Windows Firewall and Webroot Firewall

  • 23 May 2016
  • 6 replies

Userlevel 5
Hello Community .
i have a question about Webroot Firewall, why when that is On my Windows Firewall is On too ?
and another question , i see a proccess named Security Center ( in svchost.exe ) on task manager , i disabled that but when i Setup Webroot i see that is active on my Task Manager ... so .. ? is that normal? 

Best answer by Baldrick 23 May 2016, 17:30

View original

6 replies

Userlevel 7
Badge +52
WSA firewall works differently than a traditional firewall in that it works together with the Windows firewall, functioning as the outbound component while the Windows firewall takes care of the inbound traffic. 

Windows 8-10 presents certain technological limitations to current firewall implementation. The operating system itself is locked down in certain respects that limit what third-party firewalls are capable of, which is why you don't see some of the features in Windows 8 that you would otherwise see in older versions of Windows.
Running the Windows firewall alongside WSA is recommended and sufficient because the Windows firewall is effective against hostile inbound connections, whereas SecureAnywhere provides effective outbound protection.
Please see this Knowledge Base Article for more information.  And this previous thread on the subject is worth reading for more insight. And  here is the PC User Guide.
Userlevel 7
Please take a look at this KB Article on the subject.. Essentially, WSA lets the Windows Firewall handle the inbound connections and it hardens/complements the protection on the outbound connections.
Please leave the Security Centre process is a core Windpws process that needs to run.
Regards, Baldrick
Userlevel 5
Thank You for the answers  friends :)
may i know if there is any plans in future for add that feature to Webroot for protect inbound connections too ? 
Best Regards,
Userlevel 7
As far as I know there are no plans and actually no need for a Webroot component to handle inbound connections. The WIndows Firewall is very well regarded in terms of its robustness, especially in the case of its inbound connection handling...and that is one of the reasons why Webroot have chosen to make use of the built in firewall, which also have the additional benefit of not adding further processes that would consume resources and add drag to the system.
Having said that you can switch off the Windows Firewall AS LONG as you replace it/install & run a FULL 3rd party firewall application instead.
Hope that helps?
Regards, Baldrick
I read in previous post "... FULL 3rd party ..." does this mean that Webroot's outbound firewall cannot work without the windows firewall present/working ?

Many thanks, Mike
Userlevel 7
Welcome to the Community Forums.
No, the WSA Firewall component is a supplement to another outbound firewall when installed. However, the WSA Firewall component does NOT cover the inbound side of things ONLY the outbound connections...hence one needs to have another firewall, either the WIndows built in one active or a 3rd party one installed & running to be fully protected, i.e., to cover what the WSA Firewall component does not.
And of course, if one uses the Windows or a 3rd party firewall they will have both inbound & outbound elements active.
Finally, the recommended approach is to run WSA with another firewall. To quote from the previoulsy linked KB Article on the topic the :
"The Webroot SecureAnywhere firewall and software is compatible with any other antivirus or firewall application, so you should have no problem running our software alongside your other antivirus/firewall. While it is possible for another antivirus or firewall application to interfere with WSA, no part of Webroot should interfere with other firewalls as WSA is built to recognize and co-exist with other legitimate antivirus/firewall applications. Running the Windows firewall alongside our program is recommended and sufficient because the Windows firewall is effective against hostile inbound connections, whereas SecureAnywhere provides effective outbound protection."
Hope that helps?
Regards, Baldrick