STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

Microsoft Windows Defender Firewall with Advanced Security Security Technical Implementation Guide

Version

V2R2

Benchmark ID

Windows_Firewall_with_Advanced_Security

Total Checks

21

Tags

windowsnetwork
CAT I: 3CAT II: 9CAT III: 9

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSON

Checks (21)

V-241989MEDIUMWindows Defender Firewall with Advanced Security must be enabled when connected to a domain.V-241990MEDIUMWindows Defender Firewall with Advanced Security must be enabled when connected to a private network.V-241991MEDIUMWindows Defender Firewall with Advanced Security must be enabled when connected to a public network.V-241992HIGHWindows Defender Firewall with Advanced Security must block unsolicited inbound connections when connected to a domain.V-241993MEDIUMWindows Defender Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a domain.V-241994LOWWindows Defender Firewall with Advanced Security log size must be configured for domain connections.V-241995LOWWindows Defender Firewall with Advanced Security must log dropped packets when connected to a domain.V-241996LOWWindows Defender Firewall with Advanced Security must log successful connections when connected to a domain.V-241997HIGHWindows Defender Firewall with Advanced Security must block unsolicited inbound connections when connected to a private network.V-241998MEDIUMWindows Defender Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a private network.V-241999LOWWindows Defender Firewall with Advanced Security log size must be configured for private network connections.V-242000LOWWindows Defender Firewall with Advanced Security must log dropped packets when connected to a private network.V-242001LOWWindows Defender Firewall with Advanced Security must log successful connections when connected to a private network.V-242002HIGHWindows Defender Firewall with Advanced Security must block unsolicited inbound connections when connected to a public network.V-242003MEDIUMWindows Defender Firewall with Advanced Security must allow outbound connections, unless a rule explicitly blocks the connection when connected to a public network.V-242004MEDIUMWindows Defender Firewall with Advanced Security local firewall rules must not be merged with Group Policy settings when connected to a public network.V-242005MEDIUMWindows Defender Firewall with Advanced Security local connection rules must not be merged with Group Policy settings when connected to a public network.V-242006LOWWindows Defender Firewall with Advanced Security log size must be configured for public network connections.V-242007LOWWindows Defender Firewall with Advanced Security must log dropped packets when connected to a public network.V-242008LOWWindows Defender Firewall with Advanced Security must log successful connections when connected to a public network.V-242009MEDIUMInbound exceptions to the firewall on domain workstations must only allow authorized remote management hosts.