Disabling the firewall in Windows Server 2008 Core Edition

For Windows Server 2008's Core Edition, the default firewall configuration is one of the things most administrators want to turn off after installation. You can complete this task with one line of code, which you'll want to add to your script arsenal.

The use cases for Windows Server 2008 Core Edition include additional security for certain installation sites and networks, and certain products (e.g., the free Hyper-V role) are only available on core editions. In Windows Server 2008 systems, including the core installations, the Windows Firewall is enabled by default. For many administrators, the first step of a new Windows installation is to disable the Windows Firewall. You can do this with the following Netsh command:

[netsh advfirewall set allprofiles state off]
Now the Windows Firewall is disabled for all network profiles. You can tweak the parameters to within what is run from Netsh. To determine what commands are available for Netsh, simply go into Netsh and enter a question mark (?) in one of the interactive contexts. Figure A shows the advfirewall context. Figure A

Figure A

Visit TechNet for more information about Netsh in the advfirewall context.

Stay on top of the latest Windows Server 2003 and Windows Server 2008 tips and tricks with our free Windows Server newsletter, delivered each Wednesday. Automatically sign up today!


Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.

Editor's Picks