Check Firewall Policy Reports from Intune

Let’s check Firewall policy reports for endpoint security in Intune. Firewall Policy Reports in Intune provide administrators with a detailed view of the traffic that is being allowed or blocked by the organization’s firewall policies.

These reports can be used to monitor and analyze network traffic, identify potential security risks, and troubleshoot issues related to firewall configuration. While you can configure the same firewall settings by using Endpoint Protection profiles for device configuration, the device configuration profiles include additional settings categories.

Windows MDM Firewall status allows you to check the status of Windows 10 or Windows 11 MDM devices that have a firewall enabled or disabled. This report provides a high-level view of the firewall status for Windows 10 or 11 managed devices with Intune.

By reviewing Firewall Policy Reports in Intune, you can ensure that their firewall policies are effective in protecting the network and data. They can also use the reports to adjust their policies to better align with their security goals and compliance requirements.

Patch My PC

As an organizational report, this report is available from the Reports node. You can also navigate to Reports > Firewall > MDM Firewall status for Windows 10 and later.

How to Check Firewall Policy Reports in Intune

The reports for Firewall policy display status details about the firewall status for your managed devices. Firewall reports support managed devices that run the following operating systems.

The summary is the default view when you open the Firewall node, Endpoint security > Firewall > Summary. You could see the devices with firewall tuned off with the count as shown below.

Check Firewall Policy Deployment Reports from Intune Fig.1
Check Firewall Policy Reports from Intune Fig.1

You may find the endpoint security policies for firewalls under Manage in the Endpoint security node. This report is located in the Endpoint security node, and then go to Endpoint security > Firewall > MDM devices running Windows 10 or later with firewall off.


This view provides, An aggregate count of devices that have the firewall turned off. A list of your Firewall policies, including the name, type, if it’s assigned, and when it was last modified.

Check Firewall Policy Deployment Reports from Intune Fig.2
Check Firewall Policy Deployment Reports from Intune Fig.2

Using the Windows DeviceStatus CSP, data is reported to identify devices where the Firewall is disabled. The default visible details include the following:

  • Device name
  • Firewall status
  • User principal name
  • Target (The method of device management)
  • Last check in time

Here you can also find many options for controlling and managing the policies. You can see “Restart” and “Sync”

Check Firewall Policy Deployment Reports from Intune Fig.3
Check Firewall Policy Deployment Reports from Intune Fig.3


About Author – JiteshMicrosoft MVP, has over six years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10/11 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.