Verify Windows FIrewall is enabled

system 2010-11-08 09:54:37 UTC #1

(imported topic written by SystemAdmin)

Greetings,

Our security team has passed me a directive to verify that all users have the Windows Firewall enabled. I have looked high and low, but can’t seem to locate an existing fixlet to address this task.

I’m thinking about just reverse engineering the Trend Micro task to “Disable Windows Firewall”, but I’m not sure about the implications. The directive at this point is just to make sure that it is running, not enforce a policy.

Thanks

-JD

Windows Firewall - Local Policy vs GPO

system 2010-11-08 10:43:55 UTC #2

(imported comment written by nberger91)

How about state of Windows Firewall service ?

system 2010-11-08 21:17:04 UTC #3

(imported comment written by JackCoates91)

q: if (name of operating system contains “Win”) then (if (name of operating system = “Win7” or name of operating system = “WinVista”) then (state of service “MpsSvc”) else (state of service “SharedAccess”)) else (“Not a Windows system.”)

system 2011-01-12 20:27:04 UTC #4

(imported comment written by mmcgrew91)

Hello Jack,

While that will check to see if the service is running it will not check to see if it’s enabled. The service will still be enabled even if the firewall is disabled. To check this just use the firewall inspector.

q: firewall enabled of current profile of local policy of firewall

system 2011-01-13 01:58:18 UTC #5

(imported comment written by JackCoates91)

yeah, that does work better Thanks!

adamcybulski 2023-02-17 19:57:02 UTC #6

If you come across this with a google search 12 years later like I did, this is now built in to the systems properties.