Intune – You can now create your custom firewall rules for Windows Defender Firewall

Good new if you have implemented an Endpoint Protection policy in Intune (hope you did Smile): you can now create your very own Defender Firewall rules.

As you know, with the Endpoint Protection policy you were able to configure Windows Defender Firewall to have it enabled as well as few basic settings like merging (or not) local rules.

Now you can create your firewall rules (the same way you are able to do with group policy within your Active Directory environment).

To start implementing such rules, connect to your Azure portal ( or Device Management portal ( and reach out the Intune\Device Configuration configuration blade to create (or update) your Endpoint Protection policy

image  image

If you create a new Endpoint Protection policy you have to choose Windows 10 or later as platform and Endpoint protection as profile type


Then the Defender Firewall configuration is available in the Microsoft Defender Firewall blade and when you scroll down you have the Add button to create your firewall rule (both inbound or outbound)

You can add up to 150 firewall rules.


Same as for the firewall group policy you can define:

  • direction – inbound or outbound
  • action – allow or block
  • network type – domain, private or public
  • application – package family name (you can use the Get-AppPackage PowerShell command to identify), file path or Windows service
  • scope – local and/or remote address
  • protocol – TCP, UDP, custom or any; after choosing the protocol you can then define the communication port associated
  • interface type – either remote access, Wireless or LAN

2 thoughts on “Intune – You can now create your custom firewall rules for Windows Defender Firewall”

    1. Hi Florian
      what do you mean predefined rules?
      there is no predefined rules available from Intune, you need to configure the inbound protocol and port when creating the rule

Leave a Comment

Your email address will not be published. Required fields are marked *