Windows – How to determine why all Defender Firewall profiles are active

firewallnetworkingwindows 10

In Windows 10, typically if I'm connected to a private network, looking at the Windows Defender Firewall with Advanced Security panel will only show the Private Profile as active. Currently, I'm seeing all 3 firewall profiles as active:

By clicking "View your network properties" in the Network Status settings, only one of the network adapters look active, and Network Category is "Private".

(Edit:) Compare this with another PC, which has a single Ethernet connection and is only using the private network, as expected.

Is there any way to determine why all 3 firewall profiles are active?

Best Answer

There is a downloadable .pdf file from Microsoft PDF - Click save as (whatever you want to name it).

Enable Windows Defender Firewall with Advanced Security

Source: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell

Enable Windows Defender Firewall with Advanced Security

Windows Defender Firewall drops traffic that does not correspond to allowed unsolicited traffic, or traffic that is sent in response to a request by the device. If you find that the rules you create are not being enforced, you may need to enable Windows Defender Firewall. Here is how to do this on a local domain device:

Netsh

syntax

netsh advfirewall set allprofiles state on

Windows PowerShell

Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True

If you set one at a time you can set it the way you want them to be set.

Set-NetFirewallProfile -Profile Domain -Enabled False

PowerShell

$FWService = (Get-Service | ?{$_.Name -eq "mpssvc"});
$FWService | %{
    If($_.Status -eq "Running"){
        Write-Host "The $($_.DisplayName) service is running." -Foregroundcolor Green
        }Else{
        Write-Host "The $($_.DisplayName) service is stopped." -Foregroundcolor Red
        }
    };

Furthermore, as per Windows Firewall Profiles it is stated that. . .

Windows Firewall offers three firewall profiles: domain, private and public. The domain profile applies to networks where the host system can authenticate to a domain controller. The private profile is a user-assigned profile and is used to designate private or home networks. Lastly, the default profile is the public profile, which is used to designate public networks such as Wi-Fi hotspots at coffee shops, airports, and other locations.

So this means that Windows Firewall can be disabled or enabled at these three profile levels as well and thus to confirm if it's enabled or disabled here, you'll need to check the status of these profiles.

Powershell

$FWProfiles = (Get-NetFirewallProfile);
Write-Host "Windows Firewall Profile Statuses" -Foregroundcolor Yellow;
$FWProfiles | %{
    If($_.Enabled -eq 1){
        Write-Host "The Windows Firewall $($_.Name) profile is enabled"  -Foregroundcolor Green
        }Else{
        Write-Host "The Windows Firewall $($_.Name) profile is disabled" -Foregroundcolor Red
        } 
    };

Best Answer

Related Solutions

Windows – Powershell: Check if the Firewall is enabled (not the profiles)

PowerShell

Powershell

Further Resources

Related Question