This tutorial will show you how turn on or off Microsoft Defender Firewall for Domain, Private, and/or Public networks in Windows 10 and Windows 11.
Microsoft Defender Firewall helps prevent hackers and malicious software from gaining access to your PC through the internet or a Domain, Private, or Public network. An organization might require you to turn it on before you can access their network resources from your device.
- Domain profile: Used for networks where there is a system of account authentication against a domain controller (DC), such as an Azure Active Directory DC
- Private profile: Designed for and best used in private networks such as a home network
- Public profile: Designed with higher security in mind for public networks like Wi-Fi hotspots, coffee shops, airports, hotels, or stores
Windows Defender Firewall with Advanced Security is a host firewall that helps secure the device in two ways. First, it can filter the network traffic permitted to enter the device from the network, and also control what network traffic the device is allowed to send to the network. Second, Windows Defender Firewall supports IPsec, which enables you to require authentication from any device that is attempting to communicate with your device. When authentication is required, devices that cannot authenticate cannot communicate with your device. By using IPsec, you can also require that specific network traffic be encrypted to prevent it from being read or intercepted while in transit between devices.
It's important to have Microsoft Defender Firewall on, even if you already have another firewall on. It helps protect you from unauthorized access.
You must be signed in as an administrator to turn on or off Microsoft Defender Firewall.
Contents
- Option One: Turn On or Off Microsoft Defender Firewall in Windows Security
- Option Two: Turn On or Off Microsoft Defender Firewall in Control Panel
- Option Three: Turn On or Off Microsoft Defender Firewall in Command Prompt
- Option Four: Turn On or Off Microsoft Defender Firewall in PowerShell
1 Open Windows Security.
2 Click/tap on Firewall & network protection. (see screenshot below)
3 Click/tap on Domain network, Private network, or Public network for which network location you want to turn on or off Microsoft Defender Firewall for. (see screenshots below)
The network location with (active) next to it is your current network location.
If Microsoft Defender Firewall is currently turned off for a network location, you can click/tap on its Turn on button if wanted, and go to step 5 instead.
4 Turn On (default) or Off Microsoft Defender Firewall for what you want. (see screenshots below)
5 If prompted by UAC, click/tap on Yes to approve.
6 You can now close Windows Security if you like.
1 Open the Control Panel (icons view), and click/tap on the Windows Defender Firewall icon.
2 Click/tap on the Turn Windows Defender Firewall on or off link on the left side. (see screenshot below)
3 Select (dot) to turn On (default) or Off Microsoft Defender Firewall for the Domain network (if available), Private network, and/or Public network you want, and click/tap on OK. (see screenshots below)
4 You can now close the Control Panel if you like.
1 Open Windows Terminal (Admin), and select Command Prompt.
2 Copy and paste the command below you want to use into Windows Terminal (Admin), and press Enter.
Turn On or Off Microsoft Defender Firewall for All Network Profiles
(Turn on - default)
netsh advfirewall set allprofiles state on
OR
(Turn off)
netsh advfirewall set allprofiles state off
Turn On or Off Microsoft Defender Firewall for Current (active) Network Profile
(Turn on - default)
netsh advfirewall set currentprofile state on
OR
(Turn off)
netsh advfirewall set currentprofile state off
Turn On or Off Microsoft Defender Firewall for Domain Network Profile
(Turn on - default)
netsh advfirewall set domainprofile state on
OR
(Turn off)
netsh advfirewall set domainprofile state off
Turn On or Off Microsoft Defender Firewall for Private Network Profile
(Turn on - default)
netsh advfirewall set privateprofile state on
OR
(Turn off)
netsh advfirewall set privateprofile state off
Turn On or Off Microsoft Defender Firewall for Public Network Profile
(Turn on - default)
netsh advfirewall set publicprofile state on
OR
(Turn off)
netsh advfirewall set publicprofile state off
3 When finished, you can close Windows Terminal (Admin) if you like.
Set-NetFirewallProfile (NetSecurity)
Use this topic to help manage Windows and Windows Server technologies with Windows PowerShell.
learn.microsoft.com
1 Open Windows Terminal (Admin), and select Windows PowerShell.
2 Copy and paste the command below you want to use into Windows Terminal (Admin), and press Enter.
Turn On or Off Microsoft Defender Firewall for All Network Profiles
(Turn on - default)
Set-NetFirewallProfile -All -Enabled True
OR
(Turn off)
Set-NetFirewallProfile -All -Enabled False
Turn On or Off Microsoft Defender Firewall for Domain Network Profile
(Turn on - default)
Set-NetFirewallProfile -Profile Domain -Enabled True
OR
(Turn off)
Set-NetFirewallProfile -Profile Domain -Enabled False
Turn On or Off Microsoft Defender Firewall for Private Network Profile
(Turn on - default)
Set-NetFirewallProfile -Profile Private -Enabled True
OR
(Turn off)
Set-NetFirewallProfile -Profile Private -Enabled False
Turn On or Off Microsoft Defender Firewall for Public Network Profile
(Turn on - default)
Set-NetFirewallProfile -Profile Public -Enabled True
OR
(Turn off)
Set-NetFirewallProfile -Profile Public -Enabled False
3 When finished, you can close Windows Terminal (Admin) if you like.
That's it,
Shawn Brink
Attachments
Last edited: