Defender Firewall with Advanced Security - Policy Ex/Inport


  1. Posts : 5
    win10 pro v 22h2(os build 19045.2965)
       #1

    Defender Firewall with Advanced Security - Policy Ex/Inport


    This question is fairly simple for someone who has a better overall understanding of this stuff than I do, but it stems from a train wreck of events.

    The bottom line is that I insist on owning my devices that I paid for. Period.

    These include a Microsoft Windows Surface 4 Pro running Windows 10 Pro version 22H2(OS Build 19045.2965). This version is NOT MY COPY - yet. However, I also own another Surface that exists in several pieces, having shared a diet coke with my briefcase. I purchased that several years ago along with the Win10 Pro license. The current machine I bought refurbished from Amazon, and, though billed as containing win10 Pro, it actually had win10 home. Which is not what is has now. How did that happen? A friend made me a restore disk with pro. That is what's running now. This machine will run win11, so as soon as I get these ducks in a row I'll eat the win10 home license and just buy 11. I have better things to do than to steal operating systems.

    So, how did I get to this .. er .. mess? A hacking dipshit ex using a former desktop with my account password (yeah, I know). He's far too stupid to ever pull what took place off, but he's connected to what I'd call the ex-offender-net. Need I say more? Then throw in being an enterprise client for my former employer (retired now) and you can sort of imagine trying to untangle all that.

    Be that as it may, I promise you that I shall win. It took me a while to play with the machine in a way that let me save logs of what was going on. That was easier on my Android phone. I have a few terabytes in a safe place, some with law enforcement.

    Once I had a good idea of what happened, I turned my attention to restoring my system to clean and hard to invade. The Android (Graphene) and this win10 pc are being re-outfitted with the things I use, only this time with security in mind at every step.

    I am not now a domain member, and don't plan to be in the near future. I seem to be the actual owner, in that I can change all the group policy settings I want and they remain that way.

    Before I pay for Kaspersky security cloud with the very useable firewall it brings, I'd like to try to make Defender work for me.

    As I've seen mentioned online, Defender likes to set up its own default rules. So do I. I want to edit most of the Defender rules (in DFAS) to my own liking. With the clean setup, I don't know this yet, but Defender had, in the past, the aggravating habit of adding new rules when I changed theirs. That is not what I want.

    Looking at the export/import of DFAS policies and rules, I see that I can only export rules. But I can both export and import policies. The policies do contain my added rules, a thing I see easily using sublime text editor.

    So.

    If I add my rules to DFAS, and then export the current policy, then at some point defender changes something I disagree with (never mind whether I'd be wrong - I'll eat that), can I import the policy I exported, maybe after clearing the new current policy, and get back to what I set up?

    Yes, it's a simple question for all that explanation. That was to show I have a reason to want to do it.

    I'll soon ask another question that is seen as blasphemy by it'ers. Once I get to a point where I need to implement another barrier. I have a reason. and it is what I explained above.

    thanks for any help !!
      My Computer


  2. Posts : 1,728
    Windows 10 Pro x64 22H2
       #2

    I only assume by "DFAS" you're referring to "Defender Firewall with Advanced Security"? is that correct?

    You're adding rules to windows firewall but WD firewall is also adding their own, that's nothing new but there is a cure if that's what you mean.

    EDIT:
    Ah, I'm sorry but you said it in your title.
    Well to fix that, use GPO firewall instead of default firewall in control panel.

    firewall in control panel is managed by system, GPO firewall is managed 100% by you and system won't interfere.

    For start see:
    https://learn.microsoft.com/en-us/wi...anced-security

    EDIT2:
    I just notice the link above applies to domain computers, for Windows 10 see this tutorial on how to open GPO:
    Open Local Group Policy Editor in Windows 10

    GPO firewall is located in the following location:
    Computer Configuration\Windows Settings\Security Settings\Windows Defender Firewall with Advanced security
    Last edited by zebal; 02 Jun 2023 at 11:57.
      My Computer


  3. Posts : 5
    win10 pro v 22h2(os build 19045.2965)
    Thread Starter
       #3

    Thnanks !!


    Yes, I'm sorry. Microsoft sure picked a long name for that functionality. The info I see here made me figure that you'd correctly interpret DFAS.

    I kind of had an idea that it goes the way that you said. So, in the same spirit that I use to kick the mean old registry when I think it needs it, played with the policy some. I found that I can forget the rules export; I just edit them from secpol and export from there.

    Then when I see changes that I don't like in my local DFAS rules, I just import the policy and voila! My will be done.

    As you can probably tell, I have some, possibly dangerous, niches of painfully earned knowledge here, but I'm far from a win10 expert.

    So, Windows 10 gets a reprieve (I'll put of chucking it in favor of debian).

    Thanks again!
      My Computer


  4. Posts : 1,728
    Windows 10 Pro x64 22H2
       #4

    @Own or Out
    I'm glad to hear it helps

    There is an option in GPO firewall which let's you merge rules from control panel into GPO without having to copy them each time, however drawback is that any change in CP will be reflected in GPO.

    Otherwise to rest in peace you can create brand new inbound rules, allow outbound by default and forget about CP firewall all together.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 08:41.
Find Us




Windows 10 Forums