PowerShell Script for Monitoring Firewall Status

In this post, I will share a useful PowerShell script that helps in monitoring the status of the Windows Firewall on your system. This script will check whether the firewall is enabled or disabled and can provide alerts if any changes are detected. Proper firewall configuration is crucial for maintaining network security.
### Step 1: Check Firewall Status
The first step is to check the current status of the Windows Firewall for different profiles (Domain, Private, Public).
“`powershell

$firewallStatus = Get-NetFirewallProfile | Select-Object Name, Enabled

“`
### Step 2: Display Firewall Status
Next, we will display the current status of the firewall profiles that we retrieved in the previous step.
“`powershell

$firewallStatus | ForEach-Object {
    Write-Host "Profile: $($_.Name) - Status: $($_.Enabled)"
}

“`
### Step 3: Log Status to a File
For audit purposes, we will log the firewall status to a text file, which can be helpful for tracking changes over time.
“`powershell

$logPath = "FirewallStatusLog.txt"
$firewallStatus | Out-File -FilePath $logPath -Append
Write-Host "Firewall status logged to $logPath."

“`
### Step 4: Alert If Firewall is Disabled
Lastly, we want to add a check to trigger an alert if any firewall profile is found to be disabled.
“`powershell

$disabledProfiles = $firewallStatus | Where-Object { $_.Enabled -eq $false }
if ($disabledProfiles) {
    Write-Host "WARNING: The following firewall profiles are disabled:"
    $disabledProfiles | ForEach-Object { Write-Host $_.Name }
} else {
    Write-Host "All firewall profiles are enabled."
}

“`
This PowerShell script allows administrators to effectively monitor the status of the Windows Firewall, ensuring that the necessary security measures are in place to protect the network. Regular checks can help maintain a secure environment and prevent unauthorized access.