Public/Configuration/Baseline/ConfigurationPolicies/JyskIT-Baseline-SEC-Firewall.json

{
  "templateReference": {
    "templateDisplayName": "Windows Firewall",
    "templateFamily": "endpointSecurityFirewall",
    "templateId": "6078910e-d808-4a9f-a51d-1b8a7bacb7c0_1",
    "templateDisplayVersion": "Version 1"
  },
  "platforms": "windows10",
  "roleScopeTagIds": [
    "0"
  ],
  "technologies": "mdm,microsoftSense",
  "description": "Enables Windows Firewall for all Windows 10 devices with recommended settings.",
  "name": "JyskIT-Baseline-SEC-Firewall",
  "settings": [
    {
      "id": "0",
      "settingInstance": {
        "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
        "settingInstanceTemplateReference": {
          "settingInstanceTemplateId": "7714c373-a19a-4b64-ba6d-2e9db04a7684"
        },
        "choiceSettingValue": {
          "children": [
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_domainprofile_globalportsallowuserprefmerge_false"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_domainprofile_globalportsallowuserprefmerge"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_domainprofile_defaultinboundaction_1"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_domainprofile_defaultinboundaction"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_domainprofile_enablelogdroppedpackets_true"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_domainprofile_enablelogdroppedpackets"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_domainprofile_defaultoutboundaction_0"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_domainprofile_defaultoutboundaction"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_domainprofile_disableinboundnotifications_true"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_domainprofile_disableinboundnotifications"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
              "settingInstanceTemplateReference": null,
              "simpleSettingValue": {
                "@odata.type": "#microsoft.graph.deviceManagementConfigurationStringSettingValue",
                "settingValueTemplateReference": null,
                "value": "%systemroot%\\system32\\LogFiles\\Firewall\\pfirewall.log"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_domainprofile_logfilepath"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
              "settingInstanceTemplateReference": null,
              "simpleSettingValue": {
                "@odata.type": "#microsoft.graph.deviceManagementConfigurationIntegerSettingValue",
                "settingValueTemplateReference": null,
                "value": 1024
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_domainprofile_logmaxfilesize"
            }
          ],
          "settingValueTemplateReference": {
            "settingValueTemplateId": "120c5dbe-0c88-46f0-b897-2c996d3e5277",
            "useTemplateDefault": false
          },
          "value": "vendor_msft_firewall_mdmstore_domainprofile_enablefirewall_true"
        },
        "settingDefinitionId": "vendor_msft_firewall_mdmstore_domainprofile_enablefirewall"
      }
    },
    {
      "id": "1",
      "settingInstance": {
        "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
        "settingInstanceTemplateReference": {
          "settingInstanceTemplateId": "1c14f914-69bb-49f8-af5b-e29173a6ee95"
        },
        "choiceSettingValue": {
          "children": [
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_privateprofile_disableinboundnotifications_true"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_privateprofile_disableinboundnotifications"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_privateprofile_defaultoutboundaction_0"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_privateprofile_defaultoutboundaction"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
              "settingInstanceTemplateReference": null,
              "simpleSettingValue": {
                "@odata.type": "#microsoft.graph.deviceManagementConfigurationIntegerSettingValue",
                "settingValueTemplateReference": null,
                "value": 1024
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_privateprofile_logmaxfilesize"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_privateprofile_defaultinboundaction_1"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_privateprofile_defaultinboundaction"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
              "settingInstanceTemplateReference": null,
              "simpleSettingValue": {
                "@odata.type": "#microsoft.graph.deviceManagementConfigurationStringSettingValue",
                "settingValueTemplateReference": null,
                "value": "%systemroot%\\system32\\LogFiles\\Firewall\\pfirewall.log"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_privateprofile_logfilepath"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_privateprofile_enablelogdroppedpackets_true"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_privateprofile_enablelogdroppedpackets"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_privateprofile_enablelogsuccessconnections_false"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_privateprofile_enablelogsuccessconnections"
            }
          ],
          "settingValueTemplateReference": {
            "settingValueTemplateId": "9d55dfae-d55f-4f2a-af03-9a9524f61e76",
            "useTemplateDefault": false
          },
          "value": "vendor_msft_firewall_mdmstore_privateprofile_enablefirewall_true"
        },
        "settingDefinitionId": "vendor_msft_firewall_mdmstore_privateprofile_enablefirewall"
      }
    },
    {
      "id": "2",
      "settingInstance": {
        "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
        "settingInstanceTemplateReference": {
          "settingInstanceTemplateId": "e2714734-708e-4286-8ae9-d56821e306a3"
        },
        "choiceSettingValue": {
          "children": [
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
              "settingInstanceTemplateReference": null,
              "simpleSettingValue": {
                "@odata.type": "#microsoft.graph.deviceManagementConfigurationIntegerSettingValue",
                "settingValueTemplateReference": null,
                "value": 1024
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_publicprofile_logmaxfilesize"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_publicprofile_enablelogdroppedpackets_true"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_publicprofile_enablelogdroppedpackets"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_publicprofile_defaultoutboundaction_0"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_publicprofile_defaultoutboundaction"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_publicprofile_disableinboundnotifications_true"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_publicprofile_disableinboundnotifications"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
              "settingInstanceTemplateReference": null,
              "simpleSettingValue": {
                "@odata.type": "#microsoft.graph.deviceManagementConfigurationStringSettingValue",
                "settingValueTemplateReference": null,
                "value": "%systemroot%\\system32\\LogFiles\\Firewall\\pfirewall.log"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_publicprofile_logfilepath"
            },
            {
              "@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
              "settingInstanceTemplateReference": null,
              "choiceSettingValue": {
                "children": [],
                "settingValueTemplateReference": null,
                "value": "vendor_msft_firewall_mdmstore_publicprofile_defaultinboundaction_1"
              },
              "settingDefinitionId": "vendor_msft_firewall_mdmstore_publicprofile_defaultinboundaction"
            }
          ],
          "settingValueTemplateReference": {
            "settingValueTemplateId": "c38694c7-51a4-4a35-8f64-b10866a04776",
            "useTemplateDefault": false
          },
          "value": "vendor_msft_firewall_mdmstore_publicprofile_enablefirewall_true"
        },
        "settingDefinitionId": "vendor_msft_firewall_mdmstore_publicprofile_enablefirewall"
      }
    }
  ],
  "assignments": [
    {
      "target": {
        "@odata.type" : "#microsoft.graph.allDevicesAssignmentTarget"
      }
    }
  ]
}