The Windows Machine agent is capable of documenting the Windows Firewall with Advanced Security settings on Windows Server 2008 and above and Windows 7 and above.


The system can use either PowerShell remoting or the Windows Firewall API to collect the information. When scanning using PowerShell remoting, firewall rules configured using Group Policy can be documented, however using the Firewall API they cannot.


  • For the scan to be successful using the Windows Firewall API the computer running the XIA Configuration Client must be running Windows Server 2008 and above or Windows 7 and above.

  • For the scan to be successful using PowerShell Remoting, PowerShell Remoting must be enabled on the remote machine and the remote machine must be running Windows 8, Windows Server 2012 or above.






By default the Windows machine agent will attempt to document the Windows Firewall with Advanced Security configuration, however individual rules are not documented, to enable or disable these options see the options tab page.