The role of the Windows Filtering Platform is to provide the API and the services required for network security applications to filter network data. simplewall is such an application, enabling you to override the default settings of the Windows Filtering Platform and install a new set of filters that block specific processes, in the attempt to protect you against malware.
Install the filter set and choose the security mode
To start using this application, you must first install its filters, which are actually a complex collection of rules that restrict the network access for specific processes and services. As you do so, simplewall recommends you disable the Windows Firewall but this option can be skipped.
It is more convenient to control the utility from the tray menu, rather than browsing the menus within the main window. To begin with, you can easily change the security model the application is going to implement. You can choose from the white list, the black list, and the ‘trust no one’ mode.
Block or allow protocols, connections or services
Secondly, the application can be configured to allow or block certain services (DHCP, DNS, NTP, SNMP, SSDP, Windows Update, Network Discovery), outbound and inbound ICMP protocols, and inbound connections. Please note that modifying these settings has a direct impact on the network connection status.
As soon as an application requests network access, it registers its call, checks the rules, and displays a small popup window near the tray icon. The process is then placed in the main window, marked as a system app, invalid app, shared resource or silent. You can then decide which apps are allowed to access the network and which should be blocked. Information about all the dropped (blocked) packets is stored in a log file, for later reference.
Configure your own rule set regarding network access
simplewall offers an alternative to the default set of filters of the Windows firewall, enabling you to control which apps or processes should be restricted when it comes to accessing the Internet. It is configured to automatically block malware and telemetry-related data. Aside from the aforementioned rule set, it can also include custom rules to block specific ports or IP addresses. You can define these restrictions from the ‘Settings’ window.