From 015716bf98b95387a7028f99d8d6df2f8f26200c Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Sat, 11 Aug 2018 19:07:03 -0700 Subject: [PATCH] finished chnaged to asr links in atp toc --- ... => configure-attack-surface-reduction.md} | 0 .../install-wd-app-guard.md | 35 +++++++++- .../windows-defender-atp/TOC.md | 67 +++++++++---------- 3 files changed, 66 insertions(+), 36 deletions(-) rename windows/security/threat-protection/{configure1.md => configure-attack-surface-reduction.md} (100%) diff --git a/windows/security/threat-protection/configure1.md b/windows/security/threat-protection/configure-attack-surface-reduction.md similarity index 100% rename from windows/security/threat-protection/configure1.md rename to windows/security/threat-protection/configure-attack-surface-reduction.md diff --git a/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md index 037fb26536..2cc2baea7c 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md @@ -1,5 +1,5 @@ --- -title: Prepare and install Windows Defender Application Guard (Windows 10) +title: Enable hardware-based isolation for Microsoft Edge (Windows 10) description: Learn about the Windows Defender Application Guard modes (Standalone or Enterprise-managed) and how to install Application Guard in your enterprise. ms.prod: w10 ms.mktglfcycl: manage @@ -10,7 +10,38 @@ ms.author: justinha ms.date: 10/19/2017 --- -## Prepare to install Windows Defender Application Guard +# Enable hardware-based isolation for Microsoft Edge + +**Applies to:** +- Windows Defender Advanced Threat Protection (Windows Defender ATP) + +## Review system requirements + +>[!NOTE] +>Windows Defender Application Guard is not supported on VMs and VDI environment. For testing and automation on non-production machines, you may enable WDAG on a VM by enabling Hyper-V nested virtualization on the host. + +### Hardware requirements +Your environment needs the following hardware to run Windows Defender Application Guard. + +|Hardware|Description| +|--------|-----------| +|64-bit CPU|A 64-bit computer with minimum 4 cores is required for hypervisor and virtualization-based security (VBS). For more info about Hyper-V, see [Hyper-V on Windows Server 2016](https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/hyper-v-on-windows-server) or [Introduction to Hyper-V on Windows 10](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/about/). For more info about hypervisor, see [Hypervisor Specifications](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs).| +|CPU virtualization extensions|Extended page tables, also called _Second Level Address Translation (SLAT)_

**-AND-**

One of the following virtualization extensions for VBS:

VT-x (Intel)

**-OR-**

AMD-V| +|Hardware memory|Microsoft requires a minimum of 8GB RAM| +|Hard disk|5 GB free space, solid state disk (SSD) recommended| +|Input/Output Memory Management Unit (IOMMU) support|Not required, but strongly recommended| + +### Software requirements +Your environment needs the following software to run Windows Defender Application Guard. + +|Software|Description| +|--------|-----------| +|Operating system|Windows 10 Enterprise edition, version 1709 or higher
Windows 10 Professional edition, version 1803| +|Browser|Microsoft Edge and Internet Explorer| +|Management system
(only for managed devices)|[Microsoft Intune](https://docs.microsoft.com/en-us/intune/)

**-OR-**

[System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/)

**-OR-**

[Group Policy](https://technet.microsoft.com/en-us/library/cc753298(v=ws.11).aspx)

**-OR-**

Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.| + + +## Prepare for Windows Defender Application Guard Before you can install and use Windows Defender Application Guard, you must determine which way you intend to use it in your enterprise. You can use Application Guard in either **Standalone** or **Enterprise-managed** mode. **Standalone mode** diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md index 66f8264b83..71c65edcd0 100644 --- a/windows/security/threat-protection/windows-defender-atp/TOC.md +++ b/windows/security/threat-protection/windows-defender-atp/TOC.md @@ -16,29 +16,15 @@ #### [Access the Windows Defender Security Center Community Center](community-windows-defender-advanced-threat-protection.md) -### [Attack surface reduction](../windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md) -#### [Hardware based isolation](../windows-defender-application-guard/wd-app-guard-overview.md) +### [Attack surface reduction](overview-attack-surface-reduction.md) +#### [Hardware-based isolation](../windows-defender-application-guard/wd-app-guard-overview.md) #### [Application control](../windows-defender-application-control/windows-defender-application-control.md) #### [Exploit protection](../windows-defender-exploit-guard/exploit-protection-exploit-guard.md) - - -##### [Enable Exploit protection](../windows-defender-exploit-guard/enable-exploit-protection.md) -##### [Customize Exploit protection](../windows-defender-exploit-guard/customize-exploit-protection.md) -###### [Import, export, and deploy Exploit protection configurations](../windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md) - -#### [Network Protection](../windows-defender-exploit-guard/network-protection-exploit-guard.md) - -##### [Enable Network Protection](../windows-defender-exploit-guard/enable-network-protection.md) -##### [Troubleshoot Network protection](../windows-defender-exploit-guard/troubleshoot-np.md) +#### [Network protection](../windows-defender-exploit-guard/network-protection-exploit-guard.md) #### [Controlled folder access](../windows-defender-exploit-guard/controlled-folders-exploit-guard.md) +#### [Attack surface reduction](../windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md) +#### [Network firewall](../windows-firewall/windows-firewall-with-advanced-security.md) -##### [Enable Controlled folder access](../windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md) -##### [Customize Controlled folder access](../windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md) - -##### [Enable Attack surface reduction](../windows-defender-exploit-guard/enable-attack-surface-reduction.md) -##### [Customize Attack surface reduction](../windows-defender-exploit-guard/customize-attack-surface-reduction.md) -##### [Troubleshoot Attack surface reduction rules](../windows-defender-exploit-guard/troubleshoot-asr.md) - ### [Next gen protection - Andrea, Chris, Amitai](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md) @@ -192,15 +178,14 @@ ### [Evaluate Windows Defender ATP](../evaluate.md) -#### [Evaluate Attack surface reduction - ASR controls](../windows-defender-exploit-guard/evaluate-attack-surface-reduction.md) -#### [Evaluate Exploit protection](../windows-defender-exploit-guard/evaluate-exploit-protection.md) -#### [Evaluate Network Protection](../windows-defender-exploit-guard/evaluate-network-protection.md) -#### [Evaluate Controlled folder access](../windows-defender-exploit-guard/evaluate-controlled-folder-access.md) +#### [Hardware-based isolation](../windows-defender-application-guard/test-scenarios-wd-app-guard.md) +#### [Application control](../windows-defender-application-control/audit-windows-defender-application-control-policies.md) +#### [Exploit protection](../windows-defender-exploit-guard/evaluate-exploit-protection.md) +#### [Network Protection](../windows-defender-exploit-guard/evaluate-network-protection.md) +#### [Controlled folder access](../windows-defender-exploit-guard/evaluate-controlled-folder-access.md) +#### [Attack surface reduction controls](../windows-defender-exploit-guard/evaluate-attack-surface-reduction.md) #### [Evaluate Windows Defender Antivirus protection](../windows-defender-antivirus/evaluate-windows-defender-antivirus.md) -#### [Evaluate Windows Defender Exploit Guard-rewrite](../windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md) -#### [Use auditing mode to evaluate Windows Defender Exploit Guard](../windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md) -#### [Testing scenarios using Windows Defender Application Guard in your business or organization](../windows-defender-application-guard/test-scenarios-wd-app-guard.md) - + ## [Onboard and configure machines to Windows Defender ATP](../onboard.md) ### [Onboard machines - need to revise this page](onboard-configure-windows-defender-advanced-threat-protection.md) @@ -221,11 +206,20 @@ ##### [Troubleshoot subscription and portal access issues](troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md) -###[Configure Attack surface reduction](../configure1.md) -#### [System requirements for Windows Defender Application Guard](../windows-defender-application-guard/reqs-wd-app-guard.md) -#### [Prepare and install Windows Defender Application Guard](../windows-defender-application-guard/install-wd-app-guard.md) -#### [Configure the Group Policy settings for Windows Defender Application Guard](../windows-defender-application-guard/configure-wd-app-guard.md) - +###[Configure attack surface reduction](../configure-attack-surface-reduction.md) +#### [Hardware-based isolation](../windows-defender-application-guard/install-wd-app-guard.md) +##### [Group Policy settings](../windows-defender-application-guard/configure-wd-app-guard.md) +#### [Exploit protection](../windows-defender-exploit-guard/enable-exploit-protection.md) +##### [Customize exploit protection](../windows-defender-exploit-guard/customize-exploit-protection.md) +##### [Import/export configurations](../windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md) +#### [Network protection](../windows-defender-exploit-guard/enable-network-protection.md) +#### [Controlled folder access](../windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md) +##### [Customize controlled folder access](../windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md) +#### [Attack surface reduction](../windows-defender-exploit-guard/enable-attack-surface-reduction.md) +##### [Customize attack surface reduction](../windows-defender-exploit-guard/customize-attack-surface-reduction.md) +#### [Network firewall](../windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md) + + ### [Configure Next generation protection](../windows-defender-antivirus/configure-windows-defender-antivirus-features.md) @@ -307,10 +301,9 @@ ##Troubleshoot Windows Defender ATP -### [Review AV/NEXT GEN event logs and error codes to troubleshoot issues - Amitai, etc](../windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md) -## Troubleshoot sensor state +###Troubleshoot sensor state ### [Check sensor state](check-sensor-status-windows-defender-advanced-threat-protection.md) ### [Fix unhealthy sensors](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md) ### [Inactive machines](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#inactive-machines) @@ -320,6 +313,12 @@ ### [Troubleshoot Windows Defender ATP service issues](troubleshoot-windows-defender-advanced-threat-protection.md) #### [Check service health](service-status-windows-defender-advanced-threat-protection.md) +###Troubleshoot attack surface reduction +#### [Network protection](../windows-defender-exploit-guard/troubleshoot-np.md) +#### [Attack surface reduction rules](../windows-defender-exploit-guard/troubleshoot-asr.md) + +###Troubleshoot next generation protection +#### [Review events and error codes](../windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md)