I'm looking for advice on re-enabling Windows Defender Firewall across our organization after having it disabled for years due to relying on a standalone perimeter firewall. We currently have around 200 Windows laptops and 50 Windows servers that are domain-joined, and we're managing them through Group Policy. Our users work both on-prem and remotely via VPN.
We're thinking about enabling Windows Defender Firewall starting with laptops first, then moving on to servers, but want to know the best practices for rolling this out. What should we consider before turning it back on, and how can we do this without causing disruptions?
1 Answer
It's crucial to test thoroughly before a full rollout. I suggest you create pilot groups for laptops first and apply the new firewall policy there. Once you confirm that everything runs smoothly, you can gradually expand to larger groups. For servers, consider enabling the firewall one at a time, starting with non-production environments. This helps minimize risks.
I totally agree. Starting with a small pilot is a smart move. It's better to deal with issues on a few devices rather than the entire fleet at once!