{"id":208693,"date":"2024-01-19T09:21:29","date_gmt":"2024-01-19T09:21:29","guid":{"rendered":"https:\/\/www.ninjaone.com\/script-hub\/aktivera-inaktivera-windows-firewall-profiler-powershell\/"},"modified":"2024-03-05T11:34:53","modified_gmt":"2024-03-05T11:34:53","slug":"aktivera-inaktivera-windows-firewall-profiler-powershell","status":"publish","type":"script_hub","link":"https:\/\/www.ninjaone.com\/sv\/script-hub\/aktivera-inaktivera-windows-firewall-profiler-powershell\/","title":{"rendered":"PowerShell-skript f\u00f6r att aktivera eller inaktivera Windows-brandv\u00e4ggsprofiler"},"content":{"rendered":"<p>Att s\u00e4kerst\u00e4lla s\u00e4kerheten i n\u00e4tverk och system \u00e4r en h\u00f6rnsten inom IT. Ett av de viktigaste f\u00f6rsvaren i en Windows-milj\u00f6 \u00e4r Windows-brandv\u00e4ggen. Genom att kontrollera fl\u00f6det av inkommande och utg\u00e5ende trafik fungerar den som en gatekeeper. Den h\u00e4r artikeln handlar om ett <strong>PowerShell-skript som <\/strong><strong>ger<\/strong><strong> en str\u00f6mlinjeformad metod f\u00f6r att aktivera eller inaktivera Windows-brandv\u00e4ggsprofiler<\/strong>, en viktig uppgift f\u00f6r IT-proffs.<\/p>\n<h2>Bakgrund<\/h2>\n<p>Skriptet som presenteras \u00e4r utformat f\u00f6r att aktivera eller inaktivera alla Windows-brandv\u00e4ggsprofiler, n\u00e4mligen Dom\u00e4n, Offentlig och Privat. Dessa profiler best\u00e4mmer vilka inst\u00e4llningar och regler som ska till\u00e4mpas baserat p\u00e5 vilken n\u00e4tverkstyp en dator \u00e4r ansluten till. F\u00f6r tj\u00e4nsteleverant\u00f6rer (MSP) och IT-proffs \u00e4r ett verktyg som snabbt kan v\u00e4xla mellan dessa profiler ov\u00e4rderligt. Oavsett om det g\u00e4ller fels\u00f6kning, s\u00e4kerhetsh\u00e4rdning eller n\u00e4tverkskonfiguration erbjuder detta skript en snabb l\u00f6sning.<\/p>\n<h2>Manus<\/h2>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"powershell\">#Requires -Version 5.1\r\n\r\n&lt;#\r\n.SYNOPSIS\r\n    Enable or disable all Windows Firewall profiles(Domain, Public, Private).\r\n.DESCRIPTION\r\n    Enable or disable all Windows Firewall profiles(Domain, Public, Private).\r\n.EXAMPLE\r\n     -Disable\r\n    Disables all Windows Firewall profiles(Domain, Public, Private).\r\n.EXAMPLE\r\n     -Enable\r\n    Enables all Windows Firewall profiles(Domain, Public, Private).\r\n.EXAMPLE\r\n     -Enable -BlockAllInbound\r\n    Enables all Windows Firewall profiles(Domain, Public, Private).\r\n    Blocks all inbound traffic on the Domain, Public, Private profiles\r\n.OUTPUTS\r\n    String[]\r\n.OUTPUTS\r\n    PSCustomObject[]\r\n.NOTES\r\n    Minimum OS Architecture Supported: Windows 10, Windows Server 2016\r\n    Release Notes:\r\n    Initial Release\r\nBy using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https:\/\/www.ninjaone.com\/terms-of-use.\r\n    Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. \r\n    Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. \r\n    Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. \r\n    Warranty Disclaimer: The script is provided \u201cas is\u201d and \u201cas available\u201d, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. \r\n    Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. \r\n    Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. \r\n    EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).\r\n.COMPONENT\r\n    ProtocolSecurity\r\n#&gt;\r\n\r\n[CmdletBinding(DefaultParameterSetName = \"Enable\")]\r\nparam (\r\n    [Parameter(\r\n        Mandatory = $true,\r\n        ParameterSetName = \"Enable\"\r\n    )]\r\n    [Switch]\r\n    $Enable,\r\n    [Parameter(\r\n        Mandatory = $true,\r\n        ParameterSetName = \"Disable\"\r\n    )]\r\n    [Switch]\r\n    $Disable,\r\n    [Parameter(\r\n        ParameterSetName = \"Enable\"\r\n    )]\r\n    [Switch]\r\n    $BlockAllInbound\r\n)\r\n\r\nbegin {\r\n    function Test-IsElevated {\r\n        $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n        $p = New-Object System.Security.Principal.WindowsPrincipal($id)\r\n        $p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)\r\n    }\r\n}\r\nprocess {\r\n    if (-not $(Test-IsElevated)) {\r\n        Write-Error -Message \"Access Denied. Please run with Administrator privileges.\"\r\n        exit 1\r\n    }\r\n    if ($(Get-Command \"Get-NetFirewallProfile\" -ErrorAction SilentlyContinue).Name -like \"Get-NetFirewallProfile\") {\r\n        # Use Get-NetFirewallProfile if available\r\n        try {\r\n            $NetFirewallSplat = @{\r\n                Profile     = @(\"Domain\", \"Public\", \"Private\")\r\n                Enabled     = $(if ($Enable) { \"True\" }elseif ($Disable) { \"False\" })\r\n                ErrorAction = \"Stop\"\r\n            }\r\n            if ($Enable -and $BlockAllInbound) {\r\n                $NetFirewallSplat.Add('DefaultInboundAction', 'Block')\r\n                $NetFirewallSplat.Add('DefaultOutboundAction', 'Allow')\r\n            }\r\n            Set-NetFirewallProfile @NetFirewallSplat\r\n            \r\n        }\r\n        catch {\r\n            Write-Error $_\r\n            Write-Host \"Failed to turn $(if ($Enable) { \"on\" }elseif ($Disable) { \"off\" }) the firewall.\"\r\n            exit 1\r\n        }\r\n        # Proof of work\r\n        Get-NetFirewallProfile -ErrorAction Stop | Format-Table Name, Enabled        \r\n    }\r\n    else {\r\n        # Fall back onto netsh\r\n        netsh.exe AdvFirewall set AllProfiles state $(if ($Enable) { \"on\" }elseif ($Disable) { \"off\" })\r\n        if ($LASTEXITCODE -gt 0) { exit $LASTEXITCODE }\r\n        netsh.exe AdvFirewall set DomainProfile state $(if ($Enable) { \"on\" }elseif ($Disable) { \"off\" })\r\n        if ($LASTEXITCODE -gt 0) { exit $LASTEXITCODE }\r\n        netsh.exe AdvFirewall set PrivateProfile state $(if ($Enable) { \"on\" }elseif ($Disable) { \"off\" })\r\n        if ($LASTEXITCODE -gt 0) { exit $LASTEXITCODE }\r\n        netsh.exe AdvFirewall set PublicProfile state $(if ($Enable) { \"on\" }elseif ($Disable) { \"off\" })\r\n        if ($LASTEXITCODE -gt 0) { exit $LASTEXITCODE }\r\n        \r\n        if ($Enable -and $BlockAllInbound) {\r\n            try {\r\n                netsh.exe AdvFirewall set DomainProfile FirewallPolicy \"BlockInbound,AllowOutbound\"\r\n                if ($LASTEXITCODE -gt 0) { exit $LASTEXITCODE }\r\n                netsh.exe AdvFirewall set PrivateProfile FirewallPolicy \"BlockInbound,AllowOutbound\"\r\n                if ($LASTEXITCODE -gt 0) { exit $LASTEXITCODE }\r\n                netsh.exe AdvFirewall set PublicProfile FirewallPolicy \"BlockInbound,AllowOutbound\"\r\n                if ($LASTEXITCODE -gt 0) { exit $LASTEXITCODE }\r\n            }\r\n            catch {\r\n                Write-Error $_\r\n                Write-Host \"Could not set Block All Inbound Traffic to 1\"\r\n            }\r\n        }\r\n        # Proof of work\r\n        netsh.exe AdvFirewall show AllProfiles state\r\n        if ($LASTEXITCODE -gt 0) { exit $LASTEXITCODE }\r\n    }\r\n}\r\nend {}<\/pre>\n<p>&nbsp;<\/p>\n\n<div class=\"in-context-cta\"><p>F\u00e5 tillg\u00e5ng till \u00f6ver 300 skript i NinjaOne Dojo<\/p>\n<p><a href=\"https:\/\/www.ninjaone.com\/sv\/kostnadsfri-provperiod-formular\">F\u00e5 tillg\u00e5ng till<\/a><\/p>\n<\/div>\n<h2>Detaljerad uppdelning<\/h2>\n<p>Skriptet s\u00f6ker efter administrat\u00f6rsbeh\u00f6righet, vilket \u00e4r viktigt eftersom det kr\u00e4vs h\u00f6ga beh\u00f6righeter f\u00f6r att \u00e4ndra brandv\u00e4ggsinst\u00e4llningar. D\u00e4refter kontrolleras f\u00f6rekomsten av Get-NetFirewallProfile cmdlet, ett modernt PowerShell-kommando f\u00f6r hantering av brandv\u00e4ggsprofiler.<\/p>\n<p>Om denna cmdlet \u00e4r tillg\u00e4nglig anv\u00e4nder skriptet den f\u00f6r att antingen aktivera eller inaktivera de angivna profilerna. Ett alternativ f\u00f6r att blockera all inkommande trafik, men till\u00e5ta utg\u00e5ende trafik, ger ett extra lager av s\u00e4kerhet.<\/p>\n<p>Om cmdlet Get-NetFirewallProfile inte finns \u00e5terg\u00e5r skriptet till det \u00e4ldre kommandoradsverktyget netsh.exe.<\/p>\n<h2>Potentiella anv\u00e4ndningsomr\u00e5den<\/h2>\n<p>T\u00e4nk dig en IT-expert, Jane, p\u00e5 ett stort f\u00f6retag. De introducerar en ny applikation, men under testningen uppt\u00e4cker de att applikationen inte kan kommunicera med sin server. Jane misst\u00e4nker ett brandv\u00e4ggsproblem och anv\u00e4nder detta skript f\u00f6r att tillf\u00e4lligt inaktivera brandv\u00e4ggsprofilerna, testa applikationen och sedan omedelbart aktivera dem igen. Denna snabba \u00e5tg\u00e4rd hj\u00e4lper till att diagnostisera problemet utan manuell navigering.<\/p>\n<h2>J\u00e4mf\u00f6relser<\/h2>\n<p>Skriptet ger en programmatisk metod f\u00f6r att hantera brandv\u00e4ggsprofiler. Alternativen \u00e4r manuell justering via Windows Firewall GUI eller anv\u00e4ndning av grupprincipobjekt (GPO) f\u00f6r dom\u00e4nanslutna maskiner. B\u00e5da saknar dock den omedelbara karakt\u00e4ren hos detta manus.<\/p>\n<h2>Vanliga fr\u00e5gor<\/h2>\n<ul>\n<li>Kan jag k\u00f6ra detta skript p\u00e5 vilken Windows-maskin som helst?<br \/>\nDen \u00e4r utformad f\u00f6r Windows 10 och Windows Server 2016 och senare.<\/li>\n<li>Beh\u00f6ver jag s\u00e4rskilda beh\u00f6righeter f\u00f6r att k\u00f6ra detta skript?<br \/>\nJa, administrat\u00f6rsbeh\u00f6righet kr\u00e4vs.<\/li>\n<\/ul>\n<h2>Konsekvenser f\u00f6r s\u00e4kerheten<\/h2>\n<p>M\u00f6jligheten att snabbt v\u00e4xla mellan brandv\u00e4ggsprofiler \u00e4r ett tveeggat sv\u00e4rd. Om de inaktiveras, \u00e4ven tillf\u00e4lligt, kan systemen uts\u00e4ttas f\u00f6r hot. Det \u00e4r viktigt att f\u00f6rst\u00e5 s\u00e4kerhetskonsekvenserna och se till att systemen f\u00f6rblir skyddade.<\/p>\n<h2>Rekommendationer<\/h2>\n<ul>\n<li>Testa skriptet i en kontrollerad milj\u00f6 f\u00f6rst.<\/li>\n<li>Om du inaktiverar brandv\u00e4ggen f\u00f6r diagnostik ska du aktivera den igen direkt efter\u00e5t.<\/li>\n<li>Se regelbundet \u00f6ver brandv\u00e4ggsreglerna f\u00f6r att s\u00e4kerst\u00e4lla att de \u00f6verensst\u00e4mmer med s\u00e4kerhetspolicyn.<\/li>\n<\/ul>\n<h2>Avslutande tankar<\/h2>\n<p>Att hantera Windows-brandv\u00e4ggens profiler \u00e4r avg\u00f6rande f\u00f6r n\u00e4tverks- och systems\u00e4kerheten. Medan verktyg som NinjaOne erbjuder <a href=\"https:\/\/www.ninjaone.com\/sv\/\">helt\u00e4ckande l\u00f6sningar f\u00f6r IT-hantering<\/a>, \u00e4r skript som det diskuterade ov\u00e4rderliga f\u00f6r specifika uppgifter. Som alltid \u00e4r det viktigt att f\u00f6rst\u00e5 hur den fungerar och vad den inneb\u00e4r f\u00f6r att kunna anv\u00e4nda den p\u00e5 ett effektivt och s\u00e4kert s\u00e4tt.<\/p>\n","protected":false},"author":35,"featured_media":207104,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_lmt_disableupdate":"no","_lmt_disable":""},"operating_system":[4212],"use_cases":[4255],"class_list":["post-208693","script_hub","type-script_hub","status-publish","has-post-thumbnail","hentry","script_hub_category-windows","use_cases-systemkonfiguration"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/script_hub\/208693","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/script_hub"}],"about":[{"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/types\/script_hub"}],"author":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/users\/35"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/comments?post=208693"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/media\/207104"}],"wp:attachment":[{"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/media?parent=208693"}],"wp:term":[{"taxonomy":"script_hub_category","embeddable":true,"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/operating_system?post=208693"},{"taxonomy":"use_cases","embeddable":true,"href":"https:\/\/www.ninjaone.com\/sv\/wp-json\/wp\/v2\/use_cases?post=208693"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}