Registering with the Windows firewall RRS feed

  • Question

  • Hi,

    We would like to take advantage of the boot-time WFP filters added by the Windows firewall but handle the main firewall and stealth mode filters from our firewall product.  Therefore we are looking to use the INetFWProduct API on Windows 7 (we aren't concerned with Vista).  However the documentation within the "Windows Firewall Categories and User Facing Impact" document mentions:

    "If ownership of the Firewall filters category is taken, ownership of the Boot Time filters category must be taken as well. Failure to do so can result in loss of connectivity, since the Boot Time filters try to make the machine secure in the absence of the Windows Firewall."

    Is anyone able to clarify this as it doesn't appear to be enforced as we can register for firewall filters without boottime (seen from a "netsh advfirewall show global" command, and the boottime WFP filters added by the Windows firewall remain which is exactly what we want.  Any issues with ignoring this part of the documentation?


    Update: After inspecting further it appears that leaving the Windows firewall to handle the boottime policy not only leaves WFP boottime filters, but also a few persistent ones including block inbound filters which will interfere with our firewall product.  But confirmation of this would be appreciated.
    • Edited by SpecWin Friday, October 7, 2011 1:33 PM
    Friday, October 7, 2011 9:18 AM