This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

→ 🚀Are you a Lansweeper Champion?! Join our Contributor Program Sign up here!

Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Windows Firewall report or review

notesguru99
Engaged Sweeper III

‎01-12-2017 12:38 PM

hi all,
is it possible to review the computers and servers that have windows firewall disabled? I don't mean the service, because that could be running, but the user has turned the firewall off for the domain location as an example?

I've looked through the reports but can't see anything...

TIA
Stuart
Labels:
0 Kudos
2 REPLIES 2
notesguru99
Engaged Sweeper III

‎09-29-2017 10:40 AM

Thanks for the reply, appreciate the help
0 Kudos
ProfileNL
Engaged Sweeper III

‎01-12-2017 01:11 PM

In lansweeper, go to the tab "Scanning" --> "File & Registry scanning". Then you are going to add a new value for registry scanning. Click on "Add Registry Scan" and select from the dropdown box "HKEY_LOCAL_MACHINE".
Copy the following hive and paste it into the "Regpath" box.
SYSYEM\CurrentcontrolSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

Then you want to paste the following value in "RegValue":
EnableFirewall

Make sure to select the "Enable" radio button.
What you just have done is when lansweeper goes scanning for windows assets, it is now automaticly scanning this regedit entry. Now you have just to create a report to show which assets has firewall turned on or off.

Example report:

Select Top 1000000 
tblAssets.AssetID, 
tblAssets.AssetName, 
tsysAssetTypes.AssetTypeIcon10 As icon,
Case 
	when tblRegistry.Value = 1 Then 'Firewall is on' 
	when tblRegistry.Value = 0 Then 'Firewall is off' 
End as [Firewall status]
From tblAssets 
	Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype 
	Inner Join tblRegistry On tblAssets.AssetID = tblRegistry.AssetID 
		Where Valuename = 'EnableFirewall'

General Discussions

Find answers to technical questions about Lansweeper.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now