How to get windows firewall profile settings using PowerShell?

PowerShellMicrosoft TechnologiesSoftware & Coding

Recent windows client and server operating systems like Windows 10, Windows Server 2008 onwards, supports advanced firewall versions and they have mainly 3 profiles.

  • Domain

  • Public

  • Private profile.

To get the setting using GUI, you need to search in the box Windows Firewall with Advanced Security or Windows Defender Firewall with Advanced Security. Then you can see in the console that 3 available profiles.

The above same settings can be viewed with the PowerShell Get-NetFirewallProfile command.

PS C:\> Get-NetFirewallProfile
Name : Domain
Enabled : True
DefaultInboundAction : NotConfigured
DefaultOutboundAction : NotConfigured
AllowInboundRules : NotConfigured
AllowLocalFirewallRules : NotConfigured
AllowLocalIPsecRules : NotConfigured
AllowUserApps : NotConfigured
AllowUserPorts : NotConfigured
AllowUnicastResponseToMulticast : NotConfigured
NotifyOnListen : True
EnableStealthModeForIPsec : NotConfigured
LogFileName : %systemroot%\system32\LogFiles\Firewall\pfirewall.log
LogMaxSizeKilobytes : 4096
LogAllowed : NotConfigured
LogBlocked : NotConfigured
LogIgnored : NotConfigured
DisabledInterfaceAliases : {NotConfigured}
Name : Private
Enabled : True
DefaultInboundAction : NotConfigured
DefaultOutboundAction : NotConfigured
AllowInboundRules : NotConfigured
AllowLocalFirewallRules : NotConfigured
AllowLocalIPsecRules : NotConfigured
AllowUserApps : NotConfigured
AllowUserPorts : NotConfigured
AllowUnicastResponseToMulticast : NotConfigured
NotifyOnListen : True
EnableStealthModeForIPsec : NotConfigured
LogFileName : %systemroot%\system32\LogFiles\Firewall\pfirewall.log
LogMaxSizeKilobytes : 4096
LogAllowed : NotConfigured
LogBlocked : NotConfigured
LogIgnored : NotConfigured
DisabledInterfaceAliases : {NotConfigured}
Name : Public Enabled : True
DefaultInboundAction : NotConfigured
DefaultOutboundAction : NotConfigured
AllowInboundRules : NotConfigured
AllowLocalFirewallRules : NotConfigured
AllowLocalIPsecRules : NotConfigured
AllowUserApps : NotConfigured
AllowUserPorts : NotConfigured
AllowUnicastResponseToMulticast : NotConfigured
NotifyOnListen : True
EnableStealthModeForIPsec : NotConfigured
LogFileName : %systemroot%\system32\LogFiles\Firewall\pfirewall.log
LogMaxSizeKilobytes : 4096
LogAllowed : NotConfigured
LogBlocked : NotConfigured
LogIgnored : NotConfigured
DisabledInterfaceAliases : {NotConfigured}

The output is in the detailed view. If you need to check only Profile names and if they are enabled or not then use the select command.

Get-NetFirewallProfile | Select Name, Enabled

Output

Name Enabled ---- ------- Domain True Private True Public True

Similarly, You can filter the different parameters from the above output as per your requirement.

To get the settings on the remote computer, you need to use Invoke-Command or PSSession because this command doesn’t support -ComputerName parameter directly.

Invoke-Command -ComputerName RemoteServerName -ScriptBlock{ Get-NetFirewallProfile | Select Name, Enabled}
raja
Published on 28-Sep-2020 11:57:17
Advertisements