Is there MDM setting for MacOS and Windows to make sure the default system firewall is turned ON? I simply cannot find it
thank you
I know for Mac OS youc an force filevault and firewall via a configuration profile. I am not sure about Windows.
I highly recommend buying Apple's Server app for $20. You're able to create custom profiles and the Profile Manager section has additional templates that Meraki does not offer.
That being said, I have a custom payload that enforces the firewall you can use 🙂
https://bazaarvoice.box.com/s/nfrkdo2gz3tplcgxqgtxoqvxweqdreaj
Here is the policy in case anybody is interested
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>PayloadContent</key> <array> <dict> <key>Applications</key> <array> <dict> <key>Allowed</key> <false/> <key>BundleID</key> <string></string> </dict> </array> <key>BlockAllIncoming</key> <false/> <key>EnableFirewall</key> <true/> <key>EnableStealthMode</key> <false/> <key>PayloadDescription</key> <string>Firewall Payload</string> <key>PayloadDisplayName</key> <string>Firewall Payload</string> <key>PayloadIdentifier</key> <string>com.apple.security.firewall</string> <key>PayloadOrganization</key> <string></string> <key>PayloadType</key> <string>com.apple.security.firewall</string> <key>PayloadUUID</key> <string>2c446a50-e683-0135-c0eb-0c85903e08f9</string> <key>PayloadVersion</key> <integer>1</integer> </dict> </array> <key>PayloadDescription</key> <string>Required firewall enforcement</string> <key>PayloadDisplayName</key> <string>Firewall enforced on client</string> <key>PayloadIdentifier</key> <string>com.apple.security.firewall.pci</string> <key>PayloadOrganization</key> <string>Your company Inc.</string> <key>PayloadType</key> <string>Configuration</string> <key>PayloadUUID</key> <string>c9fe66c3-5292-4298-aa54-006fcd59bfdf</string> </dict> </plist>