Dear Windows Vista Firewall…

Dear Windows Vista Firewall,

When I ask you (repeatedly, and on multiple occasions) to turn off, why do you insist on re-activating yourself at random? Please go away.


No really. What is it with the Windows Vista Firewall and its refusal to go away? At NeoSmart Technologies all our PCs are secured behind two firewalls: a hardware firewall and Microsoft ISA Server. The only traffic that gets in is the traffic that we want to get in. Now we can appreciate having the firewall on by default; but after turning it off over 20 times, it’s getting to be too much.

At first it was only upon restarting the PC. You’d restart the PC, boot into Windows, and be prompted to unblock a program from accessing the internet. Disable the firewall, and get back to work. Rinse and repeat as needed.

But now it seems all we have to do is leave a Vista-powered PC up and running for a couple of days, and (without warning, trigger, or any user intervention), the stupid firewall turns itself back on again! As great as the Vista firewall may be,1 we simply don’t need it!

The problem is, this isn’t just one PC. We’ve spotted this behavior on 3 PCs, and it has no rhyme or reason. It comes without cause or warning, and it doesn’t have a pattern to how long it takes before it reactivates. However, there is a solution:

  1. Start | Run | Services.msc (alternatively: Control Panel | Administrative Tools | Services Management)
  2. Find the entry “Windows Firewall” | Right-Click it -> Properties
  3. Press “Stop”
  4. Change “Startup type” to “Disabled”
  5. Press OK and exit.

Those steps should eliminate the Windows Vista Firewall for good on your PC. If you need to go back and start using it again for whatever reason, just change the startup type back to Automatic and reboot.

  1. Yes, we really do mean it. It now has a full MMC control panel, and it’s fully customizable – even more so than our previous favorites for Windows XP, namely Sygate and Outpost in that order 

35 thoughts on “Dear Windows Vista Firewall…

  1. I’ve got an even better fix. Use Linux or Mac OS X. Vista’s firewall hasn’t bothered me once.

  2. John S, Windows Vista is only half bad right now. Once all the drivers come out, it’ll only be a quarter bad – and it will be the OS of choice for quite a few people that *nix/OS X can’t address – like gamers.

    Once SP1 comes out, Vista will be great.

  3. lol, chill out twit!

    SP1 needs a lot of work, but I think Vista is recoverable. Then again, take a look at XP. The original release wasn’t as buggy as Vista’s release, yet it took two service packs to make it work.

    It’s true though, Vista is extremely buggy. It’s also true that many of the problems are caused by driver-related issues. But that’s also a two-sided story: the Vista driver framework is crap, and at the same time, product manufacturers aren’t focusing on the drivers’ side of things.

    Hopefully SP1 will fix it, but to be honest here, no one knows. But no matter what, what is true is that Windows is right for some people, just like OS X and Linux are right for others.

  4. I would say : stay away from vista
    And for people who love to waste ressources, privacy and liberty by using it, try “SC DELETE ” in a command prompt.

  5. windows sucks and will suck no matter how many billions of service packs they create and no matter how many billion of lines of code they create

  6. Granted, the hardware firewall and ISA firewall should keep bad traffic from external sources off your internal netowork.  But what happens when one of your internal machines gets infected with a worm/virus/trojan and decides to infect all the machines on your internal network.

    Maybe its just me, but turning off Windows firewalls doesn’t seem like a great idea despite your 2 external firewalls.

  7. Casey, that’s a good point you’re raising. However, all our PCs in the NeoSmart Labs are run by the same people, and all have anti-spyware and antivirus (NOD32 is the very best!) installed. Everyone inside is trusted to the highest degree… I guess it depends on the settings/scenario.

    At any rate, imagine a PC behind a hardware firewall. No other PCs in the internal network. It doesn’t need another software firewall, does it?

  8. I’m not a fan of bugs!  In fact, Vista bugs sometimes drive me crazy.  Speaking of bugs, there was never a buggier development tool Visual Studio 2005 (absolutely bugtatuclar!) Bugs aside it would have be nice if Microsoft waited a couple more months before RTM so they could have minted more drivers onto the gold DVD.  Oh well…. we can always hope for Vista R2.

  9. jamome, I disagree with you there.

    The problem with the drivers is that the hardware manufacturers didn’t have an incentive to work. Look at ATi – they only released their drivers the very same hour Vista went on sale. If no one has the Vista DVD, then h/w manufacturers don’t have a real incentive to create the drivers – it’s a Catch-22.

  10.     there is an OS for every one. Just use what better responses to your needs and don’t kill an OS if you don’t want to buy it.  I use Linux (Xubuntu), it works fine but I’ve never said that is the best or is better than Windows. You don’t like vista? simply, don’t use it.   

  11. My experience is that in order for the service shutdown to properly activate, you must also reboot (step 6: reboot). Otherwise, in my case, all incoming traffic was blocked. In specific, if my case was representative, if you try this via remote desktop, you will be locked out (and can’t perform my step 6, unless you use the command line “reboot -r -t XX” with a long enough delay).

    Sample case: wanted to remote install virus software (AVG) on a client machine from server. Remote desktop in as administrative user to client, then temp disable firewall service so virus software install can happen…. bang, locked out. Had to walk to machine and log in and reboot, then firewall stayed off, and I could connect back in (and install AVG), then reactivate firewall (as desired).

    As for the tangential debate, why don’t you people move to a debate forum where it belongs instead of somewhere people might be going for real answers to get things done instead of just passing time because they have nothing better to do with their lives.

  12. Hey so yeah…I was wondering…does anyone out there use Sygate Personal Firewall? The version I use was free from CNet some years ago and I have been using the free version since. Its a nice, easy to use app that tattles on everything that goes on. I would like to disable the Vista firewall and install this Sygate Personal Firewall in its place.

    Has anyone ever used this on Vista? Any ideas if this would work…Im still on XP…just wondering, cus not having my handy firewall would probably prevent me from making the jump.



  13. Sygate Personal Firewall was the very best. Unfortunately, Sygate Corporation was bought out by Symantec, whose first move was to kill off the firewall.

    The latest version produced of Sygate does not run on Windows Vista. A close runner-up for Windows XP is Outpost Firewall, and it runs on Vista too.

  14. Thanks windows firewall has been driving me crazy i have mcafee firewall installed and vista seemed to know about it but still kept on switching its own and file shairing back on every few mins and leaving me open to attack

    vista ultima my butt

Leave a Reply

Your email address will not be published. Required fields are marked *