From 20a4c1d66002f08b5a4306a3449d6301becd93aa Mon Sep 17 00:00:00 2001 From: Zvi Avidor Date: Thu, 4 Oct 2018 12:09:47 +0300 Subject: [PATCH] Suggested fix for isolation --- ...-windows-defender-advanced-threat-protection-new.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md index 604f6fe959..aa65623516 100644 --- a/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md @@ -21,6 +21,9 @@ ms.date: 12/08/2017 Isolates a machine from accessing external network. +>[!Note] +> This page focus on activating machine action via API. See [take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information about response actions functionality via WDATP. + ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md) @@ -29,6 +32,13 @@ Permission type | Permission | Permission display name Application | Machine.Isolate | 'Isolate machine' Delegated (work or school account) | Machine.Isolate | 'Isolate machine' +>[!Note] +> When obtaining a token using user credentials: +>- The user need to have at least the following role permission: 'Active remediation actions' (See [Create and manage roles](user-roles-windows-defender-advanced-threat-protection.md) for more information) +>- The user have access to this machine, based on machine group settings (See [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md) for more information) + + + >[!IMPORTANT] >- Full isolation is available for machines on Windows 10, version 1703. >- Selective isolation is available for machines on Windows 10, version 1709 or later.