How to block network connections and allow by exceptions in MS Intune?

Question

I am having issues getting exceptions working within firewall policy in MS Intune. I am able to block inbound and outbound connections to work. I unable to get any exceptions for to work.

Answer 1

@Brian J, Thanks for posting in Q&A. According to windows Firewall rule precedence, explicitly defined allow rules take precedence over the default block setting in inbound rules. We can create allow rules to do the exception.

Meanwhile, it's recommended to allow outbound by default for most deployments for the sake of simplification with app deployments in outbound rules. And set specific block rules as exception.

https://learn.microsoft.com/en-us/windows/security/operating-system-security/network-security/windows-firewall/rules

You can firstly configure the rules on one device to test. When it works as expected, then we can deploy it via Intune.

https://learn.microsoft.com/en-us/mem/intune-service/protect/endpoint-security-firewall-policy

To troubleshoot the firewall rule, you can also refer to the "Investigate issues for Firewall rules" part in the above link.

Hope the above information can help.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.