Manage Windows Firewall configurations on devices

Windows Defender Firewall allows you to protect your network from unauthorized use and optimize your overall security. Each Windows Firewall configuration available in KACE Cloud Library can be associated with one or more managed Microsoft Windows devices. You can apply a Windows Firewall configuration from the Library to one or more Windows devices, or alternatively use policies to associate Windows Firewall configurations with specific Windows devices.

NOTE: Windows Firewall configuration settings override any settings specified on the device locally. For example, when forcing stealth mode or ignoring authorized applications is part of the configuration, when that configuration is applied to the device, stealth mode cannot be changed on the device and any authorized apps on the device are ignored unless they are part of a Firewall Ruleset deployed to that device.

Windows Firewall configurations in KACE Cloud control the overall functioning of the Windows Defender Firewall on target devices. To manage how the firewall allows or blocks specific apps, services or IP ranges, use the Windows Firewall Rulesets. For more details, see Configure Windows Firewall Rulesets in the Library

To apply Windows Firewall configurations to managed devices:

  1. To apply a Windows Firewall configuration to one or more Windows devices using the Devices tab:
    1. Select the Devices tab in top navigation.
    2. Select one or more Windows devices in the list.
    3. In the right panel, click Security.
    4. In the Security area that appears, on the right of Windows Firewall, click Set Configuration.
    5. In the Security Configuration Library view that appears, select a Windows Firewall configuration, and click Apply to Device.

    For more information about working with devices using the Devices tab, see Managing devices.

  2. To apply a Windows Firewall configuration to one or more devices using policies:
    1. Select the Policies tab in top navigation.
    2. Complete one of the following steps:
      • To create a policy, click Add New.
      • To edit an existing policy, click an individual policy to open the policy details.
    3. In the Applies Tosection, select one or more labels associated with target devices. For more details about labels, see Using labels to group similar items.
    4. In the right pane, in the Resources tab, click Add Resources to open the drop-down list, and then click Security to open a dialog.
    5. Slide the Link toggle to link/unlink a Windows Firewall configuration.
      • To link the Windows Firewall configuration to policy, slide the Link toggle to right. The color of the toggle changes to green indicating the resource is linked.
      • To unlink a previously linked the Windows Firewall configuration, slide the Link toggle to left. The color of the toggle changes to red indicating the resource is unlinked.
    6. (Optional) In the Options column, click the icon to open Resource Options dialog. Select one of the following Compliance Type:
      • Include - Select this option to include the resource when determining the compliance status.

        NOTE: By default, all the Resources in a policy are included in compliance checks.

      • Exclude - Select this option to exclude the Resource when determining the compliance status.
    7. Click Add Resources to associate the Windows Firewall configuration to the policy. You can view the resource in the Resources pane.
    8. Click Push Resource to deploy the added the Windows Firewall configuration to the target devices or users.
      For more information about policies, see Using policies to manage device configurations.