→ The Lansweeper Customer Excellence Awards 2024 - Submit Your Project Now! Learn More & Enter Here

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
notesguru99
Engaged Sweeper III
hi all,
is it possible to review the computers and servers that have windows firewall disabled? I don't mean the service, because that could be running, but the user has turned the firewall off for the domain location as an example?

I've looked through the reports but can't see anything...

TIA
Stuart
2 REPLIES 2
notesguru99
Engaged Sweeper III
Thanks for the reply, appreciate the help
ProfileNL
Engaged Sweeper III
In lansweeper, go to the tab "Scanning" --> "File & Registry scanning". Then you are going to add a new value for registry scanning. Click on "Add Registry Scan" and select from the dropdown box "HKEY_LOCAL_MACHINE".
Copy the following hive and paste it into the "Regpath" box.
SYSYEM\CurrentcontrolSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

Then you want to paste the following value in "RegValue":
EnableFirewall

Make sure to select the "Enable" radio button.
What you just have done is when lansweeper goes scanning for windows assets, it is now automaticly scanning this regedit entry. Now you have just to create a report to show which assets has firewall turned on or off.

Example report:

Select Top 1000000
tblAssets.AssetID,
tblAssets.AssetName,
tsysAssetTypes.AssetTypeIcon10 As icon,
Case
when tblRegistry.Value = 1 Then 'Firewall is on'
when tblRegistry.Value = 0 Then 'Firewall is off'
End as [Firewall status]
From tblAssets
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tblRegistry On tblAssets.AssetID = tblRegistry.AssetID
Where Valuename = 'EnableFirewall'