cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

FW Not Installed is the reason for security audit failure

SOLVED
Getting noticed

FW Not Installed is the reason for security audit failure

I have a Client Security Report run every week.  In the Security Policy under the Desktop section,  i have the Firewall Enabled option  "checked".  For all of my Windows 10 clients, the Windows Firewall is enabled.  The security report shows that each W10 client fails for these reasons: "FW not Installed"; "FW not enabled".  Does anyone know what is settings is being interrogated to confirm Firewall is Installed and Enabled on Windows 10 clients?  

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Getting noticed

Re: FW Not Installed is the reason for security audit failure

Bonjour @cmiarshvac 

I actually dealt with Meraki support yesterday over this issue.  They had me run this command at a DOS prompt (it's the command that the agent used to check complaince)

 

WMIC /Namespace:\\root\SecurityCenter2 Path AntiSpywareProduct Get * /Format:List

 

That should listdisplayName=Windows Defender and productState=397568 (product state might vary... would have to confirm with Meraki)

 

If it doesn't list Windows Defender open a ticket with them... but if it does like mine did, they had me turn off the Defender on the system in question and turn it back on.  What I did was disable all part of defender, waited a few minutes and rebooted.  The reboot turns the Real Time Protection back on by default, and I manually turned on the other components.  My system showed up secure and compliant within an hour!! 

6 REPLIES 6
Kind of a big deal

Re: FW Not Installed is the reason for security audit failure

What AV are you using, some antivirus software disables windows firewall and run their own version. 

Meraki CMNO, Ruckus WISE, Sonicwall CSSA, Allied Telesis CASE & CAI
Getting noticed

Re: FW Not Installed is the reason for security audit failure

Hello Blake,

I am running Webroot. I asked them about their firewall interaction. Their response: "Webroot's firewall only covers outbound traffic as we utilize Windows Firewall to cover inbound traffic."
Getting noticed

Re: FW Not Installed is the reason for security audit failure

Greetings~ was any resolution found for this issue?  Currently, I have a baseline Windows 10 Client that does not have any 3rd party AV. Windows Defender and Windows Firewall are both enabled / running / updated....  but it is also failing due to "FW not installed, FW not enabled, AV not running".

Getting noticed

Re: FW Not Installed is the reason for security audit failure

No resolution yet.  If someone from Meraki could comment about what is being queried to confirm FW and AV being enabled we might be able to adjust settings to get a good report.  

Highlighted
Getting noticed

Re: FW Not Installed is the reason for security audit failure

Bonjour @cmiarshvac 

I actually dealt with Meraki support yesterday over this issue.  They had me run this command at a DOS prompt (it's the command that the agent used to check complaince)

 

WMIC /Namespace:\\root\SecurityCenter2 Path AntiSpywareProduct Get * /Format:List

 

That should listdisplayName=Windows Defender and productState=397568 (product state might vary... would have to confirm with Meraki)

 

If it doesn't list Windows Defender open a ticket with them... but if it does like mine did, they had me turn off the Defender on the system in question and turn it back on.  What I did was disable all part of defender, waited a few minutes and rebooted.  The reboot turns the Real Time Protection back on by default, and I manually turned on the other components.  My system showed up secure and compliant within an hour!! 

Getting noticed

Re: FW Not Installed is the reason for security audit failure

Thanks for the follow up. I will give this a try.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.