This guide will provide background information on creating a new set of Windows Defender Firewall settings that will be enforced to the specified onboarded Intune device group.
Endpoint Firewall
While many security practitioners are familiar with managing a central firewall, a newer concept to some may be the management of an endpoint firewall. While endpoint firewalls represent a typographically different approach to managing network traffic, with the help of the Endpoint Management Console, management of all corporate device firewalls can work to imitate the functionality of a centrally located firewall arrangement. By publishing firewall rules, the devices will abide by those rules as a collective and allow for changes in rules to be made easily and quickly.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: TBD
Domain: TBD
Modifies: TBD
Creating a Device Defender Firewall Rule
- Navigate to Firewall – Intune, select Create Policy to configure an OS platform and a profile type of Microsoft Defender Firewall Rules. Select Create to proceed.
- You will supply basic policy information such as name and description. Click Select to proceed.
- Select Edit to configure the settings. It will be up to you to decide the rule enforcement scope such as an allowance or block on a desired type of network traffic, select Save to finalize the rule. Followed by Next to continue.
- Scope tag selection can be made, it is mainly leveraged with RBAC. Select Next to continue.
- You will be able to configure group assignment or exclusion for the policy to effect. Select Next to proceed to revisions.
- The review page will allow you to see all configured settings for the device control creation process, if you detect a discrepancy at this stage make note of the section and select Previous to go back to make alterations before finalization. If everything checks out, select Create to publish the application.
- Upon successful creation the rule will show up in the list of all firewall policies managed through Intune.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.