Forum Discussion
Endpoint security | Firewall Configuration through Microsoft Endpoint Configuration Manager
Hello, is not possible to migrate firewall rules from a third-party AV solution.
To create and apply firewall rules on client machines you need a GPO or Intune.
Just a recommendation, Windows Firewall works differently than others. The windows firewall "learns" automatically and creates his own rules for all software to work fine.
So is not necessary to have a policy with many rules and apply to all machines.
Thiago_Mota Thank you for your response. So it already knows what kind of traffic to block? How does it learn what connections need to be allowed? Would I only create a firewall rules policy to allow traffic that it blocks?
rbenson09
So it already knows what kind of traffic to block?It is the opposite. It already know what kind of traffic will be allowed. All other traffic will be blocked.
How does it learn what connections need to be allowed?
It learns when you install a new software that use network connections. It automatically creates an allow rule so that software can work fine.
Would I only create a firewall rules policy to allow traffic that it blocks?Yes. But I suggest to enable it first. You do not need to create firewall rule to each connection or each software. As the majority of them, has been already created automatically. You can check just open advanced security in Windows Defender Firewall, and you will see the current rules applied.