Windows Firewall - Block all traffic by default unless traffic matches explicitly defined rules

Teemo Tang 11,411 Reputation points
2020-07-15T06:53:14.17+00:00

I need to create a firewall policy that blocks all inbound and outbound traffic by default unless it matches explicitly defined rules. Do I need to create a "deny all" rule in Windows Firewall like you need to do on Cisco firewalls, or does Windows Firewall block all traffic by default unless it matches the predefined rules? The documentation I've read on Microsoft Learn isn't 100% clear about this.
source link:
https://social.technet.microsoft.com/Forums/windows/en-US/2dc2269c-95dd-4827-b955-9fd5675d0276/windows-firewall-block-all-traffic-by-default-unless-traffic-matches-explicitly-defined-rules?forum=ws2016

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,510 questions
0 comments No comments
{count} votes

Accepted answer
  1. Jenny Feng 14,131 Reputation points
    2020-07-15T07:30:05.587+00:00

    Thanks for your posting here.

    By default, Windows Defender Firewall allows all outbound network traffic unless it matches a rule that prohibits the traffic.

    By default, Windows Defender Firewall block all inbound network traffic unless it matches a rule that allow the traffic.

    As you can see in the following picture:
    12484-image.png

    For more details, you can see the article below:

    Create an Outbound Port Rule

    Create an Inbound Port Rule

    Hope this can help you understand better.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.