Do you want more control over your internet connection and the way programs use the connection? We take a look at the Windows Firewall alternative TinyWall in this article. Why would you choose that and how does this software work?
With a firewall you ensure the security of your PC by controlling the network traffic to and from your computer. Windows has a built-in firewall: the Microsoft Defender Firewall. It offers solid basic security, but has relatively few setting options. Fortunately, you are not dependent on the standard firewall in your PC. You can also choose which firewall you use.
An interesting alternative is TinyWall. Characteristic of this firewall is the great amount of control you have over the connection and the user-friendly environment. That makes this free firewall suitable for both novice and advanced users. In addition, as the name suggests, the program has a compact size: it takes up about 2 MB.
TinyWall uses a different philosophy than most firewalls, including Windows’ built-in firewall: instead of granting most programs network access, TinyWall asks you to indicate per app whether it is allowed to have network access. As a result, you only give access to the programs that you actually use and thus limit the chance that programs will use the connection unnoticed.
Tip: We offer the Tech Academy to keep your home network and all connected devices running optimally home network management course On.
Download and install TinyWall
Download TinyWall you do through the official site of the software. The program has a rigorous approach: all connections are blocked immediately after installation. By subsequently placing them on the whitelist, you can allow them one by one.
Immediately after installation, open TinyWall via the corresponding icon in the Windows system tray, where you will already find icons such as the volume and the network connection. Click the TinyWall icon to open the shortcut menu.
Unlike most firewalls, TinyWall does not display windows asking you to allow Internet access for the particular program. The window approach can become a nuisance over time and it risks making the user more likely to approve programs to get rid of the popup.
TinyWall uses a less intrusive approach, in which you always determine which program gets permission. The program offers three ways to do this.
Working with the whitelist
The first is to designate the program you want to give access to. Click on the TinyWall icon and choose Whitelist by executable file. An explorer window will open. Now open the folder where the program is located and point to the executable file (for example Program.exe).
With the second way you can also give a process access to the internet connection. Click on the TinyWall icon and choose Whitelist by process. An overview of all processes appears. Select the process you want to give access. Use the Shift key to select entire sections at once or the Ctrl key to select multiple, individual processes. Ready? Confirm by clicking on Select.
The third and final way to quickly grant access is directly the simplest: you simply point to the program window you want to add. Click on the TinyWall icon and choose Whitelist by window. Now click in the center of the window you want to add. It is put in the list of allowed programs.
Current connections
Good security starts with insight. See which programs are using the internet connection. Open the TinyWall menu and choose Show connections. The programs that use the Internet connection appear in a list. The active connections are shown by default. Click on the column Process to sort the programs alphabetically.
You can also request which ports are being used: tick the option Show open ports. The window also offers the possibility to show blocked programs, via the option Show blocked applications. This window is also useful if a program is being blocked unnecessarily in your eyes.
Choose Show open ports and right-click on the program you want to edit. Choose Unblock.
Exceptions
You will find the item next to the quick menu Manage all settings. The window consists of several tabs. You can see which programs have network access via the management window. Handy, this way you keep a grip on the programs and you can always remove a program afterwards if you want to deny network access.
Open the tab Application Exception. A list of allowed programs appears. Select a program and click Change to request the properties. Interesting about the properties window is the option Lifetime exception, which allows you to change the access settings for the program and apply it for a specific period of time.
You can also further adjust the settings here. For example, if you do not want the program to be restricted, you choose No limits. Back to the overview window of allowed programs. At the top right you will find the button To detect. With this option you can automatically search for open programs and add them to the list of network access.
click on Start and let TinyWall search for the programs. Before starting the search, make sure you have opened the programs for which you want to set access. In the list Search result place your check marks next to the programs that you want to give network access. Then click on To apply.
For the advanced user is the tab Special Exceptions interesting. Specialist tasks and programs have been collected on this.
Items with a check mark have permission for network access. For example, you will find Windows Update (the Windows update mechanism), Windows Store Update (which ensures that the Microsoft Store is up to date) and Windows Time Sync (which synchronizes the time with the internet time).
Only remove check marks next to services that you are sure you can do without. In the box on the right, at Optional, you will find additional services for which you can enable network access. For example, if you use Remote Desktop to access the computer remotely, then place a check next to Windows Remote Desktop.
Set automatically
Instead of manually configuring the system, which is still the safest choice, you can also set the firewall automatically. This allows all traffic and stores during the session which programs used the connection. This mode saves you a lot of time, but is of course slightly less secure than manual configuration.
The mode lends itself well to clean systems, such as when you recently performed a clean installation of Windows. If the system is infected with malware, for example, a malicious software connection can still be made and end up on the whitelist. Click on the TinyWall icon and choose Change state, Automatic learning.
Disable Windows Firewall (or not?)
In principle, the Windows firewall remains enabled if you opt for an alternative firewall. Running two firewalls is just unnecessary and not even desirable. You lose the overview, because both firewalls are configured differently. For example, you cannot directly trace the origin of a blockade. That is why we will explain how you can turn off Windows Firewall.
Open the Windows settings window via the Windows key + I and choose Update and security, Windows security. Choose thereFirewall and network security.
It is best to disable the built-in Defender Firewall. This is not mandatory: two firewalls can run side by side. Check at the security areas Private network, Public network (and Domain network, if you are using the Pro edition of Windows 10) or the firewall is on or off.
Finally, to disable the firewall, click on the item and move the slider to from in the section Microsoft Defender Firewall.
.