Host firewall
The host firewall can be a great method to filter traffic to and from the system. The effectiveness of this control is dependent on the operating system, location of the system, and policy configuration. For example, the implementation of Windows requires several Windows-specific ports and services to be accessible on the internal network to function within the Windows domain that expose services that may be configured in a vulnerable manner. Whereas with Linux, for instance, the host firewall (iptables) can be very effective in protecting the host and the accessible services as there is no concept of a domain. There is functionality within the Windows firewall to limit the accessibility of the Windows services and it can always be configured in an explicit manner limiting access to services.
Implementation considerations
The host firewall cannot be approached as the primary method of securing services on a system. Each service should be configured in a secure manner as the firewall...
