Meraki

Community

MacOS and Windows enfornce system firewall

Jiri
Here to help
‎Jan 23 2018 2:52 PM
‎Jan 23 2018 2:52 PM

MacOS and Windows enfornce system firewall

Is there MDM setting for MacOS and Windows to make sure the default system firewall is turned ON? I simply cannot find it

 

thank you

 

 

0 Kudos
4 Replies 4
jared_f
Kind of a big deal
‎Jan 23 2018 3:36 PM
‎Jan 23 2018 3:36 PM

I know for Mac OS youc an force filevault and firewall via a configuration profile. I am not sure about Windows.

Find this helpful? Click the kudos button. Thanks!
0 Kudos
In response to jared_f
fiddles-itman
Comes here often
‎May 10 2018 9:00 AM
‎May 10 2018 9:00 AM

Where is the setting located for Mac OS? I can't find it in any of the available options.

Also can't find it for Windows, but our Windows systems can at least have it enforced via GPO.
0 Kudos
In response to fiddles-itman
sshort
Building a reputation
‎May 10 2018 9:09 AM
‎May 10 2018 9:09 AM

I highly recommend buying Apple's Server app for $20. You're able to create custom profiles and the Profile Manager section has additional templates that Meraki does not offer.

 

That being said, I have a custom payload that enforces the firewall you can use 🙂

 

https://bazaarvoice.box.com/s/nfrkdo2gz3tplcgxqgtxoqvxweqdreaj

 

 

0 Kudos
In response to sshort
Jiri
Here to help
‎May 10 2018 4:46 PM
‎May 10 2018 4:46 PM

Here is the policy in case anybody is interested

 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>Applications</key>
			<array>
				<dict>
					<key>Allowed</key>
					<false/>
					<key>BundleID</key>
					<string></string>
				</dict>
			</array>
			<key>BlockAllIncoming</key>
			<false/>
			<key>EnableFirewall</key>
			<true/>
			<key>EnableStealthMode</key>
			<false/>
			<key>PayloadDescription</key>
			<string>Firewall Payload</string>
			<key>PayloadDisplayName</key>
			<string>Firewall Payload</string>
			<key>PayloadIdentifier</key>
			<string>com.apple.security.firewall</string>
			<key>PayloadOrganization</key>
			<string></string>
			<key>PayloadType</key>
			<string>com.apple.security.firewall</string>
			<key>PayloadUUID</key>
			<string>2c446a50-e683-0135-c0eb-0c85903e08f9</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>Required firewall enforcement</string>
	<key>PayloadDisplayName</key>
	<string>Firewall enforced on client</string>
	<key>PayloadIdentifier</key>
	<string>com.apple.security.firewall.pci</string>
	<key>PayloadOrganization</key>
	<string>Your company Inc.</string>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>c9fe66c3-5292-4298-aa54-006fcd59bfdf</string>
</dict>
</plist>

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.