is it possible to set firewall rules remotely (e.g. from Active Directory GPO)?


Does anyone know if it’s possible to add firewall rules remotely via script, Active Directory GPO… ?

When I install Comodo in a new machine I would like to have certain default rules created automatically, mainly to allow WMI and RPC from the server to perform certain tasks.

Remote management is only possible through Comodo endpoint security manager. unfortunately, remote management version of CIS cannot be accessed locally.

However, adding some default rules can be done (at least it should be possible, I haven’t tested). All firewall and d+ settings are stored in the registry.

If you study the exact format you can add those keys, or configure the rules on another machine and export the registry to import them after a new install.

You’ll have to do this right after the setup because CIS will protect those keys after it activates on reboot.
To add keys afterward, you can try to reboot in safe mode to bypass protection.