Tamper Protection Not turing on on newly deployed devices
I have no issue with device deployed before. Now new devices with Windows 11 22H2 Build 22621.525 are having this issue. Tamper Protection is enabled in Defender 365 Portal for all Endpoints. Intune configuration policy: Windows Security Experience. TamperProtection (Device) On Fails with error type 2 Error code 65000. Checking Event logs. MDM ConfigurationManager: Command failure status. Configuration Source ID: (C127515F-5427-49C7-B6AE-4275FB1AE464), Enrollment Name: (MDMDeviceWithAAD), Provider Name: (Defender), Command Type: (Add: from Replace or Add), CSP URI: (./Vendor/MSFT/Defender/Configuration/TamperProtection), Result: (The system cannot find the file specified.). I only have this issue on newly deployed devices
Firewall Off despite policy being enabled
In Firewall and network protection, It says Firewall is off for all Network types. However it should be on. Is this normal/expected? However, In Sec. providers, Firewall is enabled. ========== In PS, Firewall appears to be enabled too. C:\Windows\System32>netsh advfirewall Show allprofiles Domain Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Private Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Public Profile Settings: ---------------------------------------------------------------------- State ON Firewall Policy BlockInbound,AllowOutbound LocalFirewallRules N/A (GPO-store only) LocalConSecRules N/A (GPO-store only) InboundUserNotification Enable RemoteManagement Disable UnicastResponseToMulticast Enable Logging: LogAllowedConnections Disable LogDroppedConnections Disable FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log MaxFileSize 4096 Ok. =========== In the Intune Firewall Policy the three options are enabled:
