Enable/Disable Stealth Mode on macOS using Intune

Stealth mode is a security feature on macOS that protects your system from potential attackers. By default, your Mac is visible on the same network and responds to Ping/ICMP requests. Enabling Stealth mode, which can be found in the macOS firewall settings, prevents your Mac from responding to Ping/ICMP requests or connection attempts from closed TCP/UDP ports.

By default, the macOS Firewall is disabled, which also means Stealth mode is turned off. You can first enable the firewall on your Mac and then activate Stealth mode. In my previous blog post, I discussed various methods to enable the Mac Firewall using Intune, including how to access the Stealth mode option. However, in this post, we’ll focus specifically on Stealth mode and walk through the steps to enable or disable it.

2 Ways to Manage Stealth mode using Intune

  1. Using Endpoint Security Firewall Policy
  2. Device Configuration Profile > Settings Catalog Policy

1. Using Endpoint Security Firewall Policy

  • Sign into the Intune admin center > Endpoint Security > Firewall > Create Policy. Then select Platform as MacOS and Profile as macOS firewall.
Select Platform as MacOS and Profile as macOS firewall
Select Platform as MacOS and Profile as macOS firewall
  • In the Configuration settings, you will find the option to Enable Stealth mode. Alternatively, you can leave it in the Not configured state.
Configure Stealth mode setting
Configure Stealth mode setting

2. Settings Catalog Policy

Sign in to the Intune admin center > Devices > macOS > Configuration > Create > New Policy. Select Platform as macOS and Profile type as Settings catalog.

Create a Settings catalog device configuration profile for Stealth mode on Mac
Create a Settings catalog device configuration profile for Stealth mode on Mac

Proceed through the Basics tab. On the Configuration settings tab, click Add settings, then use the Settings picker to search for the keyword firewall. This will display the categories where you can find firewall-related settings for macOS.

Select Networking > Firewall, then choose the Enable Stealth Mode setting. When you enable Stealth Mode, you’ll notice that the Enable Firewall setting is automatically selected. This is because Stealth Mode requires the firewall to be enabled on your Mac.

Select Enable Stealth Mode setting using Settings picker
Select Enable Stealth Mode setting using Settings picker
  • Enable Firewall – Enable Firewall on Mac.
  • Enable Stealth Mode – Use the toggle switch to set Stealth Mode to True in order to enable it. If you don’t want to enable Stealth Mode and just want to enable firewall, you can leave it set to False.
Enable/Disable Stealth Mode
Enable/Disable Stealth Mode

Verifying Stealth Mode Setting on Mac Devices

Sign in to one of the target Mac devices and follow the steps below:

  • Select the Apple Icon from menu bar.
  • Select System Settings.
  • Click Network in the sidebar
  • Click Firewall > Options
  • You will find Enable Stealth mode setting status here.

You will find that Enable Stealth mode setting is greyed out and cannot be changed manually as its managed by Intune.

Verifying Stealth Mode Setting on Mac Devices
  • Status of Enable Stealth mode setting.
Verifying Stealth Mode Setting on Mac Devices

Leave a Comment