Privacy and Security Enable or Disable Microsoft Defender Firewall in Windows 11


  • Staff
Microsoft_Defender_Firewall_banner.png

This tutorial will show you how to enable or disable the ability to turn on or off Microsoft Defender Firewall in Windows 10 and Windows 11.

Microsoft Defender Firewall helps prevent hackers and malicious software from gaining access to your PC through the internet or a Domain, Private, or Public network. An organization might require you to turn it on before you can access their network resources from your device.
  • Domain profile: Used for networks where there is a system of account authentication against a domain controller (DC), such as an Azure Active Directory DC
  • Private profile: Designed for and best used in private networks such as a home network
  • Public profile: Designed with higher security in mind for public networks like Wi-Fi hotspots, coffee shops, airports, hotels, or stores
The Windows Defender Firewall with Advanced Security MMC snap-in is more flexible and provides much more functionality than the user-friendly Microsoft Defender Firewall interface in the Control Panel or Firewall & network protection interface in Windows Security.

Windows Defender Firewall with Advanced Security is a host firewall that helps secure the device in two ways. First, it can filter the network traffic permitted to enter the device from the network, and also control what network traffic the device is allowed to send to the network. Second, Windows Defender Firewall supports IPsec, which enables you to require authentication from any device that is attempting to communicate with your device. When authentication is required, devices that cannot authenticate cannot communicate with your device. By using IPsec, you can also require that specific network traffic be encrypted to prevent it from being read or intercepted while in transit between devices.

It's important to have Microsoft Defender Firewall on, even if you already have another firewall on. It helps protect you from unauthorized access.


You must be signed in as an administrator to enable or disable Microsoft Defender Firewall.



Contents

  • Option One: Enable or Disable Microsoft Defender Firewall for Private and Public Networks in Local Group Policy Editor
  • Option Two: Enable or Disable Microsoft Defender Firewall for Private and Public Networks using REG file
  • Option Three: Enable or Disable Microsoft Defender Firewall for Domain Networks in Local Group Policy Editor
  • Option Four: Enable or Disable Microsoft Defender Firewall for Domain Networks using REG file


EXAMPLE: Microsoft Defender Firewall disabled

Microsoft_Defender_Firewall_default.png
Microsoft_Defender_Firewall_always_enabled.png
Microsoft_Defender_Firewall_always_disabled.png


Microsoft_Defender_Firewall_always_enabled_CP.png
Microsoft_Defender_Firewall_always_disabled_CP.png





Option One

Enable or Disable Microsoft Defender Firewall for Private and Public Networks in Local Group Policy Editor


The Local Group Policy Editor is only available in the Windows 10/11 Pro, Enterprise, and Education editions.

All editions can use Option Two for the same policy.


1 Open the Local Group Policy Editor (gpedit.msc).

2 Navigate to the policy location below in the left pane of the Local Group Policy Editor. (see screenshot below)

Computer Configuration>Administrative Templates>Network>Network Connections>Windows Defender Firewall>Standard Profile

Microsoft_Defender_Firewall_Private_Public_gpedit-1.png

3 In the right pane of Standard Profile in the Local Group Policy Editor, double click/tap on the Windows Defender Firewall: Protect all network connections policy to edit it. (see screenshot above)

4 Do step 5 (always enable), step 6 (always disable), or step 7 (default) below for what you would like to do.

5 Always Enable Microsoft Defender Firewall for Private and Public Networks

This will turn on and prevent turning off Microsoft Defender Firewall for Private and Public networks.


A) Select (dot) Enabled. (see screenshot below step7)​

B) Click/tap on OK, and go to step 8 below.​

6 Always Disable Microsoft Defender Firewall for Private and Public Networks

This will turn off and prevent turning on Microsoft Defender Firewall for Private and Public networks.


A) Select (dot) Disabled. (see screenshot below step 7)​

B) Click/tap on OK, and go to step 8 below.​

7 Default User Choice Microsoft Defender Firewall for Private and Public Networks

This is the default setting to allow turning on or off Microsoft Defender Firewall for Private and Public Networks.


A) Select (dot) Not Configured. (see screenshot below)​

B) Click/tap on OK, and go to step 8 below.​

Microsoft_Defender_Firewall_gpedit-2.png

8 Close the Local Group Policy Editor.




Option Two

Enable or Disable Microsoft Defender Firewall for Private and Public Networks using REG file


1 Do step 2 (always enable), step 3 (always disable), or step 4 (default) below for what you would like to do.

2 Always Enable Microsoft Defender Firewall for Private and Public Networks

This will turn on and prevent turning off Microsoft Defender Firewall for Private and Public networks.


A) Click/tap on the Download button below to download the file below, and go to step 5 below.​

Always_enable_Microsoft_Defender_Firewall_for_Private_and_Public_networks.reg


(Contents of REG file for reference)
Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall"=dword:00000001

3 Always Disable Microsoft Defender Firewall for Private and Public Networks

This will turn off and prevent turning on Microsoft Defender Firewall for Private and Public networks.


A) Click/tap on the Download button below to download the file below, and go to step 5 below.​

Always_disable_Microsoft_Defender_Firewall_for_Private_and_Public_networks.reg


(Contents of REG file for reference)
Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall"=dword:00000000

4 Default User Choice Microsoft Defender Firewall for Private and Public Networks

This is the default setting to allow turning on or off Microsoft Defender Firewall for Private and Public Networks.


A) Click/tap on the Download button below to download the file below, and go to step 5 below.​

Default_user_choice_turn_on-off_Microsoft_Defender_Firewall_for_Private_and_Public_networks.reg


(Contents of REG file for reference)
Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall"=-

5 Save the .reg file to your desktop.

6 Double click/tap on the downloaded .reg file to merge it.

7 When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.

8 You can now delete the downloaded .reg file if you like.




Option Three

Enable or Disable Microsoft Defender Firewall for Domain Networks in Local Group Policy Editor


The Local Group Policy Editor is only available in the Windows 10/11 Pro, Enterprise, and Education editions.

All editions can use Option Four for the same policy.


1 Open the Local Group Policy Editor (gpedit.msc).

2 Navigate to the policy location below in the left pane of the Local Group Policy Editor. (see screenshot below)

Computer Configuration>Administrative Templates>Network>Network Connections>Windows Defender Firewall>Domain Profile

Microsoft_Defender_Firewall_Domain_gpedit-1.png

3 In the right pane of Domain Profile in the Local Group Policy Editor, double click/tap on the Windows Defender Firewall: Protect all network connections policy to edit it. (see screenshot above)

4 Do step 5 (always enable), step 6 (always disable), or step 7 (default) below for what you would like to do.


 5. Always Enable Microsoft Defender Firewall for Domain networks

This will turn on and prevent turning off Microsoft Defender Firewall for Domain networks.


A) Select (dot) Enabled. (see screenshot below step 7)​

B) Click/tap on OK, and go to step 8 below.​


 6. Always Disable Microsoft Defender Firewall for Domain networks

This will turn off and prevent turning on Microsoft Defender Firewall for Domain networks.


A) Select (dot) Disabled. (see screenshot below step 7)​

B) Click/tap on OK, and go to step 8 below.​


 7. Default User Choice Microsoft Defender Firewall for Domain networks

This is the default setting to allow turning on or off Microsoft Defender Firewall for Domain Networks.


A) Select (dot) Not Configured. (see screenshot below)​

B) Click/tap on OK, and go to step 8 below.​

Microsoft_Defender_Firewall_gpedit-2.png

8 Close the Local Group Policy Editor.



Option Four

Enable or Disable Microsoft Defender Firewall for Domain Networks using REG file


1 Do step 2 (always enable), step 3 (always disable), or step 4 (default) below for what you would like to do.


 2. Always Enable Microsoft Defender Firewall for Domain Networks

This will turn on and prevent turning off Microsoft Defender Firewall for Domain networks.


A) Click/tap on the Download button below to download the file below, and go to step 5 below.​

Always_enable_Microsoft_Defender_Firewall_for_Domain_networks.reg


(Contents of REG file for reference)
Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall"=dword:00000001


 3. Always Disable Microsoft Defender Firewall for Domain Networks

This will turn off and prevent turning on Microsoft Defender Firewall for Domain networks.


A) Click/tap on the Download button below to download the file below, and go to step 5 below.​

Always_disable_Microsoft_Defender_Firewall_for_Domain_networks.reg


(Contents of REG file for reference)
Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall"=dword:00000000


 4. Default User Choice Microsoft Defender Firewall for Domain Networks

This is the default setting to allow turning on or off Microsoft Defender Firewall for Domain Networks.


A) Click/tap on the Download button below to download the file below, and go to step 5 below.​

Default_user_choice_turn_on-off_Microsoft_Defender_Firewall_for_Domain_networks.reg


(Contents of REG file for reference)
Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall"=-

5 Save the .reg file to your desktop.

6 Double click/tap on the downloaded .reg file to merge it.

7 When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.

8 You can now delete the downloaded .reg file if you like.


That's it,
Shawn Brink


 

Attachments

  • Microsoft_Defender_Firewall.png
    Microsoft_Defender_Firewall.png
    10.7 KB · Views: 161
  • Always_disable_Microsoft_Defender_Firewall_for_Private_and_Public_networks.reg
    660 bytes · Views: 294
  • Always_enable_Microsoft_Defender_Firewall_for_Private_and_Public_networks.reg
    660 bytes · Views: 241
  • Default_user_choice_turn_on-off_Microsoft_Defender_Firewall_for_Private_and_Public_networks.reg
    634 bytes · Views: 232
  • Always_disable_Microsoft_Defender_Firewall_for_Domain_networks.reg
    656 bytes · Views: 237
  • Always_enable_Microsoft_Defender_Firewall_for_Domain_networks.reg
    656 bytes · Views: 228
  • Default_user_choice_turn_on-off_Microsoft_Defender_Firewall_for_Domain_networks.reg
    630 bytes · Views: 206
Last edited:

Latest Support Threads

Back
Top Bottom