May 18 2023 02:20 AM - edited May 18 2023 02:21 AM
Hi Team
I have a device that is fully managed by Intune. I have created some firewall rules policies to allow certain applications and block others. Before enrolling the device into Defender for Endpoint, there were some firewall rules created locally on the Windows device. My question is: will these manually created firewall rules still work as intended, or will only the policies published through Intune take over?
May 18 2023 08:36 AM
Solution
Local firewall rules should be preserved and behave similar to Group Policy. The Intune policy won't wipe out the existing firewall store, but will create supplimental rules on top of the current configuration - whatever you've defined in the cloud Device Configuration Policy. You can still run PowerShell scripts or NETSH commands or use the MMC to make and manage machine-specific firewall rules.
For example, the local default File and Print Sharing rules will be there, but if you make a GPO or Intune policy, a new set of similar rules will appear (and likely be gray, indicating they're set by a policy), but you can continue to manipulate the local rules.
Please like or mark this thread as answered if it's helpful, thanks!
Sep 26 2023 01:11 PM
May 18 2023 08:36 AM
Solution
Local firewall rules should be preserved and behave similar to Group Policy. The Intune policy won't wipe out the existing firewall store, but will create supplimental rules on top of the current configuration - whatever you've defined in the cloud Device Configuration Policy. You can still run PowerShell scripts or NETSH commands or use the MMC to make and manage machine-specific firewall rules.
For example, the local default File and Print Sharing rules will be there, but if you make a GPO or Intune policy, a new set of similar rules will appear (and likely be gray, indicating they're set by a policy), but you can continue to manipulate the local rules.
Please like or mark this thread as answered if it's helpful, thanks!