Help Center

Follow

Scanning for Firewall Enabled

Until we add the state of the Firewall as a built-in item we scan for you can use the Registry scanner to get what you're looking for. 

The information is in the Registry under the following key:

HKEY_LOCAL_SYSTEM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

Create a scan profile (or edit an existing one) and add a Registry scanner with the following properties:

Firewall_Scanner.png

Once scanned your computers should have a couple of values from this key. One of them is called EnableFirewall with either a 1 (enabled) or 0 (disabled).  You can create a collection to filter on this value like this:

Firewall_Collection.png

Or build a report with this filter:

Firewall_Report.png

You should be good to go.

For your convenience you can find attached an export for the scanner, collection, and report which you can customize to your heart's desire.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

4 Comments

  • 0

    I have tried this and when I run the report no data is returned. Can someone help me?

    Thanks Marcia

  • 0

    Hi Marcia,

    This could be due to one of a few reasons. Let's hit the easiest one out the gate:

    Make sure your Collection source is set appropriately. Any collection OR computer that is selected when you run a report will become the Collection Source. A report is only executed against a Collection Source. If you want to run against All Computers then make sure that the All Computers collection is selected. You can always change the source by clicking on the button in the report.

    CollectionSource.png

     

    If you change your source and you still aren't getting any data then please verify that you have scanned for the data. Make sure you scan a computer using the appropriate Scan Profile. After scanning (in the case of the using the Firewall scan profile) open a computer window of a scanned computer and select the Registry panel. Do you see any data in there? More specifically do you see any data related to the Firewall?

  • 0

    Hello,

    The collection source is set to All computers. I ran the scan again and no data was produced. I clicked on a computer that I know the firewall is on and checked the registry key and this is what was in there....

    Inline image 1

  • 0

    Update: Report and Scan Profile worked as expected. Always remember that the data in Inventory is only as good as the last scan. Changes made on computers since the last scan are not reported in Inventory with the exception of Online status (heartbeat) and AD Info (Active Directory Syncing).

Article is closed for comments.
Powered by Zendesk