You can implement Windows Defender Firewall rules and settings in Intune as follows:
- Open Microsoft Intune admin center.
- Navigate to Endpoint security and select Firewall.
- In the details pane, select Create Policy.
- On the Create a profile page, in Platform, select Windows 10, Windows 11, and Windows Server.
- In the Profile, select Microsoft Defender Firewall, and then select Create.
- In the Create a profile wizard, on the Basics tab, enter a Name and Description and click Next.
- On the Configuration settings tab, configure the following settings, and click Next:
• Firewall, which determines the fundamental state of the firewall for domain, private, and public network location profiles.
• Auditing settings.
• Network List Manager, which defines TLS endpoint settings. - Configure scope tags and assignments as needed, and then choose Create to create the profile.
You will also need to define firewall rules, as shown in Figure 3-60. Use the following procedure:
- Open Microsoft Intune admin center.
- Navigate to Endpoint security and select Firewall.
- In the details pane, select Create Policy.
- On the Create a profile page, in Platform, select Windows 10, Windows 11, and Windows Server.
- In the Profile, select Microsoft Defender Firewall rules, and then select Create.
- In the Create a profile wizard, on the Basics tab, enter a Name and Description and click Next.
- On the Configuration settings tab, click Add to create and configure specific firewall rules. When you are done, click Next. When adding a rule, you must set numerous settings, including
• State (enabled or disabled)
• Name
• Interface Types
• Remote Port Ranges
• Action (Allow or Block)
• Protocol - Configure scope tags and assignments as needed, and then Create the profile.
FIGURE 3-60 Defining firewall rules
You can also create an endpoint protection configuration profile in Devices and configure the required firewall settings in the Microsoft Defender Firewall section.