Share via

GPO not applying Windows Defender inbound rules

Ian Brown 1 Reputation point
2022-08-25T19:10:27.587+00:00

I've created a GPO with the following settings:

234995-image.png

In addition to this, I've also enabled two inbound rules in Windows Defender as part of the same policy:

234939-image.png

For some reason, the inbound rules do not appear in the settings summary for the GPO. The GPO is linked to an OU and is Enforced. There are no other GPOs below it with conflicting settings. On workstations in the OU, we can see that the GPO does apply the Remote Registry service startup setting but does not apply the inbound rules.

Is there anything we're missing that would cause the inbound rules to not apply? Windows Defender Firewall is enabled on the workstations and is not controlled by another AV.

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,099 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,244 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JimmySalian-2011 42,071 Reputation points
    2022-08-25T21:19:54.3+00:00

    Hi,

    Can you follow the steps that is required for Inbound rules - defender GPO - checklist-creating-inbound-firewall-rules

    I will also suggest you to check the event logs and share the event ID's for any GPO failures, try the GPO debugging and check the GPOs that are applied on the device. If any GPO is overriding or local policies are applied.?

    ==
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
    ----

    0 comments