I want to have an EPA scan that checks for Windows Firewall being enabled. However it doesn't seem to be working exactly right. Here is the expression I am using right now:
CLIENT.REG(HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\DomainProfile_EnableFirewall).VALUE == 1 && CLIENT.REG(HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile_EnableFirewall).VALUE == 1
On a laptop i was testing with it has the firewall enabled and so I thought it was working. I tested on my desktop which doesn't use Windows Firewall because we have a corporate firewall and it still passed me through to the logon point. Any ideas on this? We don't have the CAG in production and out on the internet yet as I'm still testing the Pre-Aut Scans to make sure they work right.
Disregard. I think it's working for me now.