Windows 7: Take control of system security
The Control Panel in Windows 7 provides a number of options for securing your system, configuring backups, adjusting firewall settings and so on.
Jorge Orchilles
Adapted from “Microsoft Windows 7 Administrator’s Reference” (Syngress, an imprint of Elsevier)
Windows 7 comes with a variety of security and system management tools. There are tools for managing the local system, managing hardware and devices, and managing disks and file systems. The Control Panel is one of the most commonly used ones. The Control Panel has long been a central place to go to configure your Windows system. The look has changed over the years, but the tools have remained similar. We’ll take a closer look at the system and security aspects and functions of the Control Panel.
The System and Security category contains applets to help you secure, fine-tune and optimize your system. The subcategories under the System and Security category are Action Center, Windows Firewall, System, Windows Update, Power Options, Backup and Restore, BitLocker Drive Encryption and Administrative Tools. Here’s a brief overview.
Action Center
The Action Center helps you resolve basic system issues. It can help troubleshoot security, maintenance and performance issues. In the Action Center, you have four options: Review your computer’s status and solve issues, Change User Account Control (UAC) settings, Troubleshoot common computer problems, and Restore your computer to an earlier time.
If you choose Review your computer’s status and solve issues, the Action Center will display any issues that your system has detected. These could be issues with security, Windows Update, Windows Backup or a host of other issues.
If you choose Change User Account Control settings, the UAC Settings window will open. UAC is used to control whether programs can make changes to your system. This is important because you don’t want malicious programs to be able to make system changes.
The UAC Settings window includes four options:
- Always notify: The user will always be notified when either the user or a program attempts to make changes to the system.
- Notify me only when programs attempt to make changes to my desktop: The desktop will be dimmed when these attempts are made. This is the default option.
- Notify me only when programs attempt to make changes to my desktop (do not dim my desktop): The desktop will not be dimmed when these attempts are made.
- Never notify: The user is never notified when either the user or programs attempt to make changes to the system.
If you choose Troubleshoot common computer problems, the troubleshooting applet will open. The troubleshooting applet helps you troubleshoot issues with programs, hardware, Internet connections, appearance, personalization and security.
Choosing Restore your computer to an earlier time will open the Recovery window. In the Recovery window, you can open the System Restore wizard. System Restore lets you restore system files and settings without losing your personal files and data. You can select a restore point, and Windows 7 will restore your system to the state it was when the restore point was created.
The Recovery window also has an option for Advanced Recovery Methods. These will restore your system, but everything will be replaced, including your personal files and data. You can restore your system using a previously created image. You can also choose to reinstall Windows 7 using the original installation media. If you choose either of these methods, you’ll be able to back up your important files and data.
Windows Firewall
The Windows Firewall protects your Windows system from network-based threats. You can control who has access to your system and what level of access they have. The Windows Firewall applet lets you configure these firewall settings.
You have two options in the Windows Firewall section of the Control Panel: Check firewall status and Allow a program through Windows Firewall. Check firewall status will bring up the Windows Firewall window. This option lets you see if the Windows Firewall is enabled or disabled on your system. You can also see Windows Firewall settings for incoming connections and notifications.
Allow a program through Windows Firewall will bring up the Allowed Programs window. Here you can see what programs the Windows Firewall allows. If you want to change these settings, you must choose the Change settings option. Then you can select a program to allow and specify the networks with which the program is allowed to communicate.
The Details option will show you the path to the executable for the allowed application. If you want to allow a program not listed, you can choose the Allow another program option. You can then specify the location of another program you want to allow through the firewall.
System
The System section of the Control Panel lets you view and configure basic system settings. This section has five options: View amount of RAM and processor speed, Check the Windows Experience Index, Allow remote access, See the name of the computer and Device Manager. View amount of RAM and processor speed will launch the System window. Here you can view basic system information. You can see the processor speed, the amount of RAM in the system, the system type, computer name and other important information.
Check the Windows Experience Index will launch the Performance Information and Tools window. You can see your system’s Windows Experience Index. The Windows Experience Index is a number between 1.0 and 7.9 that represents the overall performance of your system.
Your index is based on five components: processor, memory, graphics, gaming graphics and primary hard disk. Each of these components is given a rating. Your index is based on the lowest individual score for the components. You can rerun the assessment any time you wish. This will help you determine if changes made to the system increased or decreased overall performance.
The Allow Remote Access option brings up the Remote tab of the System Properties window. You can use this tab to enable or disable Remote Assistance. You can also use it to enable or disable Remote Desktop.
Selecting See the name of this computer will launch the System window. You can view the name and description of the computer. In addition, you can view the workgroup or domain in which the computer resides. You can also use this window to change the name of the computer or change the system’s workgroup or domain.
You can use the Device Manager to manage the hardware devices in your system. You can install, disable and uninstall devices. You can update drivers. You can also use Device Manager to determine when there’s a problem with one of your hardware devices and when one of your devices isn’t functioning properly.
Windows Update
Windows Update keeps your system up-to-date with the latest updates and patches. Windows Update can automatically download and install device drivers, OS patches and application patches. There are three options in this section: Turn automatic updating on or off, Check for updates and View installed updates. The option named Turn Automatic Updating on or off will bring up the Windows Update Change Settings window.
You can enable or disable Windows Update on your system. You can also control how updates are handled. You can set whether updates are automatically downloaded and installed, or whether user intervention is necessary.
The Check for updates option brings up the Windows Update window. Windows Update will check and see what updates are available for your system. It will also let you know when your system was last updated. Selecting View installed updates will bring up the Installed Updates window.
The Installed Updates window will list all the updates installed on your system. You can see OS updates, application updates and security updates. The Installed Updates window also lets you uninstall updates from your system.
Power Options
The Power Options section includes the following options: Change battery settings, Require a password when the computer wakes, Change what the power buttons do and Change when the computer sleeps.
The Change battery settings option brings up the Power Options window. This is where you choose a power plan. Power plans determine how your system will manage energy consumption, especially when running on battery power. A good power plan will help extend the amount of time your system can run on battery power.
Choosing Require a password when the computer wakes brings up the Power Options System Settings window. This lets you configure whether a user has to enter a password when the system comes out of sleep mode. Take note that in order to make changes to this setting, you have to first select the Change settings that are currently unavailable option. Choosing Change what the power buttons do also brings up the Power Options System Settings window. You can configure what your system does when you press the power or sleep buttons. You can also configure what happens when you close the lid on your laptop.
Change when the computer sleeps launches the Edit Plan Setting window. This lets you change the settings for your current power plan. You can control when the display will dim or turn off. You can configure when the system will enter sleep mode. You can also adjust the screen brightness.
Backup and Restore
The Backup and Restore section of the Control Panel includes two options: Back up your computer and Restore files from a backup. The Back up your computer option will launch the Backup and Restore window. You can use the Backup and Restore window to create a system image, create a system repair or perform a backup of your system.
Back up now starts a new system backup. The backup will use your current backup device and location. Turn on schedule lets you set up periodic backups of your system. You should schedule these backups for a time when the system will be online, but not in use. The Change settings option will allow you to change the default settings for your backups. For example, you can use this to change the default backup location.
The Restore files from a backup option will bring up the Backup and Restore window. At the bottom of the window, there’s a Restore section. The Select another backup to restore files from option will bring up the Restore Files wizard. The Restore Files wizard will walk you through the process of doing a restore. You’ll have to specify the location of the backup to restore from, the files you want to restore and what you want to do with the restored files.
Administrative Tools
The Administrative Tools section includes the following options: Free up disk space, Defragment your hard drive, Create and format hard disk partitions, View event logs and Schedule tasks. Choosing Free up disk space launches the Disk Cleanup applet. This will scan your system and determine what can be done to free up space on your disks. You can delete Downloaded Program Files, Temporary Internet Files, Offline Web pages, files in the Recycle Bin, Setup Log Files, Temporary Files, Thumbnails, Per-user archived Windows Error Reports and System-archived Windows Error Reports.
The Disk Cleanup applet also includes an option to Clean up system files. This opens the Disk Cleanup applet with a tab called More Options. On the More Options tab, you have the option to remove programs you don’t use. You also have to option to remove older system restore points.
Choosing Free up disk space will bring up the Disk Defragmenter. This can help improve performance of your drives. Fragmentation occurs when files split all over your disks. When this happens, your disk has to do more work to access files. The Disk Defragmenter will move your files to a contiguous location. This will speed disk-access performance.
Create and format hard disk partitions will bring up the Disk Management console. You can use the Disk Management console to manage your hard disks and disk partitions. You can create partitions and format partitions. You can also configure fault tolerance for your disks.
Choose View event logs to open the Windows Event Viewer. You can view the Windows logs Application, Security, Setup and System. You can also view individual logs for certain Windows applications and Windows services. You can use Event Viewer to view logs on the local system or a remote system.
Schedule tasks launches Task Scheduler. Use this to schedule tasks to run at specified times. This is great for administrative and maintenance tasks that must be run on a regular basis. Task Scheduler offers great flexibility. You can use the Create Basic Task wizard or manually create a task.
You can schedule tasks to run once, daily, weekly, monthly, when the computer starts, when a user logs on or when a specific event is logged. The task can be to run a program or script, send an e-mail or display a message. Task Scheduler also lets you import and export tasks. This is useful if you want to run the same task on multiple systems.
I’ll cover other aspects of the Control Panel features and functions—such as the myriad options for network and hardware settings, personalization, establishing credentials and so on—in future articles.
.jpg "Jorge Orchilles")
Jorge Orchilles began his networking career as a network administrator for the small private school he attended. He’s currently a security operating center analyst, and recently completed his Master of Science degree in management information systems at Florida International University.
©2011 Elsevier Inc. All rights reserved. Printed with permission from Syngress, an imprint of Elsevier. Copyright 2011. “Microsoft Windows 7 Administrator’s Reference” by Jorge Orchilles. For more information on this title and other similar books, please visit elsevierdirect.com.