Dave Schafer
asked on
How to prevent and efficiently remove the automated creation of Microsoft App Firewall rules in Server 2016 and Windows 10
Curious if anyone has a script or method of removing and preventing Firewall Rules being created in Windows Server 2016 and Windows 10 for the following examples and other rules that get created but aren't visible in the firewall settings:
Connect
Cortana
Xbox
@{Microsoft.AAD.BrokerPlug
@{Microsoft.DesktopAppInst
@{Microsoft.Messaging
@{Microsoft.MicrosoftEdge
@{Microsoft.MicrosoftOffic
@{Microsoft.SkypeApp
@{Microsoft.PPIProjection
@{Microsoft.Windows.Cortan
@{Microsoft.WIndows.CloudE
@{Microsoft.Windows.Photos
@{microsoft.windowscommuni
@{Microsoft.WindowsFeedbac
@{Microsoft.WindowsStore
Work or school account
Your account
Your Phone
I think its fair to say I'm strongly opposed to Microsoft automatically opening inbound and outbound ports for a variety of applications automatically for every user that logs onto boxes with these operating systems.
Image-1.jpg
Image-2.jpg
Connect
Cortana
Xbox
@{Microsoft.AAD.BrokerPlug
@{Microsoft.DesktopAppInst
@{Microsoft.Messaging
@{Microsoft.MicrosoftEdge
@{Microsoft.MicrosoftOffic
@{Microsoft.SkypeApp
@{Microsoft.PPIProjection
@{Microsoft.Windows.Cortan
@{Microsoft.WIndows.CloudE
@{Microsoft.Windows.Photos
@{microsoft.windowscommuni
@{Microsoft.WindowsFeedbac
@{Microsoft.WindowsStore
Work or school account
Your account
Your Phone
I think its fair to say I'm strongly opposed to Microsoft automatically opening inbound and outbound ports for a variety of applications automatically for every user that logs onto boxes with these operating systems.
Image-1.jpg
Image-2.jpg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
If give the GPO a try. I figured this is the route I would ultimately have to take. However, I'm skeptical if it will work appropriately in prevent the creation of these entries for ever new user the logs onto a machine. I'll pick an appropriate workstation as a guinea pig and see how it goes. One of the problems I suspect I may run into, I have noticed when removing old users profiles, the entries created in the firewall for the users to not get removed, so I have some concern that even after applying changes via GPO, I'll still have to manage a way of removing all of the stale entries on every workstation.
The option is called "no exceptions" and that's what it does, don't worry.
Here is an alternative method to manage the Windows Firewall
https://www.experts-exchange.com/articles/31687/Windows-Firewall-as-Code.html