Apr 14 2022 09:01 AM
Hi
I'm using the new profile template for Microsoft Defender Firewall profile (in Endpoint Security). When I edit an existing policy, settings that were set to 'Not configured' are now set to a value. For example creating a policy to enable the firewall on the domain firewall profile and block inbound connections, with everything else set to 'not configured', when editing that policy all the settings for the domain firewall profile now have values instead of 'not configured'.
Is anyone else seeing this behaviour? Is this a bug @Intune_Support_Team ?
Apr 19 2022 10:00 AM - edited Apr 20 2022 10:27 AM
Hi, thanks for the context. There are some settings when set in Endpoint security at a parent level have child settings also set. Although they may be set to configured, some parent settings may require child settings to be set as default in order to function correctly. In this case, when the 'Enable Domain Network Firewall' is configured, there are default values that the settings adhere to. The settings here are leveraged as an on/off switch therefore, it will provide a default value as standard. To learn more about which settings have a default value, see: Firewall configuration service provider (CSP). We also have some best practice you can view the settings to and configure in profiles for Firewall policy in the endpoint security node of Intune as part of an Endpoint security policy. See: Firewall policy settings for endpoint security in Intune and Manage endpoint security in Microsoft Intune to learn more.
Apr 20 2022 02:08 AM
Apr 28 2022 07:58 AM