Forum Discussion
Enable Domain Network FW via Intune
Hello Experts,
I've been trying to implement some defender recommendations and can't figure out why "
Secure Microsoft Defender Firewall domain profile" does not have any effect on the endpoints...
I have followed the guide and configured Firewall policy in Intune / Endpoint Security. I've assigned it to few testing users/machines... Now, it looks like below:
- when I open the policy I see it was "Succeeded" on all devices... no error no conflict reported
- when I check in Endpoint security -> Firewall -> "MDM devices running Windows 10 or later with firewall off", all devices have Firewall status "Disabled"
- The configuration is very simple and looks like the below
It is assigned to a group of users
- When I check on testing machine, I see the below
I'm confused as it all seems to be "succeeded" but it has no effect on the end user device looks like.
Any idea what am I missing here?
- I've just found there is a GPO pushing FW configuration to end user devices.... From what I've read, GPO wins when GPO and Intune both push some policy...
I've removed my computer from that GPO and FW is now showing up and running also for Domain network and also intune report shows FW enabled for my computer now...
So looks ok now...
The policy values in your screenshot seem legit. Have you checked the event view logs on the devices in question to gather more details?
haven't checked events as I am not very familiar with it.... What should I be looking for there pls? Will have a look
- I would start by checking under device management, windows defender, windows security event logs.
