Base Filtering Engine (BFE) Service Defaults in Windows 10
The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications.
|Display name:||Base Filtering Engine|
|Path:||%SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork|
Base Filtering Engine is a Win32 service. In Windows 10 it is starting automatically when the operating system starts. Then the Base Filtering Engine service is running as NT AUTHORITY\LocalService in a shared process of svchost.exe along with other services. If Base Filtering Engine fails to start, the failure details are being recorded into Event Log. Then Windows 10 will start up and notify the user that the BFE service has failed to start due to the error.
Base Filtering Engine cannot be started under any conditions, if the Remote Procedure Call (RPC) service is disabled.
While Base Filtering Engine is stopped, disabled or working incorrectly, the following services do not start:
- IKE and AuthIP IPsec Keying Modules
- IPsec Policy Agent
- Internet Connection Sharing (ICS)
- Network Connectivity Assistant
- Routing and Remote Access
- Windows Defender Network Inspection System Driver
- Windows Firewall
Restore Default Startup Configuration for Base Filtering Engine
1. Select your Windows 10 edition and release, and then click Download.
2. Save the Win10_BFE_Service_Startup.cmd file to a local storage device.
3. Run the saved file as an administrator.
4. Restart the computer.
The BFE service is using the bfe.dll file that is located in the %WinDir%\System32 folder. If the file is changed, damaged or deleted, you can restore its original version from Windows 10 installation media.