Intune – You can now create your custom firewall rules for Windows Defender Firewall

Good new if you have implemented an Endpoint Protection policy in Intune (hope you did Smile): you can now create your very own Defender Firewall rules.

As you know, with the Endpoint Protection policy you were able to configure Windows Defender Firewall to have it enabled as well as few basic settings like merging (or not) local rules.

Now you can create your firewall rules (the same way you are able to do with group policy within your Active Directory environment).

To start implementing such rules, connect to your Azure portal ( or Device Management portal ( and reach out the Intune\Device Configuration configuration blade to create (or update) your Endpoint Protection policy

image_thumb[2]  image_thumb[1]

If you create a new Endpoint Protection policy you have to choose Windows 10 or later as platform and Endpoint protection as profile type


Then the Defender Firewall configuration is available in the Microsoft Defender Firewall blade and when you scroll down you have the Add button to create your firewall rule (both inbound or outbound)

You can add up to 150 firewall rules.


Same as for the firewall group policy you can define:

  • direction – inbound or outbound
  • action – allow or block
  • network type – domain, private or public
  • application – package family name (you can use the Get-AppPackage PowerShell command to identify), file path or Windows service
  • scope – local and/or remote address
  • protocol – TCP, UDP, custom or any; after choosing the protocol you can then define the communication port associated
  • interface type – either remote access, Wireless or LAN
Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies