HomeGuidesWindows Firewall profiles
Windows security troubleshooting

Check disabled Windows Firewall profiles with PowerShell

Collect a local security posture snapshot for Domain, Private and Public Firewall profiles together with Microsoft Defender, Secure Boot, TPM and BitLocker state.

Run the security posture diagnostic

pwsh -NoProfile -File .\Invoke-WindowsDiagnostics.ps1 `
  -Security -PrivacyMode -ExportMarkdown

The combined runner writes a local report and places security findings near the top. Privacy Mode redacts common identifying values, but the report should still be checked manually before sharing.

When this guide is useful

What the security report checks

Windows Firewall profiles

Enabled state for Domain, Private and Public profiles, reported separately so one disabled profile is not confused with all profiles being disabled.

Microsoft Defender

Available component and protection status from built-in read-only Windows sources.

Secure Boot and TPM

Availability of Secure Boot and Trusted Platform Module information where Windows exposes it to the current user.

BitLocker status

Volume protection state without reading recovery keys, key protectors or other secret material.

How to interpret a disabled Firewall profile

Check which profile is active

Windows maintains separate Domain, Private and Public profiles. A disabled profile may not be the currently active network profile, but it is still useful context for policy review.

Look for managed or third-party security

Another endpoint security product or centrally managed policy may control the expected Firewall state. The report identifies state but does not determine the organization’s intended configuration.

Do not treat every warning as an instruction

A WARN finding means the state deserves review. It does not automatically mean that enabling a feature is safe on every managed, specialized or test system.

Compare multiple signals

Firewall, Defender, Secure Boot, TPM and BitLocker measure different layers of protection. One enabled feature does not compensate for every other disabled feature, and one unavailable source does not prove that protection is absent.

Important: the toolkit does not enable Firewall profiles, edit rules, change Defender settings, configure BitLocker or modify security policy.

What the toolkit does not do

Reasonable next steps

  1. Record the active network profile and whether the machine is domain joined or centrally managed.
  2. Confirm whether another security product is expected to manage the Firewall.
  3. Compare the report with the organization’s approved baseline or Microsoft guidance for that environment.
  4. Make configuration changes only through an authorized administrative process.

Related Windows troubleshooting guides