Windows Filtering Platform Explained

Windows Filtering Platform (WFP) is a set of system services in Windows Vista and later that allows Windows software to process and filter network traffic. Microsoft intended WFP for use by firewalls, antimalware software, and parental controls apps. Additionally, WFP is used to implement NAT and to store IPSec policy configuration.

WFP relies on Windows Vista's Next Generation TCP/IP stack. It provides features such as integrated communication and per-application processing logic. Since Windows 8 and Windows Server 2012, WFP allows filtering at the second layer of TCP/IP suite.

Components

The filtering platform includes the following components:

Diagnostics

Starting with Windows 7, the netsh command can diagnose of the internal state of WFP.

Hotfix

Microsoft released three out-of-band hotfixes for WFP in Windows Vista and Windows 7 to address issues that could cause a memory leak, loss of connectivity during a Remote Desktop Connection session, or a blue screen of death. Later, these hotfixes were rolled up into one package.[1]

External links

Notes and References

  1. Web site: 12 April 2010. A Windows Filtering Platform (WFP) driver hotfix rollup package is available for Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Windows support. Microsoft.