Microsoft Intune will update its network endpoints to use Azure Front Door IP addresses starting December 2, 2025, enhancing security and simplifying firewall management. IT admins must update firewall rules to avoid service disruptions in device and app management workflows.
Prepare Now for Microsoft Intune Network Changes in 2025
Attention tech professionals: Microsoft Intune is updating its network endpoints starting December 2, 2025. This change introduces Azure Front Door IP addresses to enhance security and streamline firewall management. If your organization controls outbound traffic using IP allowlists or Azure service tags, updating your firewall rules is critical. Without these updates, users could face login failures and connectivity issues with Intune-managed devices and apps. This update is part of Microsoft’s Secure Future Initiative, aiming to align Intune with modern security best practices. Integrating Azure Front Door IPs simplifies firewall configurations, especially for organizations using multiple Microsoft services. However, it requires proactive firewall rule adjustments to prevent service disruptions.“This improvement supports better alignment with modern security practices and simplifies firewall management,” explained the Microsoft Intune Support Team.
How to Update Your Firewall Rules Efficiently
First, download the latest Azure IP ranges and service tags JSON files from Microsoft’s official sources. Search for the tag “AzureFrontDoor.MicrosoftSecurity” to identify new IP ranges. Then, update your firewall allowlists to include these IP addresses. Alternatively, add the service tag itself to your firewall rules to automatically cover all relevant IPs. Remember to apply these changes across all network security devices—firewalls, routers, proxy servers, VPNs, and network security groups. Outbound traffic on port 443 must be allowed for these new ranges to maintain uninterrupted Intune services. If you’re not the admin responsible, notify your networking team immediately.Benefits and Practical Implications for Your Organization
Updating your firewall rules now ensures seamless device management and app protection via Intune. It prevents login issues, connectivity loss, and app disruptions. Moreover, adopting Azure Front Door IPs improves overall network security posture by leveraging Microsoft’s global edge network. In the long term, this change reduces firewall complexity. It creates a unified approach to managing multiple Microsoft cloud services. This translates into fewer manual updates and less operational overhead for IT teams.“Updating firewall configurations ahead of time will prevent service disruptions and improve security across Microsoft services,” Microsoft advises.In conclusion, the upcoming Intune network changes require your attention today. Review your firewall policies, incorporate Azure Front Door IPs, and communicate with your team. Doing so guarantees uninterrupted device management and strengthens your organization’s security framework. Stay ahead of the curve by preparing now.
Key points from the article:
From the Intune Customer Success articles
