I am having some trouble understanding the status of the Windows Firewall on Windows 10 and Server 2016 devices. I am trying to gather the following information:
- Is the Windows Firewall enabled? [NOT WORKING]
- Are all 3 profiles enabled? [WORKING]
- Is there a third party Firewall enabled? [WORKING]
From the information displayed, it appears that everything is enabled and functioning properly.
However, when I go up one level, I see a message that suggests the firewall is not enabled 
(clicking “Turn on” has no effect).
Upon checking the registry keys located at “HKLM:\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy”, I can see that all three profiles are enabled, but the Windows Firewall itself is disabled.
The script provided detects the presence of third-party firewalls on the device.
$firewalls= @(Get-WmiObject -Namespace $securityCenterNS -class FirewallProduct -ErrorAction Stop)
if($firewalls.Count -eq 0){
Write-Output "No third party firewall installed."
}else{
$firewalls | Foreach-Object {
[int]$productState=$_.ProductState
$hexString=[System.Convert]::toString($productState,16).padleft(6,'0')
$provider=$hexString.substring(0,2)
$realTimeProtec=$hexString.substring(2,2)
$definition=$hexString.substring(4,2)
"Product Name : {0}." -f $_.displayName
"Service Type : {0}." -f $SecurityProvider[[String]$provider]
"State : {0}.`n`n" -f $RealTimeBehavior[[String]$realTimeProtec]
}
}
<# OUTPUT:
Product Name : Bitdefender Firewall
Service Type : AntiVirus
State : ON
#>
I would like to know how to determine if the Windows Firewall is truly enabled or disabled. Is there a specific value I should be looking for in the registry? Is there a command that I can run to quickly determine the status of the firewall?
3 Answers
Introduction
Windows Firewall is a built-in security feature in Windows operating systems. It helps to protect your computer from unauthorized access by blocking incoming traffic that may be harmful. However, sometimes it can be challenging to determine the status of the Windows Firewall. In this blog post, we will discuss how to check the Windows 10 Firewall status. We will cover three main aspects: whether the Windows Firewall is enabled, whether all three profiles are enabled, and whether there is a third-party firewall enabled.
Is the Windows Firewall enabled?
To check whether the Windows Firewall is enabled on your Windows 10 device, follow these steps:
- Click on the Start menu and type “Windows Defender Firewall” in the search bar.
- Click on the “Windows Defender Firewall” app that appears in the search results.
- In the left pane of the Windows Defender Firewall window, click on the “Turn Windows Defender Firewall on or off” option.
- Under the “Private network settings” and “Public network settings” sections, make sure that the “Turn on Windows Defender Firewall” option is selected.
- Click “OK” to save the changes.
If the “Turn on Windows Defender Firewall” option is not selected, it means that the Windows Firewall is not enabled. In this case, you should turn it on to ensure that your device is protected from unauthorized access.
Are all 3 profiles enabled?
Windows Firewall has three profiles: Domain, Private, and Public. Each profile is designed to protect your computer from different types of network traffic, depending on the network location. To check whether all three profiles are enabled, follow these steps:
- Click on the Start menu and type “Windows Defender Firewall” in the search bar.
- Click on the “Windows Defender Firewall” app that appears in the search results.
- In the left pane of the Windows Defender Firewall window, click on the “Advanced settings” option.
- In the left pane of the Windows Defender Firewall with Advanced Security window, click on the “Windows Defender Firewall Properties” option.
- Under the “Domain Profile,” “Private Profile,” and “Public Profile” sections, make sure that the “Firewall state” option is set to “On.”
If the “Firewall state” option is set to “Off” for any of the three profiles, it means that the Windows Firewall is not enabled for that profile. In this case, you should turn it on to ensure that your device is protected from unauthorized access.
Is there a third-party Firewall enabled?
Sometimes, users install third-party firewalls on their devices to provide additional security. To check whether there is a third-party firewall enabled on your Windows 10 device, you can use a PowerShell script.
- Open PowerShell as an administrator.
- Copy and paste the following script into the PowerShell window:
$firewalls= @(Get-WmiObject -Namespace $securityCenterNS -class FirewallProduct -ErrorAction Stop) if($firewalls.Count -eq 0){ Write-Output "No third-party firewall installed." }else{ $firewalls | Foreach-Object { [int]$productState=$_.ProductState $hexString=[System.Convert]::toString($productState,16).padleft(6,'0') $provider=$hexString.substring(0,2) $realTimeProtec=$hexString.substring(2,2) $definition=$hexString.substring(4,2) "Product Name : {0}." -f $_.displayName "Service Type : {0}." -f $SecurityProvider[[String]$provider] "State : {0}.<code>nn" -f $RealTimeBehavior[[String]$realTimeProtec] } } - Press Enter to run the script.
The script will display the names of any third-party firewalls that are installed on your device, along with their state. If the script does not display any third-party firewalls, it means that there are no third-party firewalls installed on your device.
Conclusion
In conclusion, Windows Firewall is a critical security feature that helps to protect your computer from unauthorized access. In this blog post, we discussed how to check the Windows 10 Firewall status. We covered three main aspects: whether the Windows Firewall is enabled, whether all three profiles are enabled, and whether there is a third-party firewall enabled. By following the steps outlined in this blog post, you can ensure that your device is protected from unauthorized access and that your data is secure.
Gathering information on the Windows Firewall status can be a bit tricky, but don’t worry, I’ll help you out.
First, to check if the Windows Firewall is enabled, you can check the status of the service. The Windows Firewall is installed as a service on the operating system. To check the status of the service, you can use the following PowerShell command:
$FWService = (Get-Service | ?{$_.Name -eq "mpssvc"});
$FWService | %{
If($_.Status -eq "Running"){
Write-Host "The $($_.DisplayName) service is running." -Foregroundcolor Green
}else{
Write-Host "The $($_.DisplayName) service is stopped." -Foregroundcolor Red
}
};
This command will give you the status of the service, whether it’s running or stopped, and you can use this information to determine if the Windows Firewall is enabled or not.
As for the Windows Firewall profiles, Windows Firewall offers three firewall profiles: domain, private, and public. Each profile can be enabled or disabled separately. To check the status of these profiles, you can use the following PowerShell command:
$FWProfiles = (Get-NetFirewallProfile);
Write-Host "Windows Firewall Profile Statuses" -Foregroundcolor Yellow;
$FWProfiles | %{
If($_.Enabled -eq 1){
Write-Host "The Windows Firewall $($_.Name) profile is enabled" -Foregroundcolor Green
}else{
Write-Host "The Windows Firewall $($_.Name) profile is disabled" -Foregroundcolor Red
}
};
This command will give you the status of each profile, whether it’s enabled or disabled, and you can use this information to determine if the Windows Firewall is truly enabled or disabled.
Regarding the third-party firewall, you can use the script provided.
$firewalls= @(Get-WmiObject -Namespace $securityCenterNS -class FirewallProduct -ErrorAction Stop)
if($firewalls.Count -eq 0){
Write-Output "No third party firewall installed."
}else{
$firewalls | Foreach-Object {
[int]$productState=$_.ProductState
$hexString=[System.Convert]::toString($productState,16).padleft(6,'0')
$provider=$hexString.substring(0,2)
$realTimeProtec=$hexString.substring(2,2)
$definition=$hexString.substring(4,2)
"Product Name : {0}." -f $_.displayName
"Service Type : {0}." -f $SecurityProvider[[String]$provider]
"State : {0}.`n`n" -f $RealTimeBehavior[[String]$realTimeProtec]
}
}
This script will detect the presence of third-party firewalls on the device and give you the name, service type, and state of the firewall product.
Hope this helps you out!
To determine the status of the Windows Firewall, you can check whether or not the service is running. The Windows Firewall is installed as a service on the operating system. To check the status of the service, you can use the following PowerShell command:
$FWService = (Get-Service | ?{$_.Name -eq "mpssvc"});
$FWService | %{
If($_.Status -eq "Running"){
Write-Host "The $($_.DisplayName) service is running." -Foregroundcolor Green
}else{
Write-Host "The $($_.DisplayName) service is stopped." -Foregroundcolor Red
}
};
Additionally, Windows Firewall offers three firewall profiles: domain, private, and public. Each profile can be enabled or disabled separately. The domain profile applies to networks where the host system can authenticate to a domain controller. The private profile is used for private or home networks.
The public profile is used for public networks such as Wi-Fi hotspots at coffee shops, airports, and other locations. To check the status of these profiles, you can use the following PowerShell command:
$FWProfiles = (Get-NetFirewallProfile);
Write-Host "Windows Firewall Profile Statuses" -Foregroundcolor Yellow;
$FWProfiles | %{
If($_.Enabled -eq 1){
Write-Host "The Windows Firewall $($_.Name) profile is enabled" -Foregroundcolor Green
}else{
Write-Host "The Windows Firewall $($_.Name) profile is disabled" -Foregroundcolor Red
}
};
This command will give you the status of each profile, whether it’s enabled or disabled, and you can use this information to determine if the Windows Firewall is truly enabled or disabled.