Discover How to Set Up Stealth Mode on macOS Using Intune.
This tutorial shows various techniques for activating stealth mode on macOS with Intune. Activating stealth mode stops the Mac from acknowledging probing requests. The computer continues to respond to authorized app requests. The stealth mode feature plays a crucial role in the security of Mac devices.
Turning off this function could expose the computer to potential attacks, even when connected to secure corporate networks and protected by firewalls. Hence, it is highly advised to maintain stealth mode enabled and only deactivate it when necessary.
You can enable stealth mode on Mac devices using Intune along with configuring macOS firewall settings. Ensure that the Mac devices are registered in Intune prior to setting up the stealth mode.
What Does Stealth Mode Mean?
Stealth mode, an advanced feature in macOS, can enhance your Mac's digital invisibility. By default, individuals connected to the same network can readily identify your Mac's existence on their devices. This increases your susceptibility to specific attacks and malware.
You can complicate things for malicious individuals by activating stealth mode, which causes your Mac to disregard ping and connection requests from TCP or UDP networks that are closed. Essentially, it will seem hidden from potential malicious users. There are various methods listed below to activate or deactivate the stealth mode for macOS in Intune.
Utilizing Endpoint Security Configurations
A profile for configuring a device Configuring the Stealth mode management policy in the settings catalog. We will address all the methods, however, the decision on which method to choose is at your discretion. Regardless of the approach taken, the ultimate objective remains unchanged: to activate macOS stealth mode.
Stealth mode via Intune can only be enabled on Mac devices if the firewall is also enabled. If you have already set up the Firewall using any method, you can enable stealth mode by adjusting the configuration settings. Setting up one policy for stealth mode should be simpler compared to configuring a separate policy.
1. Policy on Endpoint Security
In this approach, a firewall policy is established for endpoint security, and macOS stealth mode is activated. Log in to the Microsoft Intune administrative portal. Navigate to Endpoint Security, click on Firewall, and choose the option to create a new policy. Select macOS as the platform and select macOS firewall as the profile, then click on Create.
Identify the name and explain the policy. Ensure that the firewall is turned on on the Configuration Settings page. After that, switch Enable Stealth Mode to Yes and then proceed by clicking Next. Allocate this policy to your groups of Mac devices and finish the remaining tasks. This is how it works: once the Mac devices synchronize with Intune, the stealth mode is activated.
2. Catalog Policy for Settings
This technique involves utilizing the Intune settings catalog policy to activate stealth mode on macOS. Once more, activating the firewall is necessary prior to activating the stealth mode. Navigate to Configuration in the Devices > macOS devices section of the Intune admin center. Choose Create > New Policy under the Policies section. Choose Profile type as Settings Catalog and then proceed to click on Create.
Activate Stealth Mode on macOS by utilizing the Intune Settings Catalog Policy. Click on Add Settings in the Configuration Settings section within the Settings Catalog. In the Settings picker window, search for "Stealth Mode" in the search box and press Search. After finding the search results, navigate to the Networking category, choose Firewall, activate the "Enable Stealth Mode" option, and then exit the Settings Picker.
Ensure that you adjust the settings. - Turn on Firewall: Yes Activate Stealth Mode: Affirmative Click on the Next button and allocate this policy to the groups of Mac devices. Once the Mac devices synchronize with Intune once more, the policies are enforced, and stealth mode is activated. Activate Stealth Mode on macOS with Intune Settings Catalog Policy.
3. Configuration Options For Endpoint Security
The security of macOS devices is managed by the endpoint protection settings, which include FileVault 2 encryption, Gatekeeper, and the firewall. By setting up a new device configuration profile and applying it to macOS devices, you can activate both the firewall and stealth mode. Navigate to Devices > macOS > Configuration within the Intune admin center.
Choose the option "Create" on the Policies tab. Choose the specified options on the Create a Profile page before clicking on Create. Operating System: macOS Profile category: Templates Name of template: Protection for endpoints On the Configuration Settings page, make adjustments to the specified settings. Activate Firewall: Change this to Yes Activate Stealth Mode by setting it to Yes.
Proceed to the following stage: allocate the setup profile to your macOS gadgets. On the Review + Create page, select Create once you have finished. Both the firewall and stealth mode are activated when applying this configuration profile to designated Mac devices. Check the setup of Stealth Mode on Mac devices.
Following the activation of stealth mode on macOS devices through Intune, we will proceed to confirm that our Mac devices have effectively received the settings. The sole method to achieve this is by logging into a Mac device and examining the firewall setup. This is how you can verify if the Intune policy has activated stealth mode on your Mac device:
Click on the Apple icon in the top-left corner and choose System Preferences.
Visit Network and choose Firewall > Options.
You can determine if the stealth mode is turned on or off here.
The Enable Stealth Mode setting can be seen as enabled in the Intune policy and the stealth mode setting is disabled for Mac users, indicating that it is now controlled by Intune.
Conclusion
That is all! Stealth mode has been activated, making your Mac undetectable to other devices in the network. Keep in mind that enabling this mode is unnecessary if you are using a private network solely with trusted individuals.
Enabling stealth mode on a private network can add difficulty to connecting to wireless printers and devices. If external users are unable to ping your Mac, then it is also possible that another device may not be able to do so. So just turn it on when you don't feel safe.