locked
Windows Firewall - Block all traffic by default unless traffic matches explicitly defined rules RRS feed

  • Question

  • I need to create a firewall policy that blocks all inbound and outbound traffic by default unless it matches explicitly defined rules. Do I need to create a "deny all" rule in Windows Firewall like you need to do on Cisco firewalls, or does Windows Firewall block all traffic by default unless it matches the predefined rules? The documentation I've read on Microsoft Docs isn't 100% clear about this.
    Wednesday, June 3, 2020 4:28 PM

Answers

  • Hi ,

    Thanks for your posting here.

    By default, Windows Defender Firewall allows all outbound network traffic unless it matches a rule that prohibits the traffic. 

    By default, Windows Defender Firewall block all inbound network traffic unless it matches a rule that allow the traffic.

    As you can see in the following picture:

    For more details, you can see the article below:

    Create an Outbound Port Rule

    Create an Inbound Port Rule

    Hope this can help you understand better.

    Best Regards,

    Candy


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com   

    • Marked as answer by David C. Bird Saturday, June 6, 2020 9:48 PM
    Thursday, June 4, 2020 6:45 AM

All replies