From 2323574fbea8a42ef215d2c9710c3e8c4e20a6a3 Mon Sep 17 00:00:00 2001 From: Oludele0315 <79658488+Oludele0315@users.noreply.github.com> Date: Wed, 17 Mar 2021 16:05:45 -0700 Subject: [PATCH] Update network-protection.md @denisebmsft --- .../network-protection.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md index 7ff00a13e3..85615d9896 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md @@ -88,6 +88,23 @@ This procedure creates a custom view that filters to only show the following eve | 1125 | Event when network protection fires in audit mode | | 1126 | Event when network protection fires in block mode | + +## Considerations for Windows virtual desktop running Windows 10 Enterprise Multi-Session +Due to the multi-user nature of this operating system, please observe the following: + +1. Network Protection is a machine-wide feature and cannot be targeted to specific user (sessions). +2. This applies to Web content filtering policies as well. +3. If differentiation between user groups is required, consider creating separate Windows Virtual Desktop host pools and assignments. +4. Test Network Protection in audit mode to test behavior before blocking. +5. Due to the multi-user nature, you may consider resizing your deployment accordingly. + +Alternative option: +For Windows 10 Enterprise Multi-Session 1909 and up, used in Windows Virtual Desktop on Azure, Network protection for Microsoft Edge can be enabled using the following method: + +1. Use Turn on network protection - Windows security | Microsoft Docs and follow the instructions to apply your policy +2. Execute the following PowerShell command: Set-MpPreference -AllowNetworkProtectionOnWinServer 1 + + ## Related articles - [Evaluate network protection](evaluate-network-protection.md) | Undertake a quick scenario that demonstrates how the feature works, and what events would typically be created.