Automating and configuring security settings and Windows Firewall with PowerShell quicker and faster. PowerShell is already a flexible command-line tool for managing Windows. So try to learn more about PowerShell with our PowerShell articles. In order to manage Windows firewall using PowerShell, you must know the basic Windows firewall and configure with GUI or Netsh command line.
Manage Windows Firewall Using PowerShell
There are many network security PowerShell cmdlets in Windows PowerShell and working will all of them are a bit difficult. I’m trying to explain the most used and important in this PowerShell articles.
1. Try to run PowerShell as administrator and type the “Get-command *Firewall*” then press enter to list all Windows Firewall PowerShell cmdlets.
Copy-NetFirewallRule Disable-NetFirewallRule Enable-NetFirewallRule Get-NetFirewallAddressFilter Get-NetFirewallApplicationFilter Get-NetFirewallInterfaceFilter Get-NetFirewallInterfaceTypeFilter Get-NetFirewallPortFilter Get-NetFirewallProfile Get-NetFirewallRule Get-NetFirewallSecurityFilter Get-NetFirewallServiceFilter Get-NetFirewallSetting New-NetFirewallRule Remove-NetFirewallRule Rename-NetFirewallRule Set-NetFirewallAddressFilter Set-NetFirewallApplicationFilter Set-NetFirewallInterfaceFilter Set-NetFirewallInterfaceTypeFilter Set-NetFirewallPortFilter Set-NetFirewallProfile Set-NetFirewallRule Set-NetFirewallSecurityFilter Set-NetFirewallServiceFilter Set-NetFirewallSetting Show-NetFirewallRule
It’s just simple Windows Firewall PowerShell cmdlets. You can combine other networking and security cmdlets with Firewall PowerShell commands.
Enable/Disable Firewall with PowerShell
Enable Firewall with PowerShell is perform with “Set-NetFirewallProfile” command. You can specify the Firewall profiles when disabling Firewall. Read about changing network profiles with PowerShell.
1. In order to disable the Windows firewall with PowerShell, type “Set-NetFirewallProfile -Enabled false” and press enter. It will disable Windows Firewall on all three profiles.
2. Do the same to enable Windows firewall with PowerShell. Just change the status of -Enabled parameter to True and press enter.
3. For displaying the status of Windows Firewall profiles type “Get-NetFirewallProfile” and press enter. It shows the status of all Windows Firewall profiles.
To see the exact profiles, categorize with -Profile parameter. For instance “Get-NetFirewallProfile -Profile Private” then hit enter. It shows that the Enable is equal to False.
4. Type the “Set-NetFirewallProfile -Profile Private -Enable True” and press enter to enabled Windows Firewall for Private profile.
Do the same for disabling Windows Firewall on Private profile. But remember that do not turn off Windows Firewall on the network. It’s just an example to turn off Windows Firewall with PowerShell.
Create Windows Firewall Rules with PowerShell
Let’s create and manage Windows Firewall rules with PowerShell. Create new protocol rules and rules for software.
To see all Windows Firewall rules with PowerShell, simply type “Get-NetFirewallRule | Measure” and press enter.
It counts and shows the amount of Windows Firewall rules. But let’s see how many of these rules are enabled. Type “Get-NetFirewallRule -Enabled True | Measure” and press enter to list enabled rules.
Good, all works perfectly. So let’s create a rule and enable it with “New-NetFirewallRule” command.
To enable Ping with PowerShell type “New-NetFirewallRule -DisplayName “ICMPv4” -Direction Inbound -Action Allow -Protocol icmpv4 -Enabled True” and press enter.
Do the same for other protocols to enable or disable them with PowerShell. And to remove the created rule with PowerShell, type “Remove-NetFirewallRule –DisplayName “ICMPv4” and press enter.
To create a new rule for an app or software, do it like the bellow command. For instance, blocking Internet Download Manager.
New-NetFirewallRule -Program “C:\Program Files\IDM\idm.exe” -Action Block -Profile Domain, Private -DisplayName “Block IDM” -Description “Block Internet Download Manager” -Direction Outbound
That’s not all to manage Windows Firewall using PowerShell, but enough for this post. If you have any question about configuring Windows Firewall with PowerShell, feel free to ask through the comment section.
new-netfirewallrule:Acces is denied!! in win10..
Late to the party, but you’ll want to run it as admin.
Great write up, but you have an error on point 2:
2. Do the same to disable Windows firewall with PowerShell. Just change the status of -Enabled parameter to True and press enter.
should be:
2. Do the same to enable Windows firewall with PowerShell. Just change the status of -Enabled parameter to True and press enter.
Good catch. Updated it and thank you.