Windows Firewall can be monitored via a COM object or the netsh command. This example will use the Execute Script monitor to run a netsh command line and parse the results to ensure all firewall profiles are on.
Create an Execute Script monitor. Set the language to VBScript and paste the following into the code window.
Dim WshShell, oExec Set WshShell = CreateObject("WScript.Shell") Set oExec = WshShell.Exec("c:\windows\system32\netsh -r " + ComputerName + " advfirewall monitor show firewall") strOut = "" Do While Not oExec.StdOut.AtEndOfStream strOut = strOut & oExec.StdOut.ReadLine() strOut = strOut & vbNewLine Loop listLines = Split(strOut, vbNewline) For Each line In listLines If InStr(line, "State ") > 0 Then If InStr(line, "ON") = 0 Then FireActions = true Details = Details & "A Firewall Profile is OFF - " & line & vbNewLine End If End If Next
In the VBScript above, the netsh is run with commands to show the current status of the firewall on the remote server specified with the -r command. Note that the firewall rule "Windows Firewall Remote Management" has to be enabled for this to work.
Each line is parsed looking for a the text "State ". The space at the end is to prevent lines like "StatefulFTP" from being included. If "State " is seen, then the script checks for the word "ON".
This script might need to be customized for non-English systems.
This monitor could be used as a Monitor Template and applied to many servers at once for a quick check of your Windows servers.