Zehadi Alam
Protecting Mac devices with a properly configured firewall is an important part of an organization's security posture. macOS comes with a built-in application firewall that can be utilized to control network traffic based on predefined rules. The following section demonstrates the process of configuring and deploying a macOS firewall policy within the Intune environment.
Navigate to Endpoint Security Firewall
Select Create Policy
Select macOS for Platform and macOS firewall for Profile. Click Create at the bottom.
The following is an example of a firewall configuration. Customize the specific settings to best suit your unique environment and requirements.
The native firewall in macOS provides the capability to define granular connection rules per application. Administrators can configure inbound access as blocked or allowed for specific apps by adding rules and specifying the unique bundle ID assigned to each application.
To identify the bundle ID for a target application:
- Open Terminal on the Mac
- Run the following command, replacing App Name with the name of the application: osascript -e 'id of app "App Name"'
The bundle ID will be returned for use in the firewall rule configuration. Once the configurations have been established, proceed through the remaining steps and assign the policy to the appropriate device groups. Carefully review the policy settings before finalizing its creation.