Personal website of Dave Hope

Remotely check Windows firewall status

As part of my routine auditing process I wanted to check to ensure that the Windows firewall is enabled and set to use its domain profile on all of our Member servers.

Here’s a script to do just that

' Configuration.
' ====================================================================
Dim strFirewallStatus, strComputer, arrComputers
arrComputers = Split("london,brisbane,perth,chicago", ",")

WScript.Echo "-------------------------------------------------------"
WScript.Echo Left("Computer Name" & Space(47),47) & "Status"
WScript.Echo "-------------------------------------------------------"

' Iterate through computers, showing status.
' ====================================================================
For Each strComputer in arrComputers

  ' Required so we don't die on permission errors.
  On Error Resume Next

  Set objReg = GetObject( "winmgmts:{impersonationLevel" &_
  "=impersonate}!\\" & strComputer & "\root\default:StdRegProv")

  If err.number = 0 Then
    objReg.GetDWORDValue &H80000002, "SYSTEM\CurrentControlSet\" &_
    "Services\SharedAccess\Parameters\FirewallPolicy\" &_
    "DomainProfile\", "EnableFirewall",dwValue

    If dwValue <> 0 Then
      strFirewallStatus = "Enabled"
    Else
      strFirewallStatus = "Disabled"
    End If

    WScript.Echo Left(strComputer & Space(47),47) & strFirewallStatus

  Else
    WScript.Echo strComputer & " - Error" & err.number & " : " &_
    err.description
    err.clear
  End if
Next

You’ll need to make sure that you’ve got the relevant permissions on the target computers, otherwise you’ll just get errors.