Endpoint Protection firewall prerequisites to deploy clients via Group Policy

Document created by jgolomb Employee on Dec 21, 2018Last modified by jgolomb Employee on Nov 8, 2019
Version 3Show Document
  • View in full screen mode

Before you can deploy clients from the Malwarebytes cloud platform, you must configure your Group Policy's (GPO) firewall.


Here is a list of firewall prerequisites:

  • Open ports 135, 137, and 445
  • Enable Windows Management Instrumentation (WMI)
  • Enable Remote Procedure Call (RPC)


The instructions below cover the steps to configure Windows Firewall.


  1. Configure Windows Firewall

    Step 1: Open Domain Profile settings

    1. Click the Start menu.

    2. To open GPMC, type Group Policy Management and press Enter.

      • For Windows Server 2008 R2 and older operating systems, type gpmc.msc.

    3. Under Group Policy Management, double-click Forest.

    4. Double-click Domains to view your domain.

    5. Under your domain, right-click Default Domain Policy and click Edit....

    6. Go to Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile.


    Step 2: Add ports 135, 137, and 445

    1. Double-click Windows Firewall: Define inbound port exceptions.

    2. Select Enabled.

    3. In the same window under Options:, click Show.

    4. When the Show Contents window appears, under the Value column, enter 135, 137, and 445.

    5. Click OK.

    6. On the Windows Firewall: Define inbound port exceptions window, click Apply > OK.


    Step 3: Enable WMI and RPC

    1. From the Group Policy Management Editor window, double-click Windows Firewall: Allow inbound remote administration exception.

    2. On the Windows Firewall: Allow inbound remote administration exception window, click Enabled > Apply > OK.

    3. Double-click Windows Firewall: Allow inbound file and printer sharing exception.

    4. On the Windows Firewall: Allow inbound file and printer sharing exception window, click Enabled > Apply > OK.


After completing all three steps, you can use the Malwarebytes cloud platform to deploy Malwarebytes Anti-Malware and Malwarebytes Anti-Exploit to your clients.


Additional information