Ready to learn?

MS Intune Windows Firewall Rules

๐Ÿ”’ Secure Bits ๐Ÿ’ก
Did you know ๐—™๐—ถ๐—ฟ๐—ฒ๐˜„๐—ฎ๐—น๐—น ๐—ฅ๐˜‚๐—น๐—ฒ๐˜€ ๐—ฐ๐—ฟ๐—ฒ๐—ฎ๐˜๐—ฒ๐—ฑ ๐˜ƒ๐—ถ๐—ฎ ๐— ๐—ถ๐—ฐ๐—ฟ๐—ผ๐˜€๐—ผ๐—ณ๐˜ ๐—œ๐—ป๐˜๐˜‚๐—ป๐—ฒ ๐—ฎ๐—ฟ๐—ฒ ๐—ป๐—ผ๐˜ ๐˜ƒ๐—ถ๐˜€๐—ถ๐—ฏ๐—น๐—ฒ in Windows Firewall (WF) console?

Iโ€™ve seen ๐—บ๐—ฎ๐—ป๐˜† ๐—ฎ๐—ฑ๐—บ๐—ถ๐—ป๐—ถ๐˜€๐˜๐—ฟ๐—ฎ๐˜๐—ผ๐—ฟ๐˜€ ๐—ฐ๐—ผ๐—ป๐—ณ๐˜‚๐˜€๐—ฒ๐—ฑ by this, so hereโ€™s a little trick.

๐—ช๐—ถ๐˜๐—ต ๐—”๐—ฐ๐˜๐—ถ๐˜ƒ๐—ฒ ๐——๐—ถ๐—ฟ๐—ฒ๐—ฐ๐˜๐—ผ๐—ฟ๐˜† ๐—š๐—ฃ๐—ข๐˜€, ๐˜†๐—ผ๐˜‚ ๐˜€๐—ฒ๐—ฒ:
“๐น๐‘œ๐‘Ÿ ๐‘ฆ๐‘œ๐‘ข๐‘Ÿ ๐‘ ๐‘’๐‘๐‘ข๐‘Ÿ๐‘–๐‘ก๐‘ฆ, ๐‘ ๐‘œ๐‘š๐‘’ ๐‘ ๐‘’๐‘ก๐‘ก๐‘–๐‘›๐‘”๐‘  ๐‘Ž๐‘Ÿ๐‘’ ๐‘๐‘œ๐‘›๐‘ก๐‘Ÿ๐‘œ๐‘™๐‘™๐‘’๐‘‘ ๐‘๐‘ฆ ๐บ๐‘Ÿ๐‘œ๐‘ข๐‘ ๐‘ƒ๐‘œ๐‘™๐‘–๐‘๐‘ฆ.”

With Intune,ย ๐˜๐—ต๐—ฒ๐—ฟ๐—ฒ’๐˜€ ๐—ป๐—ผ ๐—ฐ๐—น๐—ฒ๐—ฎ๐—ฟ ๐—ถ๐—ป๐—ฑ๐—ถ๐—ฐ๐—ฎ๐˜๐—ถ๐—ผ๐—ป in WF.msc that the firewall is being managedโ€”it just works silently in the background.

๐—›๐—ผ๐˜„ ๐˜๐—ผ ๐—–๐—ต๐—ฒ๐—ฐ๐—ธ ๐—ณ๐—ผ๐—ฟ ๐—œ๐—ป๐˜๐˜‚๐—ป๐—ฒ ๐—™๐—ถ๐—ฟ๐—ฒ๐˜„๐—ฎ๐—น๐—น ๐—ฅ๐˜‚๐—น๐—ฒ๐˜€:
You wonโ€™t see them in the GUI, but you can verify them with:

๐Ÿ”น๐—–๐—ต๐—ฒ๐—ฐ๐—ธ ๐˜๐—ต๐—ฒ ๐—ฅ๐—ฒ๐—ด๐—ถ๐˜€๐˜๐—ฟ๐˜†:
KEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyMdm

๐Ÿ”น๐—จ๐˜€๐—ฒ ๐—ฃ๐—ผ๐˜„๐—ฒ๐—ฟ๐—ฆ๐—ต๐—ฒ๐—น๐—น:
Get-NetFirewallRule -PolicyStore ActiveStore | ?{$_.DisplayName -like “*NAME of your MS Intune rule*”}

Btw. you can also find the rule in the Monitoring tab.

๐Ÿ’ก Have you encountered other surprising limitations in Intune?

buy a course