![Full Logo.png]](https://help.devicie.com/hs-fs/hubfs/Full%20Logo.png?height=30&name=Full%20Logo.png){kind=small}
Firewall Settings
Overview
The Devicie Firewall Settings Baseline provides a starting point for organisations to leverage the benefits of Windows Firewall, to reduce the risk of security threats. It covers a wide range of items that encourage uniformity, improve administrators overview and improve device security with minimal impact to typical user activity.
Intune Description:
Enforcement of Windows Firewall across Domain, Public and Private networks in a uniformed manner.
Scope:
This baseline should be applied to Windows devices.
Policy Impact Areas:
When deployed, this policy will impact:
-
Enforcing Windows Firewall, with enforcement of many configurations
-
Enabling many Windows Firewall related Auditing and Device Event Log Services
Deployment Notes
-
Pre-Deployment Considerations:
-
Review existing Windows Firewall (or other related endpoint protection software) configurations
-
-
Post-Deployment Validation:
-
Verify Windows Firewall configuration, such as enforcement of Windows Firewall on Domain, Public and Private networks.
-
Configuration Settings:
|
Name |
Value |
|
Firewall |
|
|
Enable Domain Network Firewall |
True |
|
Log Max File Size |
16384 |
|
Log File Path |
%systemroot%\system32\LogFiles\Firewall\domainfw.log |
|
Default Inbound Action for Domain Profile |
Block |
|
Default Outbound Action |
Allow |
|
Disable Inbound Notifications |
True |
|
Disable Stealth Mode |
False |
|
Disable Stealth Mode Ipsec Secured Packet Exemption |
True |
|
Enable Log Dropped Packets |
Enable Logging Of Dropped Packets |
|
Enable Log Ignored Rules |
Disable Logging Of Ignored Rules |
|
Enable Log Success Connections |
Enable Logging Of Successful Connections |
|
Shielded |
False |
|
Enable Private Network Firewall |
True |
|
Log Max File Size |
16384 |
|
Log File Path |
%systemroot%\system32\LogFiles\Firewall\privatefw.log |
|
Default Inbound Action for Private Profile |
Block |
|
Default Outbound Action |
Allow |
|
Disable Inbound Notifications |
True |
|
Disable Stealth Mode |
False |
|
Disable Stealth Mode Ipsec Secured Packet Exemption |
True |
|
Enable Log Dropped Packets |
Enable Logging Of Dropped Packets |
|
Enable Log Ignored Rules |
Disable Logging Of Ignored Rules |
|
Enable Log Success Connections |
Enable Logging Of Successful Connections |
|
Shielded |
False |
|
Enable Public Network Firewall |
True |
|
Log Max File Size |
16384 |
|
Log File Path |
%systemroot%\system32\LogFiles\Firewall\publicfw.log |
|
Default Inbound Action for Public Profile |
Block |
|
Default Outbound Action |
Allow |
|
Disable Inbound Notifications |
True |
|
Disable Stealth Mode |
False |
|
Disable Stealth Mode Ipsec Secured Packet Exemption |
True |
|
Disable Unicast Responses To Multicast Broadcast |
False |
|
Enable Log Dropped Packets |
Enable Logging Of Dropped Packets |
|
Enable Log Ignored Rules |
Disable Logging Of Ignored Rules |
|
Enable Log Success Connections |
Enable Logging Of Successful Connections |
|
Shielded |
False |
|
Devicie Template Name |
Firewall Settings |
|
Default Intune Deployed Name |
DEVICIE-PROD-Firewall Settings |
|
Version |
1.0 |
|
Template Last Updated |
Nov 18, 2024 |
|
Document Last Updated: |
Apr 10, 2025 |