Network Locations in Windows 7
The NLA (Network Location Awareness) feature assigns your Windows 7 computer a network profile based on the properties of a network connection. When you connect to a new network, Windows prompts a dialog box asking you whether the network is a Home, a Domain or a Public network. Additionally, Windows 7 remembers the designation that you assign to the network and associates it with the properties of the network so that every time you connect to that network, the same designation will be applied.
Windows 7 uses three network profiles which are Domain Networks, Home or work (Private) Networks and Public Networks. You can change the designation of a network using the Network and Sharing center. The NLA assigns the Domain network profile when you log on to an Active Directory domain environment.
The main objective of network profiles is to give users the ability to apply different collections of firewall rules based on different network profiles. In Windows 7 profiles apply on a per-network interface basis which means multi-interface machines can have a set of rules for one interface and another set for another interface. For example, your machine may have one network adapter connected to the Internet and another to a local network where the rules for the Internet connection are more restrictive than the LAN’s. In Windows Vista the most restrictive rules apply to all interfaces.
You might want to disable Windows Firewall for the home network location if such network is secure enough. You can do this from Control Panel\All Control Panel Items\Windows Firewall\Customize Settings by checking the option Turn off Windows Firewall (not recommended) under the Home or work (Private) network location settings. In addition, you may have a third-party firewall product that protects your computer and in this case you can disable Windows firewall for all profiles. I recommend not disabling Windows Firewall just because you are behind an office/home end-point router/firewall as there may be infected computers within your LAN!
The notification option notifies the logged-on user when Windows Firewall blocks a new program while you can block all incoming connections through the other option. To be able to create rules you need to have administrator privileges.
Sometimes, you may end up being connected to the Public network profile automatically even when you connect to other network locations. Remember that the Public Network location disables sharing and network discovery functions. This may happen due to an option you may have selected in the last prompted dialog box when connecting to a new network. To prevent Windows 7 from automatically assigning all networks as Public, follow these steps:
- Click Start and then Control Panel and then Networking and Sharing Center.
- Click on the active network and make sure the option “Treat all future networks that I connect to as public, and don`t ask me again” is unchecked and click on the network you want to choose.