cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Windows Firewall configuration via MEM

silvermarkgVMO2
Copper Contributor

‎Apr 14 2022 09:01 AM

‎Apr 14 2022 09:01 AM

Windows Firewall configuration via MEM

Hi

 

I'm using the new profile template for Microsoft Defender Firewall profile (in Endpoint Security). When I edit an existing policy, settings that were set to 'Not configured' are now set to a value. For example creating a policy to enable the firewall on the domain firewall profile and block inbound connections, with everything else set to 'not configured', when editing that policy all the settings for the domain firewall profile now have values instead of 'not configured'.

 

Is anyone else seeing this behaviour? Is this a bug @Intune_Support_Team ?

Labels:
1,607 Views
0 Likes
3 Replies
Reply
3 Replies
Intune_Support_Team

‎Apr 19 2022 10:00 AM - edited ‎Apr 20 2022 10:27 AM

‎Apr 19 2022 10:00 AM - edited ‎Apr 20 2022 10:27 AM

Re: Windows Firewall configuration via MEM

Hi, thanks for the context. There are some settings when set in Endpoint security at a parent level have child settings also set. Although they may be set to configured, some parent settings may require child settings to be set as default in order to function correctly. In this case, when the 'Enable Domain Network Firewall' is configured, there are default values that the settings adhere to. The settings here are leveraged as an on/off switch therefore, it will provide a default value as standard. To learn more about which settings have a default value, see: Firewall configuration service provider (CSP). We also have some best practice you can view the settings to and configure in profiles for Firewall policy in the endpoint security node of Intune as part of an Endpoint security policy. See: Firewall policy settings for endpoint security in Intune and Manage endpoint security in Microsoft Intune to learn more.

0 Likes
Reply
silvermarkgVMO2

‎Apr 20 2022 02:08 AM

‎Apr 20 2022 02:08 AM

Re: Windows Firewall configuration via MEM

If it is the case that child settings need to be set to function correctly, then I would expect them to be set when I enabled the "Enable Domain Network Firewall" settings as opposed to staying as 'Not configured'.
When I initially create the policy with two settings, only those two settings are set on the device. When I edit the policy (making no changes), all the newly set settings are now set on the device giving me potentially an unwanted configuration. I either have to be extra careful when editing to set things to 'not configured' or be forced to set all the values when I first create the policy.
As feedback, I don't believe the current design is what admins would expect, for a policy to automatically set settings on edit.
0 Likes
Reply
Intune_Support_Team

‎Apr 28 2022 07:58 AM

‎Apr 28 2022 07:58 AM

Re: Windows Firewall configuration via MEM

Hi, we understand your scenario and we appreciate your feedback. For further investigation into these applied settings, let's get you over to support who can talk through what is happening, your expectation and how we can move forward: aka.ms/IntuneSupport.
1 Like
Reply