Endpoint Security firewall prerequisites to deploy clients via Group Policy

Document created by rsullinger Employee on Oct 24, 2017Last modified by jgolomb on Dec 26, 2018
Version 7Show Document
  • View in full screen mode

Before deploying clients from the Malwarebytes Management Console, you must configure your Group Policy's (GPO) firewall.

 

Here is a list of firewall prerequisites:

  • Open ports 135, 137, and 445
  • Enable Windows Management Instrumentation (WMI)
  • Enable Remote Procedure Call (RPC)

 

The instructions below cover the steps to configure Windows Firewall.

 

Configure Windows Firewall

Step 1: Open Domain Profile settings

  1. Click the Start menu.

  2. To open GPMC, type Group Policy Management and press Enter.

    • For Windows Server 2008 R2 and older operating systems, type gpmc.msc.

  3. Under Group Policy Management, double-click Forest.

  4. Double-click Domains to view your domain.



  5. Under your domain, right-click Default Domain Policy and click Edit....



  6. Go to Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile.

 

Step 2: Add ports 135, 137, and 445

  1. Double-click Windows Firewall: Define inbound port exceptions.


  2. Select Enabled.


  3. In the same window under Options:, click Show.


  4. When the Show Contents window appears, under the Value column, enter 135, 137, and 445.


  5. Click OK.

  6. On the Windows Firewall: Define inbound port exceptions window, click Apply > OK.

 

Step 3: Enable WMI and RPC

  1. From the Group Policy Management Editor window, double-click Windows Firewall: Allow inbound remote administration exception.


  2. On the Windows Firewall: Allow inbound remote administration exception window, click Enabled > Apply > OK.




  3. Double-click Windows Firewall: Allow inbound file and printer sharing exception.


  4. On the Windows Firewall: Allow inbound file and printer sharing exception window, click Enabled > Apply > OK.



 

After completing all three steps, you can use your Malwarebytes Management Console to deploy Malwarebytes Anti-Malware and Malwarebytes Anti-Exploit to your clients.

 

Additional information

Attachments

    Outcomes