Retrieve firewall settings?
Is it possible to retrieve firewall settings on remote machines through Inventory? I did find an old post by Adam detailing how you can determine if the firewall is enabled through Inventory.
http://support.adminarsenal.com/entries/22614937-Scanning-for-Firewall-Enabled
It's close, but not quiet what I'm after. I'd like to be able to pull all the settings from the registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
I built a scan profile to pull that information, but I can't find any tab where the data is displayed when I click through a computer's information. Is it possible to retrieve this information in Inventory? I can run a GPResults to see if the setting is being applied, but sometimes I'd like to be able to go ask the firewall itself how it's currently configured. We have some labs using a remote management program that has a lot of firewall exceptions, and sometimes this program can get a bit flaky.
Comments
Should have added this with the original post, but here's a screenshot of the scan profile I made.
Hi Brian,
Depending on the Firewall data you need you may want to scan HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall.
There is a Scan Profile already built for this. It is called Windows Firewall Configuration. If the value you want doesn't exist there then you can copy the path you provided and just add that to this existing profile. (just a suggestion)
Anyway, yes, there are a few ways you can access the scanned registry data.
You can also build collections based on the data in the registry although you can't view the Registry data from a Collection window. For example you could have a Collection that contains only computers that have the RemoteDesktop exception set to 1 (enabled).
Let's say I want to see the RemoteDesktop policy on my computers. This value exists under HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall. I use the Windows Firewall Configuration scan profile. (see attached)
Then I build a report (see two attached files Inv-RegistryReport-FW-RD*.png)
Shane,
Sorry for the delay, we've been on vacation. This is exactly what I needed, I'm able to retrieve and view all the firewall settings I need. Thank you for the info!