Base Filtering Engine (BFE) Service Defaults in Windows 10
The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications.
Default Settings
| Startup type: | Automatic |
| Display name: | Base Filtering Engine |
| Service name: | BFE |
| Service type: | share |
| Error control: | normal |
| Group: | NetworkProvider |
| Object: | NT AUTHORITY\LocalService |
| Path: | %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p |
| File: | %SystemRoot%\System32\bfe.dll |
| Registry key: | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE |
| Privileges: |
|
Default Behavior
Base Filtering Engine is a Win32 service. In Windows 10 it is starting automatically when the operating system starts. Then the Base Filtering Engine service is running as NT AUTHORITY\LocalService in a shared process of svchost.exe along with other services. If Base Filtering Engine fails to start, the failure details are being recorded into Event Log. Then Windows 10 will start up and notify the user that the BFE service has failed to start due to the error.
Dependencies
Base Filtering Engine cannot be started under any conditions, if the Remote Procedure Call (RPC) service is disabled.
While Base Filtering Engine is stopped, disabled or working incorrectly, the following services do not start:
- IKE and AuthIP IPsec Keying Modules
- Internet Connection Sharing (ICS)
- IPsec Policy Agent
- Microsoft Defender Antivirus Network Inspection System Driver
- Network Connectivity Assistant
- Routing and Remote Access
- Windows Defender Firewall
Restore Default Startup Configuration of Base Filtering Engine
Before you begin doing this, make sure that all the services on which Base Filtering Engine depends are configured by default and function properly. See the list of dependencies above.1. Run the Command Prompt as an administrator.
2. Copy the commands below, paste them into the command window and press ENTER:
sc config BFE start= auto
sc start BFE
3. Close the command window and restart the computer.
The BFE service is using the bfe.dll file that is located in the C:\Windows\System32 directory. If the file is removed or corrupted, read this article to restore its original version from Windows 10 installation media.