Windows Firewall check
Applies To: Forefront Client Security
The Windows Firewall check identifies whether the Windows Firewall is enabled (on the scanned computer) for all active network connections. The check also identifies port exceptions, service exceptions, and application exceptions..
Windows Firewall is software that runs on your computer and provides protection against network attacks from the Internet or other computers on the network
Windows Firewall is included in Windows XP SP2, Windows Server 2003 SP1, and Windows Vista. Internet Connection Firewall (ICF) is included in Windows XP prior to SP2 and Windows Server 2003 prior to SP1. This check pertains to Windows Firewall and not to ICF.
Resolutions for potentially unacceptable scores
It is recommended that you enable Windows Firewall for each network connection on a computer. You can change firewall settings through: Control Panel > WindowsFirewall or by using Group Policy. For more information about Windows Firewall, see How to turn of or turn off the firewall in Windows XP (https://go.microsoft.com/fwlink/?LinkId=19699) and Managing Windows XP Service Pack 2 Features Using Group Policy: Windows Firewall (https://go.microsoft.com/fwlink/?LinkId=95063)
Scoring and results
The following tables show how Client Security determines the score resulting from performing this check on a client computer.
Overall score for computers with Windows Firewall disabled
| Score | Operating System | Firewall is globally enabled | Configured by Group Policy | Results message |
|---|---|---|---|---|
High |
Windows XP SP2, Windows Vista |
No |
No |
Windows Firewall is globally disabled on this computer. |
Medium |
Windows 2003 (SP1 or later) |
No |
No |
Windows Firewall is disabled on a computer running Windows Server 2003. This is the default configuration for this operation system. |
Medium |
Windows 2003 (no SP1), Windows XP SP1, Windows 2000 (or earlier) |
Not applicable |
Not applicable |
This computer is running an operating system that does not support Windows Firewall. |
Informational |
Windows XP SP2, Windows Server 2003 (SP1 or later), Windows Vista |
No |
Yes |
Windows Firewall is disabled by Group Policy. |
Overall score for computers with Windows Firewall enabled
| Score | Operating System | Firewall is globally enabled | Number of connections with firewall enabled | Configured by Group Policy | Exceptions Allowed | Port, Service or Application Exception | Results message |
|---|---|---|---|---|---|---|---|
High |
Windows XP SP2, Windows Server 2003 (SP1 or later), Windows Vista |
Yes |
0 or more (but not all) |
|
Yes |
|
Windows Firewall has been globally enabled, but it has been disabled on one or more network connection. |
Medium |
Windows XP SP2, Windows Server 2003 (SP1 or later),Windows Vista |
Yes |
All |
No |
Yes |
1 or more |
Windows Firewall is enabled. Exceptions have been configured for one or more network connection. |
Informational |
Windows XP SP2, Windows Server 2003 (SP1 or later),Windows Vista |
Yes |
All |
Yes |
Yes |
1 or more |
Windows Firewall is configured by Group Policy. The firewall is globally enabled and exceptions have been configured for one or more network connection. |
Low |
Windows XP SP2, Windows Server 2003 (SP1 or later),Windows Vista |
Yes |
All |
No |
Yes |
None |
Windows Firewall is enabled on all network connections. |
Low |
Windows XP SP2, Windows Server 2003 (SP1 or later),Windows Vista |
Yes |
All |
No |
No |
None |
Windows Firewall is enabled on all network connections and firewall exceptions are not allowed. |
Overall score for globally open ports
| Score | 1 or more port exception enabled on 1 or more connection | Configured by Group Policy for all settings | Results message |
|---|---|---|---|
Medium |
Yes |
No |
Windows Firewall port exceptions have been configured for one or more network connection. |
Informational |
Yes |
Yes |
Windows Firewall port exceptions have been configured by Group Policy for one or more network connection. |
Low |
No |
No |
No Windows Firewall port exceptions have been configured. |
Score for each globally open port exception
| Score | Port exception is enabled | Number of connections configured | Configured by Group Policy | Results message |
|---|---|---|---|---|
Medium |
Yes |
All |
No |
Port:<port name>. This Windows Firewall port is open on all network connections. |
Medium |
Yes |
1 or more |
No |
Port:<port name>. This Windows Firewall port is open on the following network connection(s):<List of connection names>. |
Informational |
Yes |
All |
Yes |
Port:<port name>. This Windows Firewall port was opened by Group Policy on all network connections. |
Informational |
Yes |
1 or more |
Yes |
Port:<port name>. This Windows Firewall port was opened by Group Policy on the following network connection(s):<List of connection names> |
Overall score for application exceptions
| Score | 1 or more application exception enabled on 1 or more connection | Configured by Group Policy for all settings | Results message |
|---|---|---|---|
Medium |
Yes |
No |
Windows Firewall application exceptions have been configured for one or more network connection. |
Informational |
Yes |
Yes |
Windows Firewall application exceptions have been configured by Group Policy for one or more network connection. |
Low |
No |
No |
No Windows Firewall application exceptions have been configured. |
Score per application exception
| Score | Application exception is enabled | Number of connections configured | Configured by Group Policy | Results message |
|---|---|---|---|---|
Medium |
Yes |
All |
No |
This Windows Firewall application exception is enabled on all network connections. |
Medium |
Yes |
1 or more |
No |
This Windows Firewall application exception is enabled on the following network connection(s):<List of connection names> |
Informational |
Yes |
All |
Yes |
This Windows Firewall application exception was enabled by Group Policy on all network connections. |
Informational |
Yes |
1 or more |
Yes |
This Windows Firewall application exception was enabled by Group Policy on the following network connection(s):<List of connection names> |
Overall score for service exceptions
Note
The report for this check does not show details for each service exception.
| Score | 1 or more service exception enabled on 1 or more connection | Configured by Group Policy for all settings | Results message |
|---|---|---|---|
Medium |
Yes |
No |
Windows Firewall service exceptions have been configured for one or more network connection. |
Informational |
Yes |
Yes |
Windows Firewall service exceptions have been configured by Group Policy for one or more network connection. |
Low |
No |
No |
No Windows Firewall service exceptions have been configured. |
Overall score for network connections
| Score | 1 or more service exception enabled on 1 or more connection | Configured by Group Policy for all settings | Results message |
|---|---|---|---|
High |
1 or more |
No |
Windows Firewall is disabled on one or more network connection. |
Low |
0 |
No |
Windows Firewall is enabled on all network connections. |
Score per network connection
| Score | Application exception is enabled | Number of connections configured | Configured by Group Policy | Results message |
|---|---|---|---|---|
High |
Yes |
No |
No |
Windows Firewall is disabled on this network connection. |
Low |
Yes |
Yes |
No |
Windows Firewall is enabled on this network connection. |
Related Topics
Other Resources
Managing Windows XP Service Pack 2 Features Using Group Policy: Windows Firewall
Windows Firewall Technical Reference/Windows Firewall Tools and Settings
Understanding Windows Firewall in Windows Vista
The New Windows Firewall in the Windows Vista and Windows Server 2008