[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More


Software Firewalls





Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have a PowerShell script that runs a number of commands that look like this (with various names involved):
Set-NetFirewallRule -DisplayName "Remote Event Log Management (RPC)" -RemoteAddress,LocalSubnet -Profile Private -Enabled True

Open in new window

One problem with this is that it creates duplicate firewall rules.  So, if we run the script twice then we are assured of getting at least 2 identical rules.
(It's easier to run the script than to decide whether to run it!).

So, I have two objectives that I've not been able to reasonably figure out on my own:

1) I want to remove the duplicate firewall rules that this process has created.
2) I want to add the same firewall rules to computers that have no duplicates, without creating duplicates once more.
3) I want all of this wrapped up into two scripts.

How might you suggest this be done?
Rowby Goren Makes an Impact on Screen and Online
LVL 12
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

The scenario: Windows server behind a firewall (pFsense) is initiating an FTP connection to an external service. The external service is stating the firewall is passing the internal IP address to their FTP server in the connection setup.

I've reviewed the firewall settings and don't see how the firewall could be doing this. I don't have access to the windows server or the software initiating the connection to review them.

Any suggestions on where to look?

Please help...
Scenario:  We have users that use laptop/desktops to connect to our RDP farm, we also have some “local users” that work on local applications using their network shares.
-      The group policy connects their H: drive to a network share, we want to only allow connection to the file server whilst on the remote desktop (security reasons and to control access).
-      We also have a small group of users that will need to connect to the file server e.g. connect their network shares
-      Servers are in a datacentre, including remote desktop servers
-      Users are at a number of sites (different IP/subnet)
We are trying to use the server firewall rule “File and Printer Sharing (SMB-In)" to limit connections from named servers/computers (remote desktop machines) and an OU group containing the limited list of approved users.
-      Is this the best way to do this and
-      Will the firewall allow me to limit (as above)
All assistance gratefully received…
 I have a windows 10 PC (domain joined on Windows 2008 network) that I can ping it by IP address neither by IP address nor by name.
 But that computer can connect to the internet, domain, mapped drive ... everything works normal from that computer, including I can connect to that computer using Splashtop remote software too from outside of the network.
 I discovered this weird situation when I failed to RDP into that computer. First I ran firewall.cpl and made sure that REMOTE DESKTOP was checked for domain, private and public.
 I went to the domain controller and confirmed that IP address and computer name was registered in DNS manager and DHCP server. Other workstation computers can ping each other by computer name and IP address.
 What can I do to troubleshoot this issue?

Dear Experts,

I have a set of fortigate firewall policies which I need to duplicate on a cisco router.

I have done most of the point A to point B.

The issue I have now is the NAT and there is an IP Pool, is there a guide on how I can translate the rules from firewall to cisco router?

Any help is appreciated.
Hi Experts

I am looking for a router capable of delivering a DHCP range of  /19 or above, with DSL and ethernet WAN ports |(VDSL) for large applications.  On-board wifi is not required.  L7 firewall an advantage
Can you advise?  Many thanks in advance
i have pfsens with snot package ... and i enabled on wan and lan wit block mode
i add some alerts so suppress lists for wan and lan ,,, already create two file one for wan and the second for lan
some alerts that is in suppress list is going to blocked ! so where is the problem ?
Hi All,

I need some assistance setting up the below. I've got 3 "subnets" to set up internally. All must be able to reach the internet through the suppliers router.

The networks are 2x /26 and 1x /27. VLANS 601 & 603 are desktop pc's. VLAN 602 will be Cisco phones. 601 and 603 do not need any seperation, they're just to cover the seperate DHCP ranges. DHCP will be provided by an external source (hopefully) through a VPN setup on the ASA Firewall. I'm looking to setup outside interface, inside interface and access for all vlans.

Is anyone able to provide a sample config on how I could get this working?

Network Overview

What is the best way to communicate between a Windows Service application and a UI Application within the machine.
Currently I am writing into a SQL lite database and reading every second in both applications.
My Service application has Socket Communication for inter machine, I do not want Sockets on UI (to avoid Firewall blocking).
IPC at times gives problems when the users are different (Local System and Standard user)
I use Delphi Seattle on Windows
my mail server which is exhange server 2010 is published through owa for external users.
i would like to know how to make them connect through their android smartphones to my exchange servers.
what ports really need to be mapped to make that happen.
thanks in advance
Redefine Your Security with AI & Machine Learning
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

How do I check for currently closed ports on Windows and Linux boxes. Please advise! Thanks!
I install nginx with mod security … I want to use it as waf for backend web servers.
in this case do I have to enable reverse proxy on it ?
what's about the https servers ?
Hello Experts,
Just wanted to find out how do you guys dynamically update the Office 365 endpoints IPs and URLs that are published by MS for the proxy and firewall access? I know the RSS feed will be retired soon per what I read online and do you guys just run a PS script that grabs the info from the published XML file or there's a better solution/idea out there? Any input would be greatly appreciated!
can I install suricata , mod security, ndpi,ntopng on the same server ?
I install the last version of pfsense I want to use as waf, but I dint find the mod security package.
so what I have to do ? I want to make on system for ids,ipd,waf
is there anyway  to snif facebook user account ...
just the user account name or email or the username from my firewall ?
i see a report from on of isp that is have the user id and the ip source ...
is there any way to cash youtube videos without mitm senario ?
I am on an Amazon Linux 2 AMI running Apache 2 and I need a software solution for security.  I have been told mod_security isn't a good choice.  So does anyone have experience with the AWS Waf?  If so, what rules are you using?

Or, do you have another idea altogether?

On my previous instance I used fail2ban but I found the bots could outsmart fail2ban so hopefully someone will have a better choice.

Let me clarify my biggest  problems are postfix issues, stopping ddos, bots running up and down my site stealing bandwidth, clicking on every link and having numerous disk i/o's which I have to pay for.

By the way, I am not interested in using another AMI due to the complexity of my existing AMI.
Hi, All.

I have an issue with IPTABLES rules. Here is below image shows my iptables rules. But i can not "telnet" port 2196. I've edited directly "/etc/sysconfig/selinux". And restarted iptables. Selinux disabled.

What am i doing wrong ?

KuppingerCole Reviews AlgoSec in Executive Report
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

Dear All,

We are planning to install a new Windows server 2012 domain controller on our network and join the existing domain. However, the original domain controller is located on another sub-network protected by firewall.  We have opened the firewall rules (Two-ways) according to the link https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd772723(v=ws.10) which are as follows:

TCP 3268
TCP 3269
Kerberos (TCP/UDP 88)
TCP 25
TCP 135
TCP 49152 TO 65535
TCP 5722
UDP 123
UDP 49152 TO 65535
UDP 138
TCP 9389
UDP 67 and 2535
UDP 137
TCP 139

while all other ports other than the above are dropped.

We have configured the DNS server of the new Domain Controller pointing to the first Domain Control on the other subnet. Both servers are running Windows server 2012 standard edition. When we try to promote the new server to DC and add a domain controller to an existing domain the following error prompted :

"Verification of replica failed, An Active Directory domain controller for the domain could be contacted. Ensure that you supplied the correct DNS domain name"

After we request our firewall team to open Any-To-Any (Two Way) between the first and new domain controller, the above error message disappear and able to join the domain.  The firewall is managed by other team so we cannot check the deny log on the firewall.

Our …
How can I configure Windows Firewall "Allowed Apps" through group policy?

On Windows computers, this can be found within the "Control Panel\All Control Panel Items\Windows Firewall\Allowed apps" applet.

Windows Firewall Allowed Apps
What settings need to be changed within the Server 2016 firewall settings to allow domain admins to browse the C$ shares?
I am not very familiar with Windows Server firewall settings. I think I need to set a rule to allow HTTPS Traffic-in and was trying to use the World Wide Web Services(HTTPS Traffic-In) rule. Is this in a group that I would find by selecting a predefined rule type? Or do I just have to pick the port and manually type it in? I can't find it predefined anywhere.

Hi Anyone,

Can I anyone advice how to troubleshoot this error as attached for your kind.

1. Is able to ping and SCCM can detect client and is active.
2. When tried to \\LIOE17BSD1889LC\admin$ => I've the local admin password but just can't connect when trying to use domain\admin, .\admin or \admin still can't  

Trying to go client action > Run Software Inventory Cycle and got this error.

Ps advice.


can we use letsencrypt certificates for Sonic wall firewall.
issue: DPI SSl is enabled for users & firewall self signed SSL certificate is pushed to clients by GPO. but when applying the filtering rules for mobile users (smart phones, Iphones, IPads & other computers that are not part of internal domain) they get SSL not trusted error. cannot perform https filtering with this error. so is there any way to use a publicly trusted certificate for my sonic wall local IP or any workaround to filter https for those clients.
Sonic OS 6.5 later  

thank you.

Software Firewalls





Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.