Stealth mode is a security feature on macOS that protects your system from potential attackers. By default, your Mac is visible on the same network and responds to Ping/ICMP requests. Enabling Stealth mode, which can be found in the macOS firewall settings, prevents your Mac from responding to Ping/ICMP requests or connection attempts from closed TCP/UDP ports.
By default, the macOS Firewall is disabled, which also means Stealth mode is turned off. You can first enable the firewall on your Mac and then activate Stealth mode. In my previous blog post, I discussed various methods to enable the Mac Firewall using Intune, including how to access the Stealth mode option. However, in this post, we’ll focus specifically on Stealth mode and walk through the steps to enable or disable it.
2 Ways to Manage Stealth mode using Intune
- Using Endpoint Security Firewall Policy
- Device Configuration Profile > Settings Catalog Policy
1. Using Endpoint Security Firewall Policy
- Sign into the Intune admin center > Endpoint Security > Firewall > Create Policy. Then select Platform as MacOS and Profile as macOS firewall.
- In the Configuration settings, you will find the option to Enable Stealth mode. Alternatively, you can leave it in the Not configured state.
2. Settings Catalog Policy
Sign in to the Intune admin center > Devices > macOS > Configuration > Create > New Policy. Select Platform as macOS and Profile type as Settings catalog.
Proceed through the Basics tab. On the Configuration settings tab, click Add settings, then use the Settings picker to search for the keyword firewall. This will display the categories where you can find firewall-related settings for macOS.
Select Networking > Firewall, then choose the Enable Stealth Mode setting. When you enable Stealth Mode, you’ll notice that the Enable Firewall setting is automatically selected. This is because Stealth Mode requires the firewall to be enabled on your Mac.
- Enable Firewall – Enable Firewall on Mac.
- Enable Stealth Mode – Use the toggle switch to set Stealth Mode to True in order to enable it. If you don’t want to enable Stealth Mode and just want to enable firewall, you can leave it set to False.
Verifying Stealth Mode Setting on Mac Devices
Sign in to one of the target Mac devices and follow the steps below:
- Select the Apple Icon from menu bar.
- Select System Settings.
- Click Network in the sidebar
- Click Firewall > Options
- You will find Enable Stealth mode setting status here.
You will find that Enable Stealth mode setting is greyed out and cannot be changed manually as its managed by Intune.
- Status of Enable Stealth mode setting.