This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Detect if Firewall is enabled

Go to solution
coreyarndt
Engaged Sweeper II

‎01-25-2016 05:52 PM

I am looking to see if Lansweeper can detect if the Firewall is enabled or disabled on the devices it is scanning.

In the end I will likely create a report or something to alert me if the firewall is enabled or not...especially on my servers.

Related...will this also detect if a 3rd part firewall is enabled/disabled or just if the windows firewall is enabled/disabled.

Thank You
Labels:
0 Kudos
1 ACCEPTED SOLUTION
Go to solution
Jeremy_D
Champion Sweeper

‎01-28-2016 05:02 PM

Lansweeper does not specifically scan firewall statuses. You can report on a service or registry key associated with the firewall, as forum user esr indicated as well. If a Windows computer is completely firewalled though, you won't be able to scan it through agentless scanning to report on its services or registry keys. You would have to scan it with our LsPush scanning agent.

View solution in original post

3 REPLIES 3
Go to solution
coreyarndt
Engaged Sweeper II

‎01-28-2016 05:12 PM

Thank You, This does help. I will utilize the Registry Scan to obtain what I need. As mentioned the Windows Firewall Service may be running though the firewall is disabled.

Thank you again
0 Kudos
Go to solution
Jeremy_D
Champion Sweeper

‎01-28-2016 05:02 PM

Lansweeper does not specifically scan firewall statuses. You can report on a service or registry key associated with the firewall, as forum user esr indicated as well. If a Windows computer is completely firewalled though, you won't be able to scan it through agentless scanning to report on its services or registry keys. You would have to scan it with our LsPush scanning agent.
Go to solution
esr
Champion Sweeper

‎01-26-2016 10:03 PM

I asked the same question this past July. Unless this has been added recently (don't think so...) then the answer is still "not really..."

Pretty much just have to set up custom registry scans for the firewall keys and make do.

Here's the relevant bits of that post, along with a link to the full thread-

http://www.lansweeper.com/Forum/yaf_postst11262_Windows-Firewall-status-report.aspx#post41975


esr wrote:
...possible to get a report that just provides the status of the firewall- on or off?


Searching around the forum it looks like the options are to check the service, but there it's also possible for the service to be on and the firewall disabled-

SELECT [Computer], Started
FROM [lansweeperdb].[dbo].[tblServices] inner join
lansweeperdb .dbo.tblComputers on tblServices .Computername = tblComputers .Computername where
tblServices .caption = 'Windows Firewall/Internet Connection Sharing (ICS)'



Or to run a custom scan for the following registry keys

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
\EnableFirewall=0 (DWORD data type)

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
\EnableFirewall=0 (DWORD data type)




All the above was found in the following post
http://www.lansweeper.com/Forum/yaf_postst3493_Firewall-Status.aspx#post16673

0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now