Spiceworks: AntiVirus And Firewall Settings In A Domain

AntiVirus And Firewall Settings In A Domain

AntiVirus and Personal Firewalls can block most or all of the communication to and from a computer. As a result, Spiceworks may not be able to communicate with your devices. We will address the two AntiVirus and Personal Firewall scenarios that could cause problems.

• The first scenario: the AntiVirus software on the Spiceworks computer is preventing Spiceworks from running correctly, or the firewall is locked down and preventing communication with the remote computers, or both.

• The second scenario: the remote computers you are trying to scan or discover from Spiceworks have the firewall locked down, resulting in either missing computers, or Spiceworks inventory lacking sufficient data.

Spiceworks Computer

AntiVirus Settings

The following exceptions need to be setup in the AntiVirus program so that Spiceworks can run unrestricted.

• Add the C:\Program Files\Spiceworks directory and all subdirectories to the AntiVirus' exclusions list for real time scanning, this should prevent the AntiVirus software from slowing down or stopping Spiceworks from running. The following executable files may also need to be excluded.

Firewall Settings

The following Spiceworks executable files need to be added to the list of programs that are allowed through the firewall.

• C:\Program Files\Spiceworks\httpd\bin\spiceworks-httpd.exe
• C:\Program Files\Spiceworks\bin\spiceworks.exe
• C:\Program Files\Spiceworks\bin\spicetray.exe
• C:\Program Files\Spiceworks\bin\spiceworks-finder.exe
• C:\Program Files\Spiceworks\pkg\gems\spiceworks_common-x.x.xxxxx\nbtscan\nbtscan.exe

Note: - The x.x.xxxxx above is the Spiceworks version number which can be found at the bottom of any Spiceworks page.

The following ports and protocols will need to be opened so that Spiceworks can communicate with your remote computers.

• ICMPv4 Inbound and Outbound - This is needed so that Spiceworks can discover the devices on your network; it is more commonly known as the PING command. There are a number of types of ping commands that can be permitted or blocked by various firewalls. Generally, you will want to permit (commands 0, 3 8 and 11). Some firewalls don't distinguish between these, so you will need to check the settings on your specific firewall. Many firewalls will already be configured for (0,3,8), so you will need to make sure the (command 11 (echo)) is allowed through the firewall.
• TCP Ports 135 and 445 Inbound - This is needed for Windows Management Instrumentation (WMI) which Spiceworks uses to get detailed information about Windows computers.
• UDP Port 137 Inbound - This is needed so that Spiceworks can gather information in the Windows Registry.
• TCP 1024 - 2000 Inbound - Dynamic Ports for Windows Management Instrumentation (WMI).
• UDP Port 69 Inbound - This allows Spiceworks to communicate with your networking hardware to backup/restore configurations via TFTP.

Remote Computers

Firewall Settings

The following ports and protocols will need to be opened before Spiceworks can collect information from your remote computers.

• ICMPv4 Inbound and Outbound - This is needed so that Spiceworks can discover the devices on your network; it is more commenly known as the PING command. There are a number of types of ping commands that can be permitted or blocked by various firewalls. Generally, you will want to permit (commands 0, 3 8 and 11). Some firewalls don't distinguish between these, so you will need to check the settings on your specific firewall. Many firewalls will already be configured for (0,3,8), so you will need to make sure the (command 11 (echo)) is allowed through the firewall.
• TCP Ports 135 and 445 Inbound - This is needed for Windows Management Instrumentation (WMI) which Spiceworks uses to get detailed information about Windows computers.
• UDP Port 137 Inbound - This is needed so that Spiceworks can gather information in the Windows Registry.
• TCP 1024 - 2000 Inbound - Dynamic Ports for Windows Management Instrumentation (WMI).

Additional Port/Protocol Information

Spiceworks uses the following protocols to gather information from the devices on your network.

• SIP - Used to detect IP Phones
• HTTP - Used to detect Web Servers
• Jet Direct - Used to detect Printers
• SSH - Used to detect Unix/Linux Computers and some Network Devices
• HTTP VNC - Used to detect VNC Installation
• SNMP - Used to detect Networking Devices (Printers, Switches, etc.)
• TFTP - Used to backup/restore networking device configurations

---

Click here to learn how to configure the built-in Windows firewall using Group Policy.

---

Rev 27 (diff) — Last edited at July 30, 2010 12:05 pm by Ben.B (Spiceworks)