In the last article I took you through the entire
installation process of
Windows XP SP2. I discussed in detail about the steps involved in installing
SP2 and how the operating system has changed after the booting. Today I will
give an exhaustive tour of the system to see how the user's experience will
change due to SP2.
The first thing you will notice when the system starts is the
display of a warning message that the system is not secure. A red shield with a
cross icon appears on the task bar, and a small balloon appears over it. This
is a new behavior in SP2 and this is part of a feature known as “The Security
Center”.
Figure 1. Security Center.
The Security Center monitors the state of three critical things.
They are “Firewall”, “Automatic Updates” and “Anti virus”. If any of these
settings are not enabled then the Security Center prompts the user when he logs
in. Let us see the options for the Security Center.
|
-
Firewall:
This is the most critical feature needed for XP security. This blocks
all incoming traffic which otherwise could cause enough harm to the user's
workstation.
-
Automatic Updates:
We saw earlier during setup that it prompted to turn on
automatic updates. This monitors the setting of Automatic updates and displays
information based on the user's setting. We will go into detail soon what the
different options are.
-
Antivirus Scanner: Since an antivirus scanner is essential to prevent virus, it
is also important that the antivirus scanner be up to date. Hence Security
Center verifies if the antivirus scanner is installed and whether it is up to
date.
|
If any of these settings are modified which could cause harm to
the computer then Security Center prompts the user on start up of the risks and
the consequences it can have to the system. This can be modified through a
setting. In Security Center, clicking on the link “Change the way Security
Center alerts me” displays the dialog box as seen below.
|
Figure 2: Turning off alerts for Security
Center.
|
Un-checking the boxes in the Alert Settings will not prompt the
user again when the computer boots up. This isn't the recommended choice
because a user might accidentally turn of one of these settings and he will not
be aware of it, because he will not be prompted at start up.
|
Now we will see what are the additional changes that SP2 has
introduced. Let us start with Control Panel. Opening Control Panel shows that
there are a lot of features added with SP2.
|
Figure 3. New icons have been added in
Control Panel.
|
The new features are Security Center, Windows Firewall and
Wireless Network Setup Wizard.
|
We discussed Security Center earlier and now let us discuss the
Windows Firewall. In earlier versions of the firewall it was just a turning
which had to be enabled or not. But this had a lot of disadvantages which could
not be customized for certain environments. For example, the firewall blindly
blocked all incoming traffic and didn't differentiate between the Internet and
the Local Area Network. As a result people had to learn how to disable the
firewall in the corporate network and use the firewall only if they connected
to the Internet on a stand alone computer. But now the firewall has been
enhanced and improved a lot in XP SP2.
|
Figure 4. The home screen of the firewall
in SP2.
|
If you observe the screen carefully, you will notice that there is
a big improvement from SP1 and it is no longer just a switch from turning it
off or turning it on. It has a lot of settings for different environments plus
it has included three additional tabs for advanced configuration.
|
The default page for the firewall is to turn the firewall off and
turn the firewall back on.
|
The “Don't allow exceptions” is for setting greater security to
the computer when the user is in a public network which are not secure by
default. These include hot spots in public places, airports etc because the
connection in these public places are not secure and hackers are always on the
prowl in these sensitive places and on the look out for computers that connect
to these networks to access sensitive data on them.
|
Figure 5. the Exception tab in the
firewall.
|
As mentioned earlier, in previous versions, the firewall blindly
blocked all the incoming traffic and couldn't differentiate between the local
area network and the internet. Hence this exception tab was included to exclude
some applications from using the firewall. Some programs like Instant
messengers, remote desktops, remote assistance and file/printer sharing need
the firewall to be excluded so that they can receive incoming data. But it is
important to note that the more programs configured to exclude the firewall,
the higher the risk to the computer. This is because when these programs are
functioning the firewall ignores the data that is received by these
applications. Hence it has to be used with care and only by trusted
applications..
|
This exception tab can be used to add additional programs or add
additional ports which need to be open so that certain programs can work.
Clicking on the “Add Program” button gives a list of programs which can be
added to the list of exceptions.
|
Figure 6. Add a program to the list of
exceptions.
|
Clicking on the “Change Scope” allows the program be accessed by a
scope of users. For example the first option “Any computer” means that the
program will be available to anyone on the Internet who accesses the computer
on which the program runs. The second option “My network (subnet) only” means
that the program will be accessible only within the network. And the last
option is to tweak the control so that particular users will be able to access
the program. The access is given to a list of IP Addresses.
|
Figure 7. Changing the scope of the
programs that have to bypass the firewall.
|
Clicking on “Add port” displays the dialog as seen below. This is
used when a specific port has to be opened so that other users can access your
computer.
|
Figure 8. Adding a port to the list of
exceptions.
|
The “Change scope” for the port is the same as that of the
programs which we discussed earlier.
|
Figure 9. Changing the scope of access for
the ports.
|
Figure 10. The advanced tab in the
firewall.
|
The advanced tab is used for advanced configuration by the
administrators who want to have more control over the firewall. It also has
features like Security Logging, ICMP and a setting to restore the firewall to
the default settings.
|
We have covered a lot today and saw how the firewall has been
revamped in SP2. In the next article we will cover the most important
application that is used by almost every user on the Internet and that is the
browser.
|
To be continued...
|