diff --git a/salt/common/tools/sbin/so-firewall b/salt/common/tools/sbin/so-firewall
index 0403f75c1..e16cc1e2c 100755
--- a/salt/common/tools/sbin/so-firewall
+++ b/salt/common/tools/sbin/so-firewall
@@ -43,7 +43,7 @@ APPLY=${APPLY,,}
 
 function rolecall() {
 	THEROLE=$1
-	THEROLES="analyst analyst_workstation heavynode idhnode receiver searchnode sensor"
+	THEROLES="analyst analyst_workstations beats_endpoint beats_endpoint_ssl elastic_agent_endpoint elasticsearch_rest endgame eval heavynodes idh manager receivers searchnodes sensors standalone strelka_frontend syslog"
 
 	for AROLE in $THEROLES; do
 		if [ "$AROLE" = "$THEROLE" ]; then
diff --git a/salt/firewall/hostgroups/minion b/salt/firewall/hostgroups/minion
deleted file mode 100644
index e69de29bb..000000000
diff --git a/setup/so-functions b/setup/so-functions
index 20340436e..9e72f227d 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -2171,16 +2171,13 @@ set_initial_firewall_policy() {
 
 		case "$install_type" in
 			'MANAGER')
-				$default_salt_dir/salt/common/tools/sbin/so-firewall includehost manager "$MAINIP"
-				$default_salt_dir/salt/common/tools/sbin/so-firewall --apply includehost minion "$MAINIP"
+				$default_salt_dir/salt/common/tools/sbin/so-firewall --role=manager --ip=$MAINIP --apply=true
 				;;
 			'EVAL' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT')
-				$default_salt_dir/salt/common/tools/sbin/so-firewall includehost manager "$MAINIP"
-				$default_salt_dir/salt/common/tools/sbin/so-firewall includehost minion "$MAINIP"
-				$default_salt_dir/salt/common/tools/sbin/so-firewall includehost sensor "$MAINIP"
-				$default_salt_dir/salt/common/tools/sbin/so-firewall --apply includehost search_node "$MAINIP"
+				$default_salt_dir/salt/common/tools/sbin/so-firewall --role=$install_type --ip=$MAINIP --apply=true
 				;;
 		esac
+	fi
 }
 
 # Set up the management interface on the ISO