Defender Firewall Rule Addition

This guide will show an administrator how to establish desired network traffic handling that will be enforced on Intune joined devices.

Role Requirements

Procedure Scope: Administrators

Required Group Membership: Admin.Security

Handbook Reference

Package: TBD

Domain: TBD

Modifies: TBD

Windows Firewall Rule Addition 

  1. Navigate to the Firewall – Intune portal, locate and select the Security Essentials Firewall Rules policy or an equivalent Firewall Rules policy.
  2. Scroll down to Configuration Settings, select Edit.
  3. Find the Firewall Rule Name section and select the Add button, an entry should be generated in the list below. Provide the generated entry with a Name (this should indicate the traffic handling state and the associated protocol) and the Action that will be carried out when the Firewall encounters this type of network traffic (either block or allow). Select the Edit Instance button to configure the granularity of the firewall rule.
  4. A pop-out will be generated, here you will be able to define the granularity of the firewall rule. Configure the firewall rule according to your desired requirements for network traffic handling. Once specified, select Save to finalize the rule construction, followed by selecting Next to proceed to the review section.
  5. From the Review section, you will be able to select the Settings dropdown to verify that the configured firewall rule is properly generating. Select Save to finalize the firewall rule addition. Rule changes propagate at the next device check-in, usually within 1-2 hours.

Need Assistance?

Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.