) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Microsoft Windows Defender Firewall with Advanced Security STIG Ver 2, Rel 2 Checklist Details (Checklist Revisions)
SCAP 1.2 Content:
-
Download SCAP 1.2 Content - Microsoft Windows Defender Firewall with Advanced Security STIG Benchmark - Ver 2, Rel 3
- Author: Defense Information Systems Agency
Supporting Resources:
-
Download Standalone XCCDF 1.1.4 - Microsoft Windows Defender Firewall with Advanced Security STIG - Ver 2, Rel 2
- Defense Information Systems Agency
-
Download Intune Policies - Intune Policy - April 2026
- Defense Information Systems Agency
-
Download GPOs - Group Policy Objects (GPOs) - April 2026
- Defense Information Systems Agency
-
Download Automated Content - SCC 5.14 Windows
- Defense Information Systems Agency
Target:
| Target | CPE Name |
|---|---|
| Windows Firewall | cpe:/a:microsoft:windows_firewall (View CVEs) |
Checklist Highlights
- Checklist Name:
- Microsoft Windows Defender Firewall with Advanced Security STIG
- Checklist ID:
- 686
- Version:
- Ver 2, Rel 2
- Type:
- Compliance
- Review Status:
- Final
- Authority:
- Governmental Authority: Defense Information Systems Agency
- Original Publication Date:
- 04/28/2017
Checklist Summary:
The Security Technical Implementation Guide (STIG) for Microsoft Windows Defender Firewall with Advanced Security is published as a tool to improve the security of Department of Defense (DOD) information systems. Starting with Windows Vista and Windows Server 2008, Microsoft included the Windows Defender Firewall with Advanced Security, which provides significant enhancements over the previous Windows Firewall. This document provides guidance specifically for Windows Defender Firewall with Advanced Security for systems that are not capable of using an approved ESS Host Intrusion Prevention (HIP) firewall. This document is meant for use in conjunction with the appropriate operating system (OS) STIGs.
Checklist Role:
- Firewall
Known Issues:
Not Provided
Target Audience:
Not Provided
Target Operational Environment:
- Managed
- Specialized Security-Limited Functionality (SSLF)
Testing Information:
Not Provided
Regulatory Compliance:
DoD Instruction (DoDI) 8500.01
Comments/Warnings/Miscellaneous:
Comments or proposed revisions to this document should be sent via email to the following address: [email protected]. DISA will coordinate all change requests with the relevant DOD organizations before inclusion in this document. Approved changes will be made in accordance with the DISA maintenance release schedule.
Disclaimer:
Not Provided
Product Support:
Not Provided
Point of Contact:
Sponsor:
Not Provided
Licensing:
Not Provided
Change History:
Dependency/Requirements:
| URL | Description |
|---|
References:
| Reference URL | Description |
|---|