Configure Firewall rules to allow reusable settings with Windows Defender

We can configure Windows Defender firewall to allow reusable group settings to devices and these capabilities will provide more controls to configure firewall and reuse the settings across policies. Remote IP Address ranges & Fully Qualified Domain name definitions and auto-resolution properties in the groups can be used across policies and it’s supported for Windows 10, Version 20H2+, and Windows 11.

Prerequisite for FQDN feature

  • Microsoft Defender Antivirus must be running 4.18.2209.7 or later version.
  • Network Protection should be in block or audit mode.
  • DNS over HTTPS (DoH) should be disabled on Edge, Chrome & Firefox browsers.
  • The device’s default DNS resolution settings apply.

You can now see the configure reusable settings under endpoint security firewall pane and it will display existing groups and firewall policies using the groups. Create a new reusable setting and provide name & description and properties. You can include remote IP ranges or import the file. Also, fully qualified domain names (FQDNs) can be used in the rule definition and the keyword field should be fully qualified domain name if you set Auto-Resolve flag to true and IP address will be automatically resolved.

Devices which you are going to apply policies should have Microsoft Defender Antivirus as primary and network protection enabled or else, you will not be able to enforce FQDN keywords and up to 100 properties can be added in the group. Once reusable setting group created, it will show in the reusable settings groups list and admin can edit the group properties at any time.

You can see existing reusable settings group by clicking “Set reusable settings” while creating Firewall rule policy and you can add one or more groups. It applies to Windows 10, version 20H2+ or Windows 11.

You can create firewall rules and their properties and reference groups, and it can be mixed with other rules that reference reusable groups, have manual definition within policy, or both. This will help to manage easily when configuring many firewall rules.

Reusable groups can be added or removed by editing firewall rules. If you add, remove or alter reusable groups, firewall policies inheriting its group properties will also inherit the changes.

Share:

Facebook
Twitter
LinkedIn

Contact Us

=
On Key

More Posts

WME Cybersecurity Briefings No. 014
Cyber Security

WME Security Briefing 14 June 2024

LightSpy Spyware’s macOS Variant Detected with Advanced Surveillance Capabilities Overview Findings reveal a previously undocumented macOS variant of the LightSpy spyware. It was initially thought to target only iOS users. This spyware utilizes a plugin-based system

Read More »
WME Cybersecurity Briefings No. 013
Cyber Security

WME Security Briefing 10 June 2024

CISA Urges Patching of Actively Exploited Linux Kernel Vulnerability Overview CISA just issued an urgent advisory concerning a newly discovered security flaw in the Linux kernel. The flaw is being actively exploited to affect the netfilter component of

Read More »
3 Things to Consider Before You Enable Copilot for Microsoft 365
Microsoft Copilot

3 Things to Consider Before You Enable Copilot for Microsoft 365

In today’s digital landscape, any productivity tool that streamlines workflow and boosts performance is a pleasant addition. With its AI-powered productivity-enhancing capabilities, Microsoft Copilot has emerged as a game-changer for employees, particularly for organizations using Microsoft

Read More »
WME Cybersecurity Briefings No. 012
Cyber Security

WME Security Briefing 03 June 2024

Moroccan Cybercrime Group Exploits Gift Card Systems for Major Financial Gains Overview: Storm-0539, also called Atlas Lion, is a Moroccan cybercrime group that executes advanced email and SMS phishing attacks. They are committing fraud by utilizing

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=