35.3 (L1) Ensure 'Enable Domain Network Firewall: Disable Inbound Notifications' is set to 'True'

Information

Select this option to have Windows Firewall with Advanced Security display notifications to the user when a program is blocked from receiving inbound connections.

The recommended state for this setting is: True

Note: When the Apply local firewall rules setting is configured to No it's recommended to also configure the Display a notification setting to No Otherwise, users will continue to receive messages that ask if they want to unblock a restricted inbound connection, but the user's response will be ignored.

Firewall notifications can be complex and may confuse the end users, who would not be able to address the alert.

Solution

To establish the recommended configuration via configuration profiles, set the following Settings Catalog path to True :

Firewall\Enable Domain Network Firewall: Disable Inbound Notifications

Impact:

Windows Firewall will not display a notification when a program is blocked from receiving inbound connections.

See Also

https://workbench.cisecurity.org/benchmarks/16852

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7, 800-53|SC-7(5), CSCv7|9.4, CSCv7|11.2

Plugin: Windows

Control ID: 782a0e7aa97fda2d5fb214948ba67d5c28137a4957fa3f33e533d9ba3eb4de39