SOLVED

Best way to add endpoint firewall rule through Intune

Copper Contributor

Hello,

 

I have a 3rd party app deployed to all my endpoints that requires specific ports and servers allowed through the local devices outbound firewall. After looking through some Microsoft support articles for Intune, I did find something however it will only let me use IP Address ranges. I need to use DNS Hostnames instead.

 

Is there a way in Intune for me to do this through Endpoint Security -> Firewall that I'm missing or do I have to script something and deploy it through Intune instead?

Appreciate the assistance!

4 Replies
best response confirmed by johnsmith1395 (Copper Contributor)
Solution

@johnsmith1395 

 

You can use the following: https://techcommunity.microsoft.com/t5/intune-customer-success/announcing-enhanced-control-for-confi... 

 

You can create “reusable settings” that can be based on FQDN's and use this in the normal Firewall configurations. Keep in mind you need to use Defender Antivirus and Network Protection needs to be in block or audit mode.

 

------

Please click Mark as Best Response & Like if my post helped you to solve your issue.

This will help others to find the correct solution easily. It also closes the item.

If the post was useful in other ways, please consider giving it Like.

@SebastiaanSmits 

Thanks for the assistance. I'm currently testing this now and will let you know how it turns out. 

@SebastiaanSmits 

 

The policy I created in Intune shows as "Applied/Installed" however when I do a local "netstat -na" check on those devices, I don't see the specific port listed as "listening" or see it from the netstat output. 

 

This is what I configured if you can take a look. For example, I'm trying to allow all outbound traffic through port 1800

Intune Firewall Policy Overview.pngIntune Firewall port rule.png


Appreciate the assistance, thank you!

@SebastiaanSmits 

 

This might be causing the issue since the policy I created might not actually be deploying but I'm unsure if I've utilizing Defender for my endpoints or not...This is my Defender overview page in Intune. I'm unfamiliar and honestly have never worked with it before. 

Defender overview page.png


1 best response

Accepted Solutions
best response confirmed by johnsmith1395 (Copper Contributor)
Solution

@johnsmith1395 

 

You can use the following: https://techcommunity.microsoft.com/t5/intune-customer-success/announcing-enhanced-control-for-confi... 

 

You can create “reusable settings” that can be based on FQDN's and use this in the normal Firewall configurations. Keep in mind you need to use Defender Antivirus and Network Protection needs to be in block or audit mode.

 

------

Please click Mark as Best Response & Like if my post helped you to solve your issue.

This will help others to find the correct solution easily. It also closes the item.

If the post was useful in other ways, please consider giving it Like.

View solution in original post