I have been asked to implement Jamf to manage the local Firewall - security would like the Firewall to be enabled, user restricted from making changes, and block all incoming connections ASIDE from built in Apple or signed software. I can do this locally by just making sure the right buttons are selected, but when managing this through Jamf there is no way to allow built in Apple software. These services would include AirDrop, AirPlay and hand off from iOS devices to macOS. Jamf has two options: block ALL incoming connections (which prevents AirPlay etc) and "Control incoming connections for specific apps". The second option allows the user to select whether to allow or deny an incoming connection - and the message doesn't convey that the connection they are allowing is actually related to AirPlay, so I foresee a lot of tickets as a result.
I've done googling for this and it looks like this used to be able to be fixed with scripting, but that isn't an option since Monterey dropped. How are y'all managing your Firewall settings with Monterey & Ventura?