How can I use Windows Firewall to only permit the Windows Update service to make an outbound connection?

4

I'm trying to tailor my Windows Firewall settings (using the Windows Firewall with Advanced Security console) to only permit programs that need to access the Internet with an outbound connection to do so.

This works fine for normal applications as I can just allow the program, but services that load in the svchost.exe process are a problem. The only services I actually need to give access to are Windows Update and the Background Intelligent Transfer Service (and even that, I would only like Windows Update to be able to submit jobs to, but that's another issue.) Is there a method to only allow these to be permitted an outbound connection, and not any of the other services loaded in svchost?

microsmash

Posted 2011-05-03T21:19:57.357

Reputation: 41

All I can suggest it to try the "Plus" version of this software...http://www.sphinx-soft.com/Vista/order.html

– Moab – 2011-05-03T21:46:10.580

1When you create a firewall rule, you can specify the program and services for that rule. – Joe Internet – 2011-05-03T22:58:07.593

Answers

1

As stated by Joe Internet in the comments, you can specify the Service you want to use. For that, you have to define a new outbound rule, but use "Custom" instead of "Program". There, you can choose the service, in your case "Windows Update", or also "wuauserv", which should be exactly what you're looking for.

private_meta

Posted 2011-05-03T21:19:57.357

Reputation: 2 204

Unfortunately, that does not work with Windows 8.1 anymore. Allowing "wuauserv" enables Windows Updates only up to incl. Windows 8. – ultimA – 2014-08-15T14:32:57.827

Asked: 2011-05-03T21:19:57.357

Viewed: 3 794 times

Active: 2015-04-01T16:42:29.873