Device Defender Firewall Rule Creation Procedure

This admin procedure will provide background information on creating a new set of Windows Defender Firewall settings that will be enforced to the specified onboarded Intune device group.

This article is intended for employees of organizations that use Sittadel's security. Additionally, there are some actions that can only be accomplished by those with administrative privileges.

Endpoint Firewall

While many security practitioners are familiar with managing a central firewall, a newer concept to some may be the management of an endpoint firewall. While endpoint firewalls represent a typographically different approach to managing network traffic, with the help of the Endpoint Management Console, management of all corporate device firewalls can work to imitate the functionality of a centrally located firewall arrangement. By publishing firewall rules, the devices will abide by those rules as a collective and allow for changes in rules to be made easily and quickly.


Procedure Scope: Administrators

Required Group Membership: Admin.DeviceSecurity


Creating a Device Defender Firewall Rule

  1. Navigate to Firewall – Intune, select Create Policy to configure an OS platform and a profile type of Microsoft Defender Firewall Rules. Select Create to proceed.
  2. You will supply basic policy information such as name and description. Click Select to proceed.
  3. Select Edit to configure the settings. It will be up to you to decide the rule enforcement scope such as an allowance or block on a desired type of network traffic, select Save to finalize the rule. Followed by Next to continue.
  4. Scope tag selection can be made, it is mainly leveraged with RBAC. Select Next to continue.
  5. You will be able to configure group assignment or exclusion for the policy to effect. Select Next to proceed to revisions.
  6. The review page will allow you to see all configured settings for the device control creation process, if you detect a discrepancy at this stage make note of the section and select Previous to go back to make alterations before finalization. If everything checks out, select Create to publish the application.
  7. Upon successful creation the rule will show up in the list of all firewall policies managed through Intune.

You're Finished!

You should have successfully created a new set of Windows Defender Firewall settings that will be pushed to the specified onboarded device group; additionally, these settings will specify which types of network communication are allowed for the specified domain profiles. For any other problems or questions, reach out to us!