HOME

TheInfoList



Click Here for Items Related To - Windows Filtering Platform
OR:
Windows Filtering Platform on:   [Wikipedia]   [Google]   [Amazon]

Windows Filtering Platform (WFP) is a set of system services in
Windows Vista Windows Vista is a major release of the Windows NT operating system developed by Microsoft. It was the direct successor to Windows XP, which was released five years before, at the time being the longest time span between successive releases of ...
and later that allows Windows software to process and filter network traffic. Microsoft intended WFP for use by
firewall Firewall may refer to: * Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts * Firewall (construction), a barrier inside a building, designed to limit the spr ...
s, antimalware software, and
parental controls Parental controls are features which may be included in digital television services, computers and video games, mobile devices and software that allow parents to restrict the access of content to their children. These controls were created to ...
apps. Additionally, WFP is used to implement NAT and to store IPSec policy configuration. WFP relies on Windows Vista's Next Generation TCP/IP stack. It provides features such as integrated communication and per-application processing logic. Since Windows 8 and Windows Server 2012, WFP allows filtering at the second layer of TCP/IP suite.


Components

The filtering platform includes the following components: * Shims, which expose the internal structure of a
packet Packet may refer to: * A small container or pouch ** Packet (container), a small single use container ** Cigarette packet ** Sugar packet * Network packet, a formatted unit of data carried by a packet-mode computer network * Packet radio, a fo ...
as properties. Different shims exist for
protocols Protocol may refer to: Sociology and politics * Protocol (politics), a formal agreement between nation states * Protocol (diplomacy), the etiquette of diplomacy and affairs of state * Etiquette, a code of personal behavior Science and technology ...
at different
layers Layer or layered may refer to: Arts, entertainment, and media * ''Layers'' (Kungs album) * ''Layers'' (Les McCann album) * ''Layers'' (Royce da 5'9" album) *"Layers", the title track of Royce da 5'9"'s sixth studio album *Layer, a female Maveric ...
. WFP comes with a set of shims; users can register shims for other protocols using the API. The in-built set of shims includes: ** Application Layer Enforcement (ALE) shim **
Transport Layer In computer networking, the transport layer is a conceptual division of methods in the layered architecture of protocols in the network stack in the Internet protocol suite and the OSI model. The protocols of this layer provide end-to-end ...
Module (TLM) shim **
Network Layer In the seven-layer OSI model of computer networking, the network layer is layer 3. The network layer is responsible for packet forwarding including routing through intermediate routers. Functions The network layer provides the means of tran ...
Module (NLM) shim ** RPC Runtime shim ** Internet Control Message Protocol (ICMP) shim ** Stream shim * Filtering engine, which spans both kernel-mode and
user-mode In computer science, hierarchical protection domains, often called protection rings, are mechanisms to protect data and functionality from faults (by improving fault tolerance) and malicious behavior (by providing computer security). Computer ...
, providing basic filtering capabilities. It matches the data within a packetas exposed by the shimsagainst filtering rules, and either blocks or permits the packet. A ''callout'' (see below) may implement any other action as required. The filters operate on a per-application basis. To mitigate conflicts between filters, they are given ''weights'' (priorities) and grouped into ''sublayers'', which also have weights. Filters and callouts may be associated to ''providers'' which may be given a name and description and are essentially associated to a particular application or service. * Base filtering engine, the module that manages the filtering engine. It accepts filtering rules and enforces the security model of the application. It also maintains statistics for the WFP and logs its state. * Callout, a
callback Callback may refer to: * Callback (comedy), a joke which refers to one previously told * Callback (computer programming), executable code that is passed as a parameter to other code * Callback (telecommunications), the telecommunications event th ...
function exposed by a filtering driver. The filtering drivers provide filtering capabilities other than the default block/allow. Administrators specify a callout function during registration of a filter rule. When the filter matches, the system invokes the callout, which handles a specified action.


Diagnostics

Starting with
Windows 7 Windows 7 is a major release of the Windows NT operating system developed by Microsoft. It was released to manufacturing on July 22, 2009, and became generally available on October 22, 2009. It is the successor to Windows Vista, released nearly ...
, the
netsh In computing, netsh, or network shell, is a command-line utility included in Microsoft's Windows NT line of operating systems beginning with Windows 2000. It allows local or remote configuration of network devices such as the interface. Overview ...
command can diagnose of the internal state of WFP.


Hotfix

Microsoft released three out-of-band hotfixes for WPF in Windows Vista and Windows 7 to address issues that could cause a memory leak, loss of connectivity during a
Remote Desktop Connection Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to initiate and control an interactive session on a remote computer or virtual machine ...
session, or a blue screen of death. Later, these hotfixes were rolled up into one package.


References


External links


Windows Filtering Platform Architecture Overview
{{Microsoft APIs Windows communication and services Windows Vista Windows Server 2008