Intune Defender Firewall policy Issue
Our organization manages a firewall through Sophos, but the built-in Windows Defender Firewall policy recently became activated in our Intune tenant. We’re unsure how or why this policy was turned on.
Now users are getting popups that Defender Firewall is blocking appname.services.windows.personal on all networks.
Our audit logs haven’t provided clues on who enabled the policy. I’ve checked the assignment status and policy definitions.
Has anyone seen issues with Intune Defender policies becoming unexpectedly activated? What troubleshooting steps did you take to determine the root cause?
What impact would be removing the Defender Firewall assignment have on end users? And what’s the best way to prevent this from happening again?
Appreciate any advice from the Intune experts here!
Posted by Anonymous member in HTMD FB Group