From 3c5c2c229609a86c6873ef99561178c034a60ed0 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Fri, 12 Jan 2024 15:08:01 -0500
Subject: [PATCH] Refactored dynamic keyword address creation and firewall rule
 creation to use a loop

---
 .../windows-firewall/dynamic-keywords.md      | 87 +++++--------------
 1 file changed, 23 insertions(+), 64 deletions(-)

diff --git a/windows/security/operating-system-security/network-security/windows-firewall/dynamic-keywords.md b/windows/security/operating-system-security/network-security/windows-firewall/dynamic-keywords.md
index b96be11627..846f2d706f 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/dynamic-keywords.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/dynamic-keywords.md
@@ -192,70 +192,29 @@ This is a sample list of application FQDN evaluation. These were observed when i
 > This is not a complete list nor a recommendation. It's an example of how an application should be evaluated to ensure proper connectivity and function.
 
 ```PowerShell
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = 'ctldl.windowsupdate.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = 'config.edge.skype.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = 'ntp.msn.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = 'edge.microsoft.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = '*.events.data.microsoft.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = 'login.live.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = '*.smartscreen.microsoft.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = '*.msftconnecttest.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = 'assets.msn.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = 'client.wns.windows.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = 'dns.msftncsi.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = '*.microsoft.com'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
- 
-$id = '{' + (new-guid).ToString() + '}'
-$fqdn = 'http://www.microsoft.com/'
-New-NetFirewallDynamicKeywordAddress -id $id -Keyword $fqdn -AutoResolve $true
-New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
+
+
+
 ```
 
 To learn more about Microsoft Edge requirements for Internet connectivity, see [Allow list for Microsoft Edge endpoints](/deployedge/microsoft-edge-security-endpoints).
+
+```PowerShell
+$domains = @(
+    '*.microsoft.com',
+    '*.msftconnecttest.com',
+    'assets.msn.com',
+    'client.wns.windows.com',
+    'config.edge.skype.com',
+    'ctldl.windowsupdate.com',
+    'dns.msftncsi.com',
+    'login.live.com',
+    'ntp.msn.com'
+)
+
+foreach ($fqdn in $domains) {
+    $id = '{' + (New-Guid).ToString() + '}'
+    New-NetFirewallDynamicKeywordAddress -Id $id -Keyword $fqdn -AutoResolve $true
+    New-NetFirewallRule -DisplayName "allow $fqdn" -Action Allow -Direction Outbound -RemoteDynamicKeywordAddresses $id
+}
+```