9.3.3 (L1) Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No'

Information

Select this option to have Windows Firewall with Advanced Security display notifications to the user when a program is blocked from receiving inbound connections.

The recommended state for this setting is: No

Some organizations may prefer to avoid alarming users when firewall rules block certain types of network activity. However, notifications can be helpful when troubleshooting network issues involving the firewall.

Solution

To establish the recommended configuration via GP, set the following UI path to 'No':

Computer Configuration\Policies\Windows Settings\Security Settings\Windows Defender Firewall with Advanced Security\Windows Defender Firewall with Advanced Security\Windows Firewall Properties\Public Profile\Settings Customize\Display a notification

Impact:

Windows Firewall will not display a notification when a program is blocked from receiving inbound connections.

See Also

https://workbench.cisecurity.org/benchmarks/17689

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7, 800-53|SC-7(5), CSCv7|9.4, CSCv7|11.2

Plugin: Windows

Control ID: 6957a0e3b3abeba18d6195404a6529a79f33bca520ba3bda1174b0f03e71ccfc