Manage Windows Firewall Settings

Use the Task Manage Windows Firewall Settings to manage Windows Firewall settings on Agents. By default, Windows XP SP2 enables Windows Firewall on all network connections. However, this can impair certain types of communications. This Task allows you to modify the appropriate settings for Windows Firewall on Agents, so that communications are not impaired in your Ivanti Automation environment.

Configuration

  • When changing the exceptions, you can add/change or remove a program or port. When adding a program of port, use Change Scope to specify a set of computers for which the program or port is unblocked. You can also specify a custom list based on IP address. For the Agent+, IPv4 and IPv6 addresses are supported. For the legacy Agent, only IPv4 is supported.
  • When changing the advanced settings, you can add/change or remove a service based on name or IP address. For the Agent+, IPv4 and IPv6 addresses are supported. For the legacy Agent, only IPv4 is supported.
  • Specify port ranges with a hyphen; separate multiple ports and port ranges with a comma. For example: Port: 1000, 1024-1027, 1029-1031

It can be useful to combine this Task with a Task Query Windows Firewall Settings, to take action based on the query results.

  • You can only change the Windows Firewall settings if the target computer runs Microsoft Windows XP SP 2 or higher.
  • Before you add any exceptions to the Windows Firewall, carefully consider whether these exceptions are needed at all. Every exception that you add exposes your computer environment to attacks.