection Security Rules and select New Rule from the right pane.Connection security rules - 8 Best Practices for Windows 11 Firewall to Keep Your System Secure
  4. Choose Isolation, Server-to-Server, or Tunnel per your preferences and click Next.Steps - 8 Best Practices for Windows 11 Firewall to Keep Your System Secure
  5. Now, follow the on-screen prompts to specify the connection type, authentication method, and the computer or network profile included.
  6. Once you have configured it, name the rule and click Finish.

Setting up connection security rules in the Windows 11 Firewall protects data and maintains a strong security posture. If Windows Defender Firewall prevents connections on your device, you can check this guide for solutions.

8. Use the monitoring tools

You can use monitoring tools to track network activity, monitor apps accessing the network, and analyze firewall events. To do that, you can open the Windows Defender Firewall with the Advanced Security window, go to Monitoring, and use options like Firewall, Connection Security Rules, and Security Association.

Moreover, you can right-click Windows Defender Firewall properties, click Logging, and enable logging for dropped packets and successful locations.

In addition to all these, keep reviewing, adding, and removing rules regularly according to your network environment.

If you’re wondering how to check if your Firewall blocks a website, then you should check these settings; read this guide to learn more.

In case the Windows Firewall has blocked some features of an app; it could be due to malware; check out this guide to know more.

If you think there are more tips that you can follow, feel free to share them with our readers in the comments section below. We will add them to the list.

More about the topics: Windows 11

Srishti Sisodia

Srishti Sisodia Shield

Windows Software Expert

Srishti Sisodia is an electronics engineer and writer with a passion for technology. She has extensive experience exploring the latest technological advancements and sharing her insights through informative blogs. Her diverse interests bring a unique perspective to her work, and she approaches everything with commitment, enthusiasm, and a willingness to learn. That's why she's part of Windows Report's Reviewers team, always willing to share the real-life experience with any software or hardware product. She's also specialized in Azure, cloud computing, and AI.

User forum

0 messages