windows defender firewall

6 Topics

Intune/Defender Firewall Policies
Coming from an environment where the Windows Firewall had been disabled, and having seen the light, we finally got approval to enable the firewall, but I am hitting a learning curve with Intune behaviors; I have a device where the firewall is enabled, and I get an admin prompt for an app that wants access. I cancel the admin prompt and do a little digging on what app wants access, and to what etc. and then create the policy to allow traffic inside of Intune. I thought the policies were not applying, but after poking around, I found that they are applied and listed under Monitoring > Firewall instead of the normal Inbound or Outbound Rules sections. However, because I canceled the admin prompt to allow the traffic, it automatically created a Block policy on the Inbound Rules section. Inside of Monitoring > Firewall I can see both the Block policy from the Inbound Rules, but also the Allow policy from Intune. Question: Is there a way to use the cloud Intune/Defender policy to wipe out the Block on the Inbound Rules section? Or do I need to make a remediation script to clean these up? Or is there some other 'best practice' way to clean up the unintended blocks from the local policy?
Solved
CaedenV
Jan 21, 2025 Place Microsoft Intune
128Views
0likes
1Comment
Windows Firewall Rules for Inbound connections from specific IPs with Microsoft Direct Access in use
As the subject says, I am looking to create an inbound firewall rule that allows connections via Microsoft Direct Access but I am a complete novice when it comes to IPv6 which Direct Access operates on. Say my internal IP range of my Management Network is 10.0.1.0/24 How would I create a firewall rule allowing that IP range when IP goes through the 6to4 and Teredo IPv6 transition protocols?
BCSecA
Sep 26, 2023 Place Windows security
350Views
0likes
0Comments
New Reporting Functionality for Device Control and Windows Defender Firewall
We are excited to announce the general availability of Device control and Windows Firewall Reports.
Tewang_Chen
Feb 21, 2023 Place Microsoft Defender for Endpoint Blog
17KViews
6likes
7Comments
Windows Defender firewall not deactivate itself
Hi, I'm trying to add some rules in firewall and also to deactivate it on a single net (but also with all nets present in my windows server). It seems work when I do it but after close Windows Defender Firewall, it restore any thing as before so is IMPOSSIBLE to deactivate it. Which could be the problem?
lucablue
Feb 11, 2022 Place Windows security
578Views
1like
1Comment
Windows Defender Firewall - Deny Windows Apps rules creation
How can I disable Windows apps automatic Defender firewall rule creation? I have configured local firewall rules and connection security rules Settings in the WDFASecurity panel. I runned powershell commands to remove all outbound rules $FirewallOutRules = Get-NetFirewallRule | Where-Object {$_.Direction -EQ "Outbound"} Remove-NetFirewallRule $FirewallOutRules.Name After an App like Mixed reality portal, Windows map is updated, a rule is automaticaly created. How can I stop this behavior?
Mafecteau
Apr 06, 2021 Place Windows security
2.2KViews
0likes
2Comments
Manage Windows Defender Firewall with Microsoft Defender ATP and Intune
Manage and report on Windows Defender Firewall activities with new capabilities in Microsoft Defender ATP and Intune
Tewang_Chen
Oct 04, 2019 Place Microsoft Defender for Endpoint Blog
27KViews
3likes
0Comments