We can configure Windows Defender firewall to allow reusable group settings to devices and these capabilities will provide more controls to configure firewall and reuse the settings across policies. Remote IP Address ranges & Fully Qualified Domain name definitions and auto-resolution properties in the groups can be used across policies and it’s supported for Windows 10, Version 20H2+, and Windows 11.
Prerequisite for FQDN feature
- Microsoft Defender Antivirus must be running 4.18.2209.7 or later version.
- Network Protection should be in block or audit mode.
- DNS over HTTPS (DoH) should be disabled on Edge, Chrome & Firefox browsers.
- The device’s default DNS resolution settings apply.
You can now see the configure reusable settings under endpoint security firewall pane and it will display existing groups and firewall policies using the groups. Create a new reusable setting and provide name & description and properties. You can include remote IP ranges or import the file. Also, fully qualified domain names (FQDNs) can be used in the rule definition and the keyword field should be fully qualified domain name if you set Auto-Resolve flag to true and IP address will be automatically resolved.
Devices which you are going to apply policies should have Microsoft Defender Antivirus as primary and network protection enabled or else, you will not be able to enforce FQDN keywords and up to 100 properties can be added in the group. Once reusable setting group created, it will show in the reusable settings groups list and admin can edit the group properties at any time.
You can see existing reusable settings group by clicking “Set reusable settings” while creating Firewall rule policy and you can add one or more groups. It applies to Windows 10, version 20H2+ or Windows 11.
You can create firewall rules and their properties and reference groups, and it can be mixed with other rules that reference reusable groups, have manual definition within policy, or both. This will help to manage easily when configuring many firewall rules.
Reusable groups can be added or removed by editing firewall rules. If you add, remove or alter reusable groups, firewall policies inheriting its group properties will also inherit the changes.
