Forum Discussion
Firewall Rules programming with Defender XDR
We have our devices onboarded to Defender for Endpoint, and want to program Firewall Policy and Firewall Rules Policy using Defender Onboarding.
We know that we can onboard devices to Intune and use Intune MDM to program rules. But, we don't want a full blown MDM setup or license for just firewall programming.
Is there a deployment scenario where we can do firewall programming just using defender machines.
Any help is really appreciated.
Yes, Microsoft Defender for Business includes this exact capability.
The longer, more detailed answer is that Defender for Business was specifically designed for small and medium-sized businesses (SMBs) to provide an enterprise-grade security solution that is easy to manage. A key part of that "easy to manage" philosophy is including the security policy management features directly within the product, without requiring a separate Intune license.
Here’s how it maps to your needs:
Firewall Policy Programming: Yes, you can create and apply firewall policies and specific firewall rules directly to your devices.
No Full MDM: Devices are managed via Defender for Business. They do not need to be fully enrolled into Intune.
No Separate License: This security management capability is built into the Defender for Business license. You do not need to purchase Intune licenses for your users or devices.
1 Reply
Yes, Microsoft Defender for Business includes this exact capability.
The longer, more detailed answer is that Defender for Business was specifically designed for small and medium-sized businesses (SMBs) to provide an enterprise-grade security solution that is easy to manage. A key part of that "easy to manage" philosophy is including the security policy management features directly within the product, without requiring a separate Intune license.
Here’s how it maps to your needs:
Firewall Policy Programming: Yes, you can create and apply firewall policies and specific firewall rules directly to your devices.
No Full MDM: Devices are managed via Defender for Business. They do not need to be fully enrolled into Intune.
No Separate License: This security management capability is built into the Defender for Business license. You do not need to purchase Intune licenses for your users or devices.