Before you can deploy clients from the Malwarebytes Nebula platform, you must configure your Group Policy’s (GPO) firewall.
Here is a list of firewall prerequisites:
- Open ports 135, 137, and 445
- Enable Windows Management Instrumentation (WMI)
- Enable Remote Procedure Call (RPC)
Follow the steps in this article to configure Windows Firewall.
Alternatively, use the Command Prompt to configure the above prerequisites. Execute the following commands on each endpoint experiencing installation errors.
Command for Windows XP, Vista, and 7
netsh firewall set service RemoteAdmin enable
Commands for Windows 8, 8.1, and 10
netsh advfirewall firewall set rule group=”remote administration” new enable=yes
netsh advfirewall firewall set rule group=”Windows Remote Management” new enable=yes
netsh advfirewall firewall set rule group=”windows management instrumentation (wmi)” new enable=yes
Configure Windows Firewall
Step 1: Open Domain Profile settings
- Click the Start menu.
- To open GPMC, type Group Policy Management and press Enter.
- For Windows Server 2008 R2 and older operating systems, type gpmc.msc.
- Under Group Policy Management, double-click Forest.
- Double-click Domains to view your domain.
- Under your domain, right-click Default Domain Policy and click Edit….
- Go to Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile.
Step 2: Add ports 135, 137, and 445
- Double-click Windows Firewall: Define inbound port exceptions.
- Select Enabled.
- In the same window under Options:, click Show.
- When the Show Contents window appears, under the Value column, enter 135, 137, and 445.
- Click OK.
- On the Windows Firewall: Define inbound port exceptions window, click Apply > OK.
Step 3: Enable WMI and RPC
- From the Group Policy Management Editor window, double-click Windows Firewall: Allow inbound remote administration exception.
- On the Windows Firewall: Allow inbound remote administration exception window, click Enabled > Apply > OK.
- Double-click Windows Firewall: Allow inbound file and printer sharing exception.
- On the Windows Firewall: Allow inbound file and printer sharing exception window, click Enabled > Apply > OK.
After completing all three steps, you can use the Malwarebytes Nebula platform to deploy Malwarebytes to your Endpoints.
Source : Official Malwarebytes Brand
Editor by : BEST Antivirus KBS Team