From b3aebafb7941a177789ff9c6e5b9130043d7965c Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Tue, 10 Sep 2024 15:51:10 -0600 Subject: [PATCH 01/23] WDAC --> App Control for Business --- ...blishing.redirection.windows-security.json | 4595 ++++++++++------- .../appcontrol-appid-tagging-guide.md} | 0 ...perational-guide-appid-tagging-policies.md | 0 .../deploy-appid-tagging-policies.md | 6 +- .../design-create-appid-tagging-policies.md | 12 +- .../TOC.yml | 84 +- .../appcontrol-and-applocker-overview.md} | 2 +- .../appcontrol.md} | 10 +- ...ged-apps-to-existing-applocker-rule-set.md | 0 .../applocker/administer-applocker.md | 0 .../applocker-architecture-and-components.md | 0 .../applocker/applocker-functions.md | 0 .../applocker/applocker-overview.md | 0 .../applocker-policies-deployment-guide.md | 0 .../applocker-policies-design-guide.md | 2 +- .../applocker-policy-use-scenarios.md | 0 .../applocker-processes-and-interactions.md | 2 +- .../applocker-technical-reference.md | 0 ...gure-an-applocker-policy-for-audit-only.md | 0 ...e-an-applocker-policy-for-enforce-rules.md | 0 ...figure-exceptions-for-an-applocker-rule.md | 0 ...onfigure-the-appLocker-reference-device.md | 0 ...figure-the-application-identity-service.md | 0 .../create-a-rule-for-packaged-apps.md | 0 ...-a-rule-that-uses-a-file-hash-condition.md | 0 ...reate-a-rule-that-uses-a-path-condition.md | 0 ...-a-rule-that-uses-a-publisher-condition.md | 0 .../create-applocker-default-rules.md | 0 ...cations-deployed-to-each-business-group.md | 4 +- .../create-your-applocker-policies.md | 2 +- .../applocker/create-your-applocker-rules.md | 0 .../applocker/delete-an-applocker-rule.md | 0 ...cies-by-using-the-enforce-rules-setting.md | 4 +- ...oy-the-applocker-policy-into-production.md | 0 ...p-policy-structure-and-rule-enforcement.md | 2 +- ...igitally-signed-on-a-reference-computer.md | 0 ...-users-try-to-run-a-blocked-application.md | 0 .../applocker/dll-rules-in-applocker.md | 0 ...tructure-and-applocker-rule-enforcement.md | 2 +- .../document-your-application-list.md | 0 .../document-your-applocker-rules.md | 0 .../applocker/edit-an-applocker-policy.md | 0 .../applocker/edit-applocker-rules.md | 0 .../enable-the-dll-rule-collection.md | 0 .../applocker/enforce-applocker-rules.md | 0 .../executable-rules-in-applocker.md | 0 .../export-an-applocker-policy-from-a-gpo.md | 0 ...port-an-applocker-policy-to-an-xml-file.md | 0 .../applocker/how-applocker-works-techref.md | 0 .../images/applocker-plan-inheritance.gif | Bin .../applocker-plandeploy-quickreference.gif | Bin .../applocker/images/blockedappmsg.gif | Bin ...-applocker-policy-from-another-computer.md | 0 .../import-an-applocker-policy-into-a-gpo.md | 0 .../applocker/maintain-applocker-policies.md | 0 .../manage-packaged-apps-with-applocker.md | 0 ...r-policies-by-using-set-applockerpolicy.md | 0 .../merge-applocker-policies-manually.md | 0 ...onitor-application-usage-with-applocker.md | 0 .../optimize-applocker-performance.md | 0 ...ckaged-app-installer-rules-in-applocker.md | 0 .../plan-for-applocker-policy-management.md | 4 +- .../applocker/refresh-an-applocker-policy.md | 0 ...ements-for-deploying-applocker-policies.md | 0 .../requirements-to-use-applocker.md | 0 .../applocker/rule-collection-extensions.md | 0 ...the-automatically-generate-rules-wizard.md | 0 .../applocker/script-rules-in-applocker.md | 0 .../security-considerations-for-applocker.md | 0 .../select-types-of-rules-to-create.md | 0 ...er-policy-by-using-test-applockerpolicy.md | 0 .../test-and-update-an-applocker-policy.md | 0 .../applocker/tools-to-use-with-applocker.md | 0 ...stand-applocker-policy-design-decisions.md | 0 ...ent-setting-inheritance-in-group-policy.md | 0 ...the-applocker-policy-deployment-process.md | 0 ...plocker-allow-and-deny-actions-on-rules.md | 0 .../understanding-applocker-default-rules.md | 0 .../understanding-applocker-rule-behavior.md | 0 ...nderstanding-applocker-rule-collections.md | 0 ...standing-applocker-rule-condition-types.md | 0 ...understanding-applocker-rule-exceptions.md | 0 ...e-file-hash-rule-condition-in-applocker.md | 0 ...ng-the-path-rule-condition-in-applocker.md | 0 ...e-publisher-rule-condition-in-applocker.md | 0 ...-create-and-maintain-applocker-policies.md | 0 ...he-applocker-windows-powershell-cmdlets.md | 0 .../using-event-viewer-with-applocker.md | 0 .../applocker/what-is-applocker.md | 0 .../windows-installer-rules-in-applocker.md | 0 .../working-with-applocker-policies.md | 0 .../applocker/working-with-applocker-rules.md | 0 .../appcontrol-deployment-guide.md} | 12 +- .../deployment/audit-appcontrol-policies.md} | 8 +- ...reate-code-signing-cert-for-appcontrol.md} | 2 +- ...appcontrol-policies-using-group-policy.md} | 4 +- ...eploy-appcontrol-policies-using-intune.md} | 6 +- .../deploy-appcontrol-policies-with-memcm.md} | 22 +- ...deploy-appcontrol-policies-with-script.md} | 0 ...oy-catalog-files-to-support-appcontrol.md} | 4 +- .../disable-appcontrol-policies.md} | 2 +- .../enforce-appcontrol-policies.md} | 6 +- .../deployment/merge-appcontrol-policies.md} | 6 +- ...gning-for-better-control-and-protection.md | 4 +- ...o-protect-appcontrol-against-tampering.md} | 6 +- ...ject-registration-in-appcontrol-policy.md} | 0 .../design/appcontrol-and-dotnet.md} | 0 .../design/appcontrol-design-guide.md} | 10 +- .../appcontrol-wizard-create-base-policy.md} | 18 +- ...trol-wizard-create-supplemental-policy.md} | 20 +- .../appcontrol-wizard-editing-policy.md} | 8 +- .../appcontrol-wizard-merging-policies.md} | 4 +- .../appcontrol-wizard-parsing-event-logs.md} | 12 +- .../design/appcontrol-wizard.md} | 8 +- ...pplications-that-can-bypass-appcontrol.md} | 2 +- .../design/common-appcontrol-use-cases.md} | 2 +- ...-apps-deployed-with-a-managed-installer.md | 4 +- .../design/create-appcontrol-deny-policy.md} | 4 +- ...ntrol-policy-for-fully-managed-devices.md} | 12 +- ...rol-policy-for-lightly-managed-devices.md} | 12 +- ...ontrol-policy-using-reference-computer.md} | 4 +- .../deploy-multiple-appcontrol-policies.md} | 0 .../example-appcontrol-base-policies.md} | 2 +- .../manage-packaged-apps-with-appcontrol.md} | 4 +- ...icrosoft-recommended-driver-block-rules.md | 0 .../design/plan-appcontrol-management.md} | 4 +- .../design/script-enforcement.md | 0 .../design/select-types-of-rules-to-create.md | 2 +- ...and-appcontrol-policy-design-decisions.md} | 8 +- ...derstanding-appcontrol-policy-settings.md} | 0 ...-specific-plug-ins-add-ins-and-modules.md} | 0 ...ontrol-with-intelligent-security-graph.md} | 2 +- .../feature-availability.md | 2 +- .../images/appcontrol-edit-gp.png} | Bin .../appcontrol-intune-custom-oma-uri.png} | Bin ...zard-confirm-base-policy-modification.png} | Bin ...rol-wizard-custom-file-attribute-rule.png} | Bin ...control-wizard-custom-manual-pfn-rule.png} | Bin .../appcontrol-wizard-custom-pfn-rule.png} | Bin ...pcontrol-wizard-custom-publisher-rule.png} | Bin .../appcontrol-wizard-edit-policy-rules.png} | Bin ...pcontrol-wizard-edit-remove-file-rule.png} | Bin ...ntrol-wizard-event-log-files-expanded.png} | Bin .../appcontrol-wizard-event-log-files.png} | Bin ...zard-event-log-mde-ah-export-expanded.png} | Bin ...ontrol-wizard-event-log-mde-ah-export.png} | Bin ...ard-event-log-mde-ah-parsing-expanded.png} | Bin ...ntrol-wizard-event-log-mde-ah-parsing.png} | Bin ...trol-wizard-event-log-system-expanded.png} | Bin .../appcontrol-wizard-event-log-system.png} | Bin ...l-wizard-event-rule-creation-expanded.png} | Bin ...appcontrol-wizard-event-rule-creation.png} | Bin .../images/appcontrol-wizard-merge.png} | Bin ...rd-rule-options-UI-advanced-collapsed.png} | Bin .../appcontrol-wizard-rule-options-UI.png} | Bin ...ontrol-wizard-supplemental-expandable.png} | Bin ...pcontrol-wizard-supplemental-not-base.png} | Bin ...d-supplemental-policy-rule-options-UI.png} | Bin .../appcontrol-wizard-template-selection.png} | Bin .../images/appid-appcontrol-wizard-1.png} | Bin .../images/appid-appcontrol-wizard-2.png} | Bin .../images/appid-pid-task-mgr.png | Bin .../images/appid-pid-windbg-token.png | Bin .../images/appid-pid-windbg.png | Bin .../images/bit-toggling-keyboard-icon.png | Bin .../images/calculator-menu-icon.png | Bin .../images/calculator-with-hex-in-binary.png | Bin .../images/dg-fig12-verifysigning.png | Bin .../images/dg-fig13-createnewgpo.png | Bin .../images/dg-fig14-createnewfile.png | Bin .../images/dg-fig15-setnewfileprops.png | Bin .../images/dg-fig16-specifyinfo.png | Bin .../images/dg-fig17-specifyinfo.png | Bin .../images/dg-fig18-specifyux.png | Bin .../images/dg-fig19-customsettings.png | Bin .../images/dg-fig20-setsoftwareinv.png | Bin .../images/dg-fig21-pathproperties.png | Bin .../images/dg-fig23-exceptionstocode.png | Bin .../images/dg-fig24-creategpo.png | Bin .../images/dg-fig26-enablecode.png | Bin .../images/dg-fig27-managecerttemp.png | Bin .../images/dg-fig29-enableconstraints.png | Bin .../images/dg-fig30-selectnewcert.png | Bin .../images/dg-fig31-getmoreinfo.png | Bin .../images/event-3077.png | Bin .../images/event-3089.png | Bin .../images/event-3099-options.png | Bin .../images/hex-icon.png | Bin .../images/known-issue-appid-dll-rule-xml.png | Bin .../images/known-issue-appid-dll-rule.png | Bin .../memcm/memcm-confirm-appcontrol-rule.jpg} | Bin .../memcm-create-appcontrol-policy-2.jpg} | Bin .../memcm/memcm-create-appcontrol-policy.jpg} | Bin .../memcm/memcm-create-appcontrol-rule-2.jpg} | Bin .../memcm/memcm-create-appcontrol-rule-3.jpg} | Bin .../memcm/memcm-create-appcontrol-rule.jpg} | Bin .../memcm/memcm-deploy-appcontrol-2.jpg} | Bin .../memcm/memcm-deploy-appcontrol-3.jpg} | Bin .../memcm/memcm-deploy-appcontrol-4.jpg} | Bin .../images/memcm/memcm-deploy-appcontrol.jpg} | Bin .../images/policyflow.png | Bin .../index.yml | 50 +- ...pcontrol-debugging-and-troubleshooting.md} | 2 +- .../appcontrol-operational-guide.md} | 0 .../operations/citool-commands.md | 0 ...configure-appcontrol-managed-installer.md} | 0 .../operations/event-id-explanations.md | 2 +- .../operations/event-tag-explanations.md | 0 .../operations/inbox-appcontrol-policies.md} | 0 .../operations/known-issues.md | 2 +- ...events-centrally-using-advanced-hunting.md | 0 ...nd-windows-defender-application-control.md | 2 +- .../application-control/toc.yml | 7 +- .../windows-firewall/rules.md | 2 +- ...iew-of-threat-mitigations-in-windows-10.md | 2 +- 215 files changed, 2855 insertions(+), 2171 deletions(-) rename windows/security/application-security/application-control/{windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md => app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/AppIdTagging/deploy-appid-tagging-policies.md (87%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/AppIdTagging/design-create-appid-tagging-policies.md (92%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/TOC.yml (85%) rename windows/security/application-security/application-control/{windows-defender-application-control/wdac-and-applocker-overview.md => app-control-for-business/appcontrol-and-applocker-overview.md} (98%) rename windows/security/application-security/application-control/{windows-defender-application-control/wdac.md => app-control-for-business/appcontrol.md} (84%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/administer-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/applocker-architecture-and-components.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/applocker-functions.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/applocker-overview.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/applocker-policies-deployment-guide.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/applocker-policies-design-guide.md (91%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/applocker-policy-use-scenarios.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/applocker-processes-and-interactions.md (98%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/applocker-technical-reference.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/configure-an-applocker-policy-for-audit-only.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/configure-an-applocker-policy-for-enforce-rules.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/configure-exceptions-for-an-applocker-rule.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/configure-the-appLocker-reference-device.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/configure-the-application-identity-service.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/create-a-rule-for-packaged-apps.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/create-a-rule-that-uses-a-file-hash-condition.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/create-a-rule-that-uses-a-path-condition.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/create-a-rule-that-uses-a-publisher-condition.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/create-applocker-default-rules.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/create-list-of-applications-deployed-to-each-business-group.md (97%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/create-your-applocker-policies.md (97%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/create-your-applocker-rules.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/delete-an-applocker-rule.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md (92%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/deploy-the-applocker-policy-into-production.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/determine-group-policy-structure-and-rule-enforcement.md (88%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/dll-rules-in-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md (96%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/document-your-application-list.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/document-your-applocker-rules.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/edit-an-applocker-policy.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/edit-applocker-rules.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/enable-the-dll-rule-collection.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/enforce-applocker-rules.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/executable-rules-in-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/export-an-applocker-policy-from-a-gpo.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/export-an-applocker-policy-to-an-xml-file.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/how-applocker-works-techref.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/images/applocker-plan-inheritance.gif (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/images/applocker-plandeploy-quickreference.gif (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/images/blockedappmsg.gif (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/import-an-applocker-policy-from-another-computer.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/import-an-applocker-policy-into-a-gpo.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/maintain-applocker-policies.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/manage-packaged-apps-with-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/merge-applocker-policies-manually.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/monitor-application-usage-with-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/optimize-applocker-performance.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/plan-for-applocker-policy-management.md (99%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/refresh-an-applocker-policy.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/requirements-for-deploying-applocker-policies.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/requirements-to-use-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/rule-collection-extensions.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/run-the-automatically-generate-rules-wizard.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/script-rules-in-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/security-considerations-for-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/select-types-of-rules-to-create.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/test-and-update-an-applocker-policy.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/tools-to-use-with-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understand-applocker-policy-design-decisions.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understand-the-applocker-policy-deployment-process.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understanding-applocker-default-rules.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understanding-applocker-rule-behavior.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understanding-applocker-rule-collections.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understanding-applocker-rule-condition-types.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understanding-applocker-rule-exceptions.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understanding-the-file-hash-rule-condition-in-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understanding-the-path-rule-condition-in-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/understanding-the-publisher-rule-condition-in-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/use-the-applocker-windows-powershell-cmdlets.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/using-event-viewer-with-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/what-is-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/windows-installer-rules-in-applocker.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/working-with-applocker-policies.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/applocker/working-with-applocker-rules.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/wdac-deployment-guide.md => app-control-for-business/deployment/appcontrol-deployment-guide.md} (87%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/audit-wdac-policies.md => app-control-for-business/deployment/audit-appcontrol-policies.md} (91%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/create-code-signing-cert-for-wdac.md => app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md} (99%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy.md => app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md} (98%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/deploy-wdac-policies-using-intune.md => app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md} (96%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md => app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md} (88%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md => app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac.md => app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md} (99%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/disable-wdac-policies.md => app-control-for-business/deployment/disable-appcontrol-policies.md} (99%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/enforce-wdac-policies.md => app-control-for-business/deployment/enforce-appcontrol-policies.md} (89%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/merge-wdac-policies.md => app-control-for-business/deployment/merge-appcontrol-policies.md} (93%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/deployment/use-code-signing-for-better-control-and-protection.md (97%) rename windows/security/application-security/application-control/{windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering.md => app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md} (95%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy.md => app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy.md} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/wdac-and-dotnet.md => app-control-for-business/design/appcontrol-and-dotnet.md} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/wdac-design-guide.md => app-control-for-business/design/appcontrol-design-guide.md} (71%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/wdac-wizard-create-base-policy.md => app-control-for-business/design/appcontrol-wizard-create-base-policy.md} (93%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/wdac-wizard-create-supplemental-policy.md => app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md} (85%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/wdac-wizard-editing-policy.md => app-control-for-business/design/appcontrol-wizard-editing-policy.md} (92%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/wdac-wizard-merging-policies.md => app-control-for-business/design/appcontrol-wizard-merging-policies.md} (92%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md => app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md} (89%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/wdac-wizard.md => app-control-for-business/design/appcontrol-wizard.md} (73%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/applications-that-can-bypass-wdac.md => app-control-for-business/design/applications-that-can-bypass-appcontrol.md} (99%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/common-wdac-use-cases.md => app-control-for-business/design/common-appcontrol-use-cases.md} (98%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/design/configure-authorized-apps-deployed-with-a-managed-installer.md (99%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/create-wdac-deny-policy.md => app-control-for-business/design/create-appcontrol-deny-policy.md} (97%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices.md => app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md} (88%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices.md => app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md} (92%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/create-wdac-policy-using-reference-computer.md => app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md} (96%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/deploy-multiple-wdac-policies.md => app-control-for-business/design/deploy-multiple-appcontrol-policies.md} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/example-wdac-base-policies.md => app-control-for-business/design/example-appcontrol-base-policies.md} (95%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/manage-packaged-apps-with-wdac.md => app-control-for-business/design/manage-packaged-apps-with-appcontrol.md} (97%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/design/microsoft-recommended-driver-block-rules.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/plan-wdac-management.md => app-control-for-business/design/plan-appcontrol-management.md} (93%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/design/script-enforcement.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/design/select-types-of-rules-to-create.md (99%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/understand-wdac-policy-design-decisions.md => app-control-for-business/design/understand-appcontrol-policy-design-decisions.md} (88%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/understanding-wdac-policy-settings.md => app-control-for-business/design/understanding-appcontrol-policy-settings.md} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md => app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/design/use-wdac-with-intelligent-security-graph.md => app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md} (98%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/feature-availability.md (85%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-edit-gp.png => app-control-for-business/images/appcontrol-edit-gp.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-intune-custom-oma-uri.png => app-control-for-business/images/appcontrol-intune-custom-oma-uri.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-confirm-base-policy-modification.png => app-control-for-business/images/appcontrol-wizard-confirm-base-policy-modification.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-custom-file-attribute-rule.png => app-control-for-business/images/appcontrol-wizard-custom-file-attribute-rule.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-custom-manual-pfn-rule.png => app-control-for-business/images/appcontrol-wizard-custom-manual-pfn-rule.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-custom-pfn-rule.png => app-control-for-business/images/appcontrol-wizard-custom-pfn-rule.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-custom-publisher-rule.png => app-control-for-business/images/appcontrol-wizard-custom-publisher-rule.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-edit-policy-rules.png => app-control-for-business/images/appcontrol-wizard-edit-policy-rules.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-edit-remove-file-rule.png => app-control-for-business/images/appcontrol-wizard-edit-remove-file-rule.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-event-log-files-expanded.png => app-control-for-business/images/appcontrol-wizard-event-log-files-expanded.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-event-log-files.png => app-control-for-business/images/appcontrol-wizard-event-log-files.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-export-expanded.png => app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-export-expanded.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-export.png => app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-export.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-parsing-expanded.png => app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-parsing-expanded.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-parsing.png => app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-parsing.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-event-log-system-expanded.png => app-control-for-business/images/appcontrol-wizard-event-log-system-expanded.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-event-log-system.png => app-control-for-business/images/appcontrol-wizard-event-log-system.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-event-rule-creation-expanded.png => app-control-for-business/images/appcontrol-wizard-event-rule-creation-expanded.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-event-rule-creation.png => app-control-for-business/images/appcontrol-wizard-event-rule-creation.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-merge.png => app-control-for-business/images/appcontrol-wizard-merge.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-rule-options-UI-advanced-collapsed.png => app-control-for-business/images/appcontrol-wizard-rule-options-UI-advanced-collapsed.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-rule-options-UI.png => app-control-for-business/images/appcontrol-wizard-rule-options-UI.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-supplemental-expandable.png => app-control-for-business/images/appcontrol-wizard-supplemental-expandable.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-supplemental-not-base.png => app-control-for-business/images/appcontrol-wizard-supplemental-not-base.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-supplemental-policy-rule-options-UI.png => app-control-for-business/images/appcontrol-wizard-supplemental-policy-rule-options-UI.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/wdac-wizard-template-selection.png => app-control-for-business/images/appcontrol-wizard-template-selection.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/appid-wdac-wizard-1.png => app-control-for-business/images/appid-appcontrol-wizard-1.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/appid-wdac-wizard-2.png => app-control-for-business/images/appid-appcontrol-wizard-2.png} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/appid-pid-task-mgr.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/appid-pid-windbg-token.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/appid-pid-windbg.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/bit-toggling-keyboard-icon.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/calculator-menu-icon.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/calculator-with-hex-in-binary.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig12-verifysigning.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig13-createnewgpo.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig14-createnewfile.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig15-setnewfileprops.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig16-specifyinfo.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig17-specifyinfo.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig18-specifyux.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig19-customsettings.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig20-setsoftwareinv.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig21-pathproperties.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig23-exceptionstocode.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig24-creategpo.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig26-enablecode.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig27-managecerttemp.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig29-enableconstraints.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig30-selectnewcert.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/dg-fig31-getmoreinfo.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/event-3077.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/event-3089.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/event-3099-options.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/hex-icon.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/known-issue-appid-dll-rule-xml.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/known-issue-appid-dll-rule.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/memcm/memcm-confirm-wdac-rule.jpg => app-control-for-business/images/memcm/memcm-confirm-appcontrol-rule.jpg} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/memcm/memcm-create-wdac-policy-2.jpg => app-control-for-business/images/memcm/memcm-create-appcontrol-policy-2.jpg} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/memcm/memcm-create-wdac-policy.jpg => app-control-for-business/images/memcm/memcm-create-appcontrol-policy.jpg} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/memcm/memcm-create-wdac-rule-2.jpg => app-control-for-business/images/memcm/memcm-create-appcontrol-rule-2.jpg} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/memcm/memcm-create-wdac-rule-3.jpg => app-control-for-business/images/memcm/memcm-create-appcontrol-rule-3.jpg} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/memcm/memcm-create-wdac-rule.jpg => app-control-for-business/images/memcm/memcm-create-appcontrol-rule.jpg} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/memcm/memcm-deploy-wdac-2.jpg => app-control-for-business/images/memcm/memcm-deploy-appcontrol-2.jpg} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/memcm/memcm-deploy-wdac-3.jpg => app-control-for-business/images/memcm/memcm-deploy-appcontrol-3.jpg} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/memcm/memcm-deploy-wdac-4.jpg => app-control-for-business/images/memcm/memcm-deploy-appcontrol-4.jpg} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/images/memcm/memcm-deploy-wdac.jpg => app-control-for-business/images/memcm/memcm-deploy-appcontrol.jpg} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/images/policyflow.png (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/index.yml (69%) rename windows/security/application-security/application-control/{windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md => app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md} (99%) rename windows/security/application-security/application-control/{windows-defender-application-control/operations/wdac-operational-guide.md => app-control-for-business/operations/appcontrol-operational-guide.md} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/operations/citool-commands.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/operations/configure-wdac-managed-installer.md => app-control-for-business/operations/configure-appcontrol-managed-installer.md} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/operations/event-id-explanations.md (99%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/operations/event-tag-explanations.md (100%) rename windows/security/application-security/application-control/{windows-defender-application-control/operations/inbox-wdac-policies.md => app-control-for-business/operations/inbox-appcontrol-policies.md} (100%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/operations/known-issues.md (99%) rename windows/security/application-security/application-control/{windows-defender-application-control => app-control-for-business}/operations/querying-application-control-events-centrally-using-advanced-hunting.md (100%) diff --git a/.openpublishing.redirection.windows-security.json b/.openpublishing.redirection.windows-security.json index fc3a796e95..bcbf7f307d 100644 --- a/.openpublishing.redirection.windows-security.json +++ b/.openpublishing.redirection.windows-security.json @@ -15,21 +15,6 @@ "redirect_url": "/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md", - "redirect_url": "/windows/security/operating-system-security/device-management/override-mitigation-options-for-app-related-security-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md", - "redirect_url": "/windows/security/operating-system-security/device-management/block-untrusted-fonts-in-enterprise", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md", - "redirect_url": "/windows/security/operating-system-security/device-management/use-windows-event-forwarding-to-assist-in-intrusion-detection", - "redirect_document_id": false - }, { "source_path": "windows/security//threat-protection/mbsa-removal-and-guidance.md", "redirect_url": "/windows/security/operating-system-security/device-management/windows-security-configuration-framework/mbsa-removal-and-guidance", @@ -55,11 +40,6 @@ "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview", "redirect_document_id": false }, - { - "source_path": "windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-browser-extension.md", - "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview", - "redirect_document_id": false - }, { "source_path": "windows/security//threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md", "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview", @@ -100,16 +80,741 @@ "redirect_url": "/windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines", "redirect_document_id": false }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-your-application-control-objectives.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/rule-collection-extensions.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules#enforcement-modes", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/LOB-win32-apps-on-s.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/deployment/s-mode/wdac-allow-lob-win32-apps", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/deploy-multiple-wdac-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol", + "redirect_document_id": false + }, { "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules.md", "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac", "redirect_document_id": false }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/understanding-wdac-policy-settings.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/feature-availability.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/feature-availability", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/index.yml", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/index", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/citool-commands.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/configure-wdac-managed-installer.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/event-tag-explanations.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/inbox-wdac-policies.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/known-issues", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/querying-application-control-events-centrally-using-advanced-hunting.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-operational-guide.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/wdac.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/appcontrol", + "redirect_document_id": false + }, + { + "source_path": "windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-browser-extension.md", + "redirect_url": "/windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview", + "redirect_document_id": false + }, { "source_path": "windows/security/apps.md", "redirect_url": "/windows/security/application-security", "redirect_document_id": false }, + { + "source_path": "windows/security/cloud-security/index.md", + "redirect_url": "/windows/security/cloud-services", + "redirect_document_id": false + }, { "source_path": "windows/security/cloud.md", "redirect_url": "/windows/security", @@ -260,36 +965,221 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/configure-s-mime", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/credential-guard/credential-guard-considerations.md", + "redirect_url": "/windows/security/identity-protection/credential-guard/considerations-known-issues", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md", + "redirect_url": "/windows/security/identity-protection/credential-guard/how-it-works", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/credential-guard/credential-guard-known-issues.md", + "redirect_url": "/windows/security/identity-protection/credential-guard/considerations-known-issues", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/credential-guard/credential-guard-manage.md", + "redirect_url": "/windows/security/identity-protection/credential-guard/configure", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md", "redirect_url": "/windows/security/identity-protection/credential-guard/credential-guard-protection-limits", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md", + "redirect_url": "/windows/security/identity-protection/credential-guard/how-it-works", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/credential-guard/credential-guard-requirements.md", + "redirect_url": "/windows/security/identity-protection/credential-guard/index", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/credential-guard/credential-guard-scripts.md", "redirect_url": "/windows/security", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/credential-guard/credential-guard.md", + "redirect_url": "/windows/security/identity-protection/credential-guard", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/credential-guard/dg-readiness-tool.md", "redirect_url": "/windows/security/identity-protection/credential-guard/credential-guard", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/deploy/cloud.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud-only", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust-enroll.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-mfa.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/deploy/requirements.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/multifactor-unlock", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md", + "redirect_url": "/windows-server/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-and-password-changes.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-ad-prereq.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-guide.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-key-trust.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/rdp-sign-in", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-event-300.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-faq", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-faq.yml", + "redirect_url": "/windows/security/identity-protection/hello-for-business/faq", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-conditional-access.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-faq", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-dual-enrollment.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/dual-enrollment", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/pin-reset", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/rdp-sign-in", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works-authentication", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-device-registration.md", "redirect_url": "/azure/active-directory/devices/device-registration-how-it-works", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works-provisioning", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso", @@ -310,11 +1200,31 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-validate-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-ad.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", @@ -335,6 +1245,16 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust-provision.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works#provisioning", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust", @@ -360,6 +1280,21 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-provision.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-enroll", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-validate-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-pki", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", @@ -390,16 +1325,76 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-identity-verification.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/requirements", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-ad-prereq.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-mfa", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/policy-settings", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-overview.md", "redirect_url": "/windows/security/identity-protection/hello-for-business", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-planning-guide.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/prepare-users", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-videos.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key.md", "redirect_url": "/azure/active-directory/authentication/howto-authentication-passwordless-security-key", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/passwordless-strategy.md", + "redirect_url": "/windows/security/identity-protection/passwordless-strategy/", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/reset-security-key.md", "redirect_url": "/azure/active-directory/authentication/howto-authentication-passwordless-security-key", @@ -850,11 +1845,41 @@ "redirect_url": "/windows/security/hardware-security/tpm/trusted-platform-module-top-node", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/app-behavior-with-wip", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/collect-wip-audit-event-logs", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure", @@ -865,16 +1890,86 @@ "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/guidance-and-best-practices-wip", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/how-to-disable-wip.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/how-to-disable-wip", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/guidance-and-best-practices-wip", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/windows-information-protection/limitations-with-wip.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/limitations-with-wip", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/mandatory-settings-for-wip", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/overview-create-wip-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/testing-scenarios-for-wip", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/using-owa-with-wip.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/using-owa-with-wip", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/wip-app-enterprise-context", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/windows-information-protection/wip-learning.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/wip-learning", + "redirect_document_id": false + }, { "source_path": "windows/security/introduction/index.md", "redirect_url": "/windows/security/introduction", @@ -895,21 +1990,61 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq", "redirect_document_id": false }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-basic-deployment.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-countermeasures.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/countermeasures", + "redirect_document_id": false + }, { "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq", "redirect_document_id": false }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-comparison.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure#bitlocker-policy-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker#device-encryption", + "redirect_document_id": false + }, { "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-frequently-asked-questions.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq", "redirect_document_id": false }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-group-policy-settings.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure#$bitlocker-policy-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/install-server", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/network-unlock", + "redirect_document_id": false + }, { "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-key-management-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq", "redirect_document_id": false }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-management-for-enterprises.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure", + "redirect_document_id": false + }, { "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-network-unlock-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq", @@ -920,6 +2055,11 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq", "redirect_document_id": false }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-recovery-guide-plan.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview", + "redirect_document_id": false + }, { "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-security-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq", @@ -935,16 +2075,636 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq", "redirect_document_id": false }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/operations-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/recovery-process#bitlocker-recovery-password-viewer", + "redirect_document_id": false + }, { "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/faq", "redirect_document_id": false }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/plan", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/csv-san", + "redirect_document_id": false + }, { "source_path": "windows/security/operating-system-security/data-protection/index.md", "redirect_url": "/windows/security/operating-system-security/#data-protection", "redirect_document_id": false }, + { + "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/configure-pde-in-intune.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/faq-pde.yml", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/faq", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/includes/pde-description.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-arso.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-hibernation.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-memory-dumps.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-password-connected-standby.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-wer.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-enable-pde.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall-with-advanced-security-administration-with-windows-powershell.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717262(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717263(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770289(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/assign-security-group-filters-to-the-gpo.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717260(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/basic-firewall-policy-design.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721530(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/best-practices-configuring.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/boundary-zone-gpos.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770729(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/boundary-zone.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725978(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design-example.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771822(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731463(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/change-rules-from-request-to-require-mode.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717237(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-basic-firewall-settings.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947845(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947794(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947848(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947836(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947800(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947783(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-group-policy-objects.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947791(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-inbound-firewall-rules.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947799(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-outbound-firewall-rules.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947827(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947819(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717261(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717238(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717284(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717277(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-authentication-methods.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717279(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-data-protection-quick-mode-settings.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717293(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717253(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-key-exchange-main-mode-settings.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717249(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-rules-to-require-encryption.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717270(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-logging", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-workstation-authentication-certificate-template.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717275(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717278(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/confirm-that-certificates-are-deployed-correctly.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717245(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717246(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-a-group-account-in-active-directory.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717247(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-a-group-policy-object.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717274(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-exemption-list-rule.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717243(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-request-rule.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717283(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-icmp-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-port-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-program-or-service-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-port-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-program-or-service-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-inbound-rules-to-support-rpc.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717288(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753540(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/documenting-the-zones.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753825(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design-example.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732933(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725818(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-inbound-rules.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717281(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-outbound-rules.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717259(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/encryption-zone-gpos.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770426(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/encryption-zone.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753367(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/exempt-icmp-from-authentication.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717292(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/exemption-list.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732202(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-gpos.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771233(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-policy-design-example.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731164(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-settings-lost-on-upgrade.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-active-directory-deployment.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771366(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-current-network-infrastructure.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770899(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-devices.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc726039(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-other-relevant-information.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771791(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-the-information-you-need.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731454(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-boundary.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770565(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-encryption.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc754085(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-firewall.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731123(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-clients.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770836(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-servers.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731908(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732023(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717256(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolated-domain-gpos.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731447(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolated-domain.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731788(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolating-apps-on-your-network.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831418(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/link-the-gpo-to-the-domain.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717264(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721532(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717265(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717290(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717269(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717266(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-windows-firewall-with-advanced-security.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717254(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-certificate-based-authentication.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc730835(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-domain-isolation-zones.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771044(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-gpo-deployment.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771733(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732752(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-isolation-groups-for-the-zones.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725693(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-network-access-groups.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771664(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-server-isolation-zones.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732615(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-settings-for-a-basic-firewall-policy.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc754986(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-the-gpos.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771716(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947826(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc730841(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/protect-devices-from-unwanted-network-traffic.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc772556(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770865(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-specified-users-or-devices.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753064(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-trusted-devices.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725659(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-server-access-to-members-of-a-group-only.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717267(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831807(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-gpos.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732486(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design-example.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732413(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721528(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717251(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731951(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/verify-that-network-traffic-is-authenticated.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717273(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717241(v=ws.11)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-design-guide.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732024(v=ws.10)", + "redirect_document_id": false + }, + { + "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall", + "redirect_document_id": false + }, { "source_path": "windows/security/operating-system.md", "redirect_url": "/windows/security/operating-system-security", @@ -955,6 +2715,11 @@ "redirect_url": "/windows/security/security-foundations/index", "redirect_document_id": false }, + { + "source_path": "windows/security/security-foundations/msft-security-dev-lifecycle.md", + "redirect_url": "/compliance/assurance/assurance-microsoft-security-development-lifecycle", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md", "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set", @@ -1385,6 +3150,11 @@ "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md", + "redirect_url": "/windows/security/operating-system-security/device-management/block-untrusted-fonts-in-enterprise", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/change-history-for-threat-protection.md", "redirect_url": "/windows/security/threat-protection", @@ -4100,6 +5870,11 @@ "redirect_url": "/windows/security/security-foundations/msft-security-dev-lifecycle", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md", + "redirect_url": "/windows/security/operating-system-security/device-management/override-mitigation-options-for-app-related-security-policies", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md", "redirect_url": "/windows/security/operating-system-security/system-security/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices", @@ -4110,16 +5885,751 @@ "redirect_url": "/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/access-this-computer-from-the-network", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-duration.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-duration", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-policy.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-threshold", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/account-policies.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-administrator-account-status", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-guest-account-status", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-rename-administrator-account", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-rename-guest-account", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/add-workstations-to-domain", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/administer-security-policy-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/allow-log-on-locally", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/audit-policy.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/back-up-files-and-directories", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/bypass-traverse-checking", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/change-the-system-time.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/change-the-system-time", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/change-the-time-zone.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/change-the-time-zone", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/create-a-pagefile.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-a-pagefile", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/create-a-token-object.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-a-token-object", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/create-global-objects.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-global-objects", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-permanent-shared-objects", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/create-symbolic-links.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-symbolic-links", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/debug-programs.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/debug-programs", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-as-a-service", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-locally", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/enforce-password-history.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enforce-password-history", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/generate-security-audits.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/generate-security-audits", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/increase-a-process-working-set", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/increase-scheduling-priority", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/kerberos-policy.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/kerberos-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/load-and-unload-device-drivers", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/lock-pages-in-memory", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/log-on-as-a-batch-job", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/log-on-as-a-service", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/manage-auditing-and-security-log", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/maximum-password-age.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-password-age", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-if-server-agrees.md", "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-if-client-agress.md", "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/minimum-password-age.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/minimum-password-age", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/minimum-password-length.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/minimum-password-length", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/modify-an-object-label.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/modify-an-object-label", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/modify-firmware-environment-values", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-list-manager-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/password-policy.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/password-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/profile-single-process.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/profile-single-process", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/profile-system-performance.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/profile-system-performance", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/remove-computer-from-docking-station", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/replace-a-process-level-token", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/restore-files-and-directories", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/security-options.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-options", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-policy-settings-reference", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/security-policy-settings.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-policy-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/shut-down-the-system.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shut-down-the-system", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md", "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", @@ -4140,6 +6650,111 @@ "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/synchronize-directory-service-data", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-settings-optional-subsystems", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/user-rights-assignment.md", + "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-rights-assignment", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md", + "redirect_url": "/windows/security/operating-system-security/device-management/use-windows-event-forwarding-to-assist-in-intrusion-detection", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/wannacrypt-ransomware-worm-targets-out-of-date-systems-wdsi.md", "redirect_url": "https://www.microsoft.com/security/blog/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/", @@ -4580,11 +7195,6 @@ "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings", "redirect_document_id": false }, - { - "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md", "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference", @@ -4685,11 +7295,6 @@ "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-your-application-control-objectives", "redirect_document_id": false }, - { - "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-your-application-control-objectives.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md", "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application", @@ -4860,11 +7465,6 @@ "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-enforcement-settings", "redirect_document_id": false }, - { - "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules#enforcement-modes", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md", "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions", @@ -4935,11 +7535,6 @@ "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain", "redirect_document_id": false }, - { - "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md", "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets", @@ -4955,11 +7550,6 @@ "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies", "redirect_document_id": false }, - { - "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md", "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker", @@ -6975,6 +9565,11 @@ "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices", @@ -7379,1916 +9974,6 @@ "source_path": "windows/security/zero-trust-windows-device-health.md", "redirect_url": "/windows/security/security-foundations/zero-trust-windows-device-health", "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/credential-guard/credential-guard.md", - "redirect_url": "/windows/security/identity-protection/credential-guard", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/credential-guard/credential-guard-considerations.md", - "redirect_url": "/windows/security/identity-protection/credential-guard/considerations-known-issues", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md", - "redirect_url": "/windows/security/identity-protection/credential-guard/how-it-works", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/credential-guard/credential-guard-known-issues.md", - "redirect_url": "/windows/security/identity-protection/credential-guard/considerations-known-issues", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/credential-guard/credential-guard-manage.md", - "redirect_url": "/windows/security/identity-protection/credential-guard/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md", - "redirect_url": "/windows/security/identity-protection/credential-guard/how-it-works", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/credential-guard/credential-guard-requirements.md", - "redirect_url": "/windows/security/identity-protection/credential-guard/index", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/configure-pde-in-intune.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-arso.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-hibernation.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-memory-dumps.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-password-connected-standby.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-wer.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/intune-enable-pde.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/includes/pde-description.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/personal-data-encryption/faq-pde.yml", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/faq", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-group-policy-settings.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure#$bitlocker-policy-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-comparison.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure#bitlocker-policy-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-countermeasures.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/countermeasures", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-recovery-guide-plan.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/recovery-process#bitlocker-recovery-password-viewer", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/network-unlock", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-basic-deployment.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-management-for-enterprises.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/plan", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/operations-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/csv-san", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/install-server", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/data-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker#device-encryption", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/basic-firewall-policy-design.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721530(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/boundary-zone.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725978(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/boundary-zone-gpos.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770729(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731463(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design-example.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771822(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/documenting-the-zones.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753825(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725818(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design-example.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732933(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/encryption-zone.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753367(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/encryption-zone-gpos.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770426(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/exemption-list.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732202(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-gpos.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771233(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-policy-design-example.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731164(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-boundary.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770565(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-encryption.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc754085(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-firewall.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731123(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-clients.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770836(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-servers.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731908(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolated-domain.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731788(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolated-domain-gpos.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731447(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721532(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-certificate-based-authentication.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc730835(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-domain-isolation-zones.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771044(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-gpo-deployment.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771733(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732752(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-isolation-groups-for-the-zones.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725693(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-network-access-groups.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771664(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-server-isolation-zones.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732615(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-settings-for-a-basic-firewall-policy.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc754986(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-the-gpos.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771716(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947826(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc730841(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-gpos.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732486(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj721528(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design-example.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732413(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770289(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-basic-firewall-settings.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947845(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947794(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947848(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947836(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947800(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947783(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-group-policy-objects.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947791(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-inbound-firewall-rules.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947799(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-outbound-firewall-rules.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947827(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc947819(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717261(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717238(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717284(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717277(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732023(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717256(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/protect-devices-from-unwanted-network-traffic.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc772556(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770865(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-specified-users-or-devices.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753064(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-trusted-devices.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc725659(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731951(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717241(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-design-guide.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc732024(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717262(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717263(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/assign-security-group-filters-to-the-gpo.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717260(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/change-rules-from-request-to-require-mode.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717237(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-authentication-methods.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717279(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-data-protection-quick-mode-settings.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717293(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717253(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-key-exchange-main-mode-settings.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717249(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-rules-to-require-encryption.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717270(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-workstation-authentication-certificate-template.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717275(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717278(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/confirm-that-certificates-are-deployed-correctly.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717245(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717246(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-a-group-account-in-active-directory.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717247(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-a-group-policy-object.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717274(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-exemption-list-rule.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717243(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-request-rule.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717283(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717288(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-inbound-rules.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717281(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-outbound-rules.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717259(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/exempt-icmp-from-authentication.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717292(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/link-the-gpo-to-the-domain.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717264(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717265(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717290(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717269(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717266(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/open-windows-firewall-with-advanced-security.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717254(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/restrict-server-access-to-members-of-a-group-only.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717267(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717251(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/verify-that-network-traffic-is-authenticated.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/jj717273(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-the-information-you-need.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc731454(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-current-network-infrastructure.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc770899(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-active-directory-deployment.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771366(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-devices.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc726039(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/gathering-other-relevant-information.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc771791(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/cc753540(v=ws.10)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-inbound-rules-to-support-rpc.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-program-or-service-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-port-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-program-or-service-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-port-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-icmp-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall-with-advanced-security-administration-with-windows-powershell.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-with-command-line", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831807(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/best-practices-configuring.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/isolating-apps-on-your-network.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831418(v=ws.11)", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-logging", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/operating-system-security/network-security/windows-firewall/firewall-settings-lost-on-upgrade.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/rdp-sign-in", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/rdp-sign-in", - "redirect_document_id": false - }, - { - "source_path": "windows/security/security-foundations/msft-security-dev-lifecycle.md", - "redirect_url": "/compliance/assurance/assurance-microsoft-security-development-lifecycle", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/pin-reset", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md", - "redirect_url": "/windows-server/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-ad-prereq.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-validate-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-key-trust.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-ad-prereq.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust-provision.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works#provisioning", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-provision.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-enroll", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-validate-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-pki", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-guide.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-mfa", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-identity-verification.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/requirements", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-mfa.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/deploy/requirements.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/multifactor-unlock", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-and-password-changes.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works-authentication", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works-provisioning", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/policy-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-planning-guide.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/prepare-users", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/passwordless-strategy.md", - "redirect_url": "/windows/security/identity-protection/passwordless-strategy/", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/deploy/cloud.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud-only", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust-enroll.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-videos.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-faq.yml", - "redirect_url": "/windows/security/identity-protection/hello-for-business/faq", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/access-this-computer-from-the-network", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-duration.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-duration", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-policy.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-lockout-threshold", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/account-policies.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/account-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-administrator-account-status", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-guest-account-status", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-rename-administrator-account", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/accounts-rename-guest-account", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/add-workstations-to-domain", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/administer-security-policy-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/allow-log-on-locally", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/audit-policy.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/back-up-files-and-directories", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/bypass-traverse-checking", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/change-the-system-time.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/change-the-system-time", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/change-the-time-zone.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/change-the-time-zone", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/create-a-pagefile.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-a-pagefile", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/create-a-token-object.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-a-token-object", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/create-global-objects.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-global-objects", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-permanent-shared-objects", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/create-symbolic-links.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/create-symbolic-links", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/debug-programs.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/debug-programs", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-as-a-service", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-locally", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-ldap-server-channel-binding-token-requirements", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/enforce-password-history.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enforce-password-history", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/generate-security-audits.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/generate-security-audits", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/increase-a-process-working-set", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/increase-scheduling-priority", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/kerberos-policy.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/kerberos-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/load-and-unload-device-drivers", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/lock-pages-in-memory", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/log-on-as-a-batch-job", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/log-on-as-a-service", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/manage-auditing-and-security-log", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/maximum-password-age.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-password-age", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/minimum-password-age.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/minimum-password-age", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/minimum-password-length.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/minimum-password-length", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/modify-an-object-label.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/modify-an-object-label", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/modify-firmware-environment-values", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-list-manager-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/password-policy.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/password-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/profile-single-process.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/profile-single-process", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/profile-system-performance.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/profile-system-performance", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/remove-computer-from-docking-station", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/replace-a-process-level-token", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/restore-files-and-directories", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/security-options.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-options", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/security-policy-settings.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-policy-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/security-policy-settings-reference", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/shut-down-the-system.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shut-down-the-system", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/synchronize-directory-service-data", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-settings-optional-subsystems", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/user-rights-assignment.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/user-rights-assignment", - "redirect_document_id": false - }, - { - "source_path": "windows/security/cloud-security/index.md", - "redirect_url": "/windows/security/cloud-services", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-feature-dual-enrollment.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/dual-enrollment", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/app-behavior-with-wip", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/collect-wip-audit-event-logs", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/deploy-wip-policy-using-intune-azure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/guidance-and-best-practices-wip", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/how-to-disable-wip.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/how-to-disable-wip", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/limitations-with-wip.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/limitations-with-wip", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/mandatory-settings-for-wip.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/mandatory-settings-for-wip", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/overview-create-wip-policy-configmgr", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/overview-create-wip-policy.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/overview-create-wip-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/testing-scenarios-for-wip", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/using-owa-with-wip.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/using-owa-with-wip", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/wip-app-enterprise-context.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/wip-app-enterprise-context", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/windows-information-protection/wip-learning.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/wip-learning", - "redirect_document_id": false - }, - { - "source_path": "windows/security/application-security/application-control/windows-defender-application-control/deployment/LOB-win32-apps-on-s.md", - "redirect_url": "/previous-versions/windows/it-pro/windows-10/deployment/s-mode/wdac-allow-lob-win32-apps", - "redirect_document_id": false } ] } diff --git a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md rename to windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md rename to windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md similarity index 87% rename from windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md rename to windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md index 7f0824cace..df92759921 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md @@ -20,15 +20,15 @@ Similar to Windows Defender Application Control (WDAC) policies, WDAC AppId tagg ## Deploy AppId tagging policies with MDM -Custom AppId tagging policies can be deployed to endpoints using [the OMA-URI feature in MDM](../deployment/deploy-wdac-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri). +Custom AppId tagging policies can be deployed to endpoints using [the OMA-URI feature in MDM](../deployment/deploy-appcontrol-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri). ## Deploy AppId tagging policies with Configuration Manager -Custom AppId tagging policies can be deployed via Configuration Manager using the [deployment task sequences](../deployment/deploy-wdac-policies-with-memcm.md#deploy-custom-wdac-policies-using-packagesprograms-or-task-sequences), policies can be deployed to your managed endpoints and users. +Custom AppId tagging policies can be deployed via Configuration Manager using the [deployment task sequences](../deployment/deploy-appcontrol-policies-with-memcm.md#deploy-custom-wdac-policies-using-packagesprograms-or-task-sequences), policies can be deployed to your managed endpoints and users. ### Deploy AppId tagging Policies via Scripting -Scripting hosts can be used to deploy AppId tagging policies as well. This approach is often best suited for local deployment, but works for deployment to managed endpoints and users too. For more information on how to deploy WDAC AppId tagging policies via scripting, see [Deploy WDAC policies using script](../deployment/deploy-wdac-policies-with-script.md). For AppId tagging policies, the only applicable method is deploying to version 1903 or later. +Scripting hosts can be used to deploy AppId tagging policies as well. This approach is often best suited for local deployment, but works for deployment to managed endpoints and users too. For more information on how to deploy WDAC AppId tagging policies via scripting, see [Deploy WDAC policies using script](../deployment/deploy-appcontrol-policies-with-script.md). For AppId tagging policies, the only applicable method is deploying to version 1903 or later. ### Deploying policies via the ApplicationControl CSP diff --git a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md similarity index 92% rename from windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md rename to windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md index 4b7e1e6b2f..ea51fb388c 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md @@ -13,13 +13,13 @@ ms.topic: conceptual ## Create the policy using the WDAC Wizard -You can use the Windows Defender Application Control (WDAC) Wizard and the PowerShell commands to create an application control policy and convert it to an AppIdTagging policy. The WDAC Wizard is available for download at the [WDAC Wizard Installer site](https://aka.ms/wdacwizard). These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](wdac-appid-tagging-guide.md). +You can use the Windows Defender Application Control (WDAC) Wizard and the PowerShell commands to create an application control policy and convert it to an AppIdTagging policy. The WDAC Wizard is available for download at the [WDAC Wizard Installer site](https://aka.ms/wdacwizard). These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](appcontrol-appid-tagging-guide.md). 1. Create a new base policy using the templates: - Start with the Policy Creator task and select Multiple Policy Format and Base Policy. Select the Base Template to use for the policy. The following example shows beginning with the [Default Windows Mode](../design/wdac-wizard-create-base-policy.md#template-base-policies) template and build on top of these rules. + Start with the Policy Creator task and select Multiple Policy Format and Base Policy. Select the Base Template to use for the policy. The following example shows beginning with the [Default Windows Mode](../design/appcontrol-wizard-create-base-policy.md#template-base-policies) template and build on top of these rules. - ![Configuring the policy base and template.](../images/appid-wdac-wizard-1.png) + ![Configuring the policy base and template.](../images/appid-appcontrol-wizard-1.png) > [!NOTE] > If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates. @@ -27,7 +27,7 @@ You can use the Windows Defender Application Control (WDAC) Wizard and the Power 2. Set the following rule-options using the Wizard toggles: - ![Configuring the policy rule-options.](../images/appid-wdac-wizard-2.png) + ![Configuring the policy rule-options.](../images/appid-appcontrol-wizard-2.png) 3. Create custom rules: @@ -39,7 +39,7 @@ You can use the Windows Defender Application Control (WDAC) Wizard and the Power - Package app name rules: Create a rule based off the package family name of an appx/msix. - Hash rules: Create a rule based off the PE Authenticode hash of a file. - For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](../design/wdac-wizard-create-base-policy.md#creating-custom-file-rules). + For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](../design/appcontrol-wizard-create-base-policy.md#creating-custom-file-rules). 4. Convert to AppId Tagging Policy: @@ -52,7 +52,7 @@ You can use the Windows Defender Application Control (WDAC) Wizard and the Power ## Create the policy using PowerShell -Using this method, you create an AppId Tagging policy directly using the WDAC PowerShell commands. These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](wdac-appid-tagging-guide.md). In an elevate PowerShell instance: +Using this method, you create an AppId Tagging policy directly using the WDAC PowerShell commands. These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](appcontrol-appid-tagging-guide.md). In an elevate PowerShell instance: 1. Create an AppId rule for the policy based on a combination of the signing certificate chain and version of the application. In the example below, the level has been set to SignedVersion. Any of the [WDAC File Rule Levels](../design/select-types-of-rules-to-create.md#table-2-windows-defender-application-control-policy---file-rule-levels) can be used in AppId rules: diff --git a/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml b/windows/security/application-security/application-control/app-control-for-business/TOC.yml similarity index 85% rename from windows/security/application-security/application-control/windows-defender-application-control/TOC.yml rename to windows/security/application-security/application-control/app-control-for-business/TOC.yml index 91cc8b46d0..c24abf5f4e 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml +++ b/windows/security/application-security/application-control/app-control-for-business/TOC.yml @@ -1,110 +1,110 @@ - name: Application Control for Windows href: index.yml - name: About application control for Windows - href: wdac.md + href: appcontrol.md expanded: true items: - name: WDAC and AppLocker Overview - href: wdac-and-applocker-overview.md + href: appcontrol-and-applocker-overview.md - name: WDAC and AppLocker Feature Availability href: feature-availability.md - name: Virtualization-based protection of code integrity href: ../introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md - name: WDAC design guide - href: design/wdac-design-guide.md + href: design/appcontrol-design-guide.md items: - name: Plan for WDAC policy lifecycle management - href: design/plan-wdac-management.md + href: design/plan-appcontrol-management.md - name: Design your WDAC policy items: - name: Understand WDAC policy design decisions - href: design/understand-wdac-policy-design-decisions.md + href: design/understand-appcontrol-policy-design-decisions.md - name: Understand WDAC policy rules and file rules href: design/select-types-of-rules-to-create.md items: - name: Allow apps installed by a managed installer href: design/configure-authorized-apps-deployed-with-a-managed-installer.md - name: Allow reputable apps with Intelligent Security Graph (ISG) - href: design/use-wdac-with-intelligent-security-graph.md + href: design/use-appcontrol-with-intelligent-security-graph.md - name: Allow COM object registration - href: design/allow-com-object-registration-in-wdac-policy.md + href: design/allow-com-object-registration-in-appcontrol-policy.md - name: Use WDAC with .NET hardening - href: design/wdac-and-dotnet.md + href: design/appcontrol-and-dotnet.md - name: Script enforcement with Windows Defender Application Control href: design/script-enforcement.md - name: Manage packaged apps with WDAC - href: design/manage-packaged-apps-with-wdac.md + href: design/manage-packaged-apps-with-appcontrol.md - name: Use WDAC to control specific plug-ins, add-ins, and modules - href: design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md + href: design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md - name: Understand WDAC policy settings - href: design/understanding-wdac-policy-settings.md + href: design/understanding-appcontrol-policy-settings.md - name: Use multiple WDAC policies - href: design/deploy-multiple-wdac-policies.md + href: design/deploy-multiple-appcontrol-policies.md - name: Create your WDAC policy items: - name: Example WDAC base policies - href: design/example-wdac-base-policies.md + href: design/example-appcontrol-base-policies.md - name: Policy creation for common WDAC usage scenarios - href: design/common-wdac-use-cases.md + href: design/common-appcontrol-use-cases.md items: - name: Create a WDAC policy for lightly managed devices - href: design/create-wdac-policy-for-lightly-managed-devices.md + href: design/create-appcontrol-policy-for-lightly-managed-devices.md - name: Create a WDAC policy for fully managed devices - href: design/create-wdac-policy-for-fully-managed-devices.md + href: design/create-appcontrol-policy-for-fully-managed-devices.md - name: Create a WDAC policy for fixed-workload devices - href: design/create-wdac-policy-using-reference-computer.md + href: design/create-appcontrol-policy-using-reference-computer.md - name: Create a WDAC deny list policy - href: design/create-wdac-deny-policy.md + href: design/create-appcontrol-deny-policy.md - name: Applications that can bypass WDAC and how to block them - href: design/applications-that-can-bypass-wdac.md + href: design/applications-that-can-bypass-appcontrol.md - name: Microsoft recommended driver block rules href: design/microsoft-recommended-driver-block-rules.md - name: Use the WDAC Wizard tool - href: design/wdac-wizard.md + href: design/appcontrol-wizard.md items: - name: Create a base WDAC policy with the Wizard - href: design/wdac-wizard-create-base-policy.md + href: design/appcontrol-wizard-create-base-policy.md - name: Create a supplemental WDAC policy with the Wizard - href: design/wdac-wizard-create-supplemental-policy.md + href: design/appcontrol-wizard-create-supplemental-policy.md - name: Editing a WDAC policy with the Wizard - href: design/wdac-wizard-editing-policy.md + href: design/appcontrol-wizard-editing-policy.md - name: Creating WDAC Policy Rules from WDAC Events - href: design/wdac-wizard-parsing-event-logs.md + href: design/appcontrol-wizard-parsing-event-logs.md - name: Merging multiple WDAC policies with the Wizard - href: design/wdac-wizard-merging-policies.md + href: design/appcontrol-wizard-merging-policies.md - name: WDAC deployment guide - href: deployment/wdac-deployment-guide.md + href: deployment/appcontrol-deployment-guide.md items: - name: Deploy WDAC policies with MDM - href: deployment/deploy-wdac-policies-using-intune.md + href: deployment/deploy-appcontrol-policies-using-intune.md - name: Deploy WDAC policies with Configuration Manager - href: deployment/deploy-wdac-policies-with-memcm.md + href: deployment/deploy-appcontrol-policies-with-memcm.md - name: Deploy WDAC policies with script - href: deployment/deploy-wdac-policies-with-script.md + href: deployment/deploy-appcontrol-policies-with-script.md - name: Deploy WDAC policies with group policy - href: deployment/deploy-wdac-policies-using-group-policy.md + href: deployment/deploy-appcontrol-policies-using-group-policy.md - name: Audit WDAC policies - href: deployment/audit-wdac-policies.md + href: deployment/audit-appcontrol-policies.md - name: Merge WDAC policies - href: deployment/merge-wdac-policies.md + href: deployment/merge-appcontrol-policies.md - name: Enforce WDAC policies - href: deployment/enforce-wdac-policies.md + href: deployment/enforce-appcontrol-policies.md - name: Use code signing for added control and protection with WDAC href: deployment/use-code-signing-for-better-control-and-protection.md items: - name: Deploy catalog files to support WDAC - href: deployment/deploy-catalog-files-to-support-wdac.md + href: deployment/deploy-catalog-files-to-support-appcontrol.md - name: Use signed policies to protect Windows Defender Application Control against tampering - href: deployment/use-signed-policies-to-protect-wdac-against-tampering.md + href: deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md - name: "Optional: Create a code signing cert for WDAC" - href: deployment/create-code-signing-cert-for-wdac.md + href: deployment/create-code-signing-cert-for-appcontrol.md - name: Disable WDAC policies - href: deployment/disable-wdac-policies.md + href: deployment/disable-appcontrol-policies.md - name: WDAC operational guide - href: operations/wdac-operational-guide.md + href: operations/appcontrol-operational-guide.md items: - name: WDAC debugging and troubleshooting - href: operations/wdac-debugging-and-troubleshooting.md + href: operations/appcontrol-debugging-and-troubleshooting.md - name: Understanding Application Control event IDs href: operations/event-id-explanations.md - name: Understanding Application Control event tags @@ -114,13 +114,13 @@ - name: Known Issues href: operations/known-issues.md - name: Managed installer and ISG technical reference and troubleshooting guide - href: operations/configure-wdac-managed-installer.md + href: operations/configure-appcontrol-managed-installer.md - name: CITool.exe technical reference href: operations/citool-commands.md - name: Inbox WDAC policies - href: operations/inbox-wdac-policies.md + href: operations/inbox-appcontrol-policies.md - name: WDAC AppId Tagging guide - href: AppIdTagging/wdac-appid-tagging-guide.md + href: AppIdTagging/appcontrol-appid-tagging-guide.md items: - name: Creating AppId Tagging Policies href: AppIdTagging/design-create-appid-tagging-policies.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview.md b/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md similarity index 98% rename from windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview.md rename to windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md index 81042f2926..1e2654111c 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview.md +++ b/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md @@ -21,7 +21,7 @@ WDAC policies apply to the managed computer as a whole and affects all users of - Attributes of the codesigning certificate(s) used to sign an app and its binaries - Attributes of the app's binaries that come from the signed metadata for the files, such as Original Filename and version, or the hash of the file -- The reputation of the app as determined by Microsoft's [Intelligent Security Graph](design/use-wdac-with-intelligent-security-graph.md) +- The reputation of the app as determined by Microsoft's [Intelligent Security Graph](design/use-appcontrol-with-intelligent-security-graph.md) - The identity of the process that initiated the installation of the app and its binaries ([managed installer](design/configure-authorized-apps-deployed-with-a-managed-installer.md)) - The [path from which the app or file is launched](design/select-types-of-rules-to-create.md#more-information-about-filepath-rules) (beginning with Windows 10 version 1903) - The process that launched the app or binary diff --git a/windows/security/application-security/application-control/windows-defender-application-control/wdac.md b/windows/security/application-security/application-control/app-control-for-business/appcontrol.md similarity index 84% rename from windows/security/application-security/application-control/windows-defender-application-control/wdac.md rename to windows/security/application-security/application-control/app-control-for-business/appcontrol.md index 2d0145d3bc..88c99842d1 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/wdac.md +++ b/windows/security/application-security/application-control/app-control-for-business/appcontrol.md @@ -31,7 +31,7 @@ Windows 10 and Windows 11 include two technologies that can be used for applicat ## WDAC and Smart App Control -Starting in Windows 11 version 22H2, [Smart App Control](https://support.microsoft.com/topic/what-is-smart-app-control-285ea03d-fa88-4d56-882e-6698afdb7003) provides application control for consumers. Smart App Control is based on WDAC, allowing enterprise customers to create a policy that offers the same security and compatibility with the ability to customize it to run line-of-business (LOB) apps. To make it easier to implement this policy, an [example policy](design/example-wdac-base-policies.md) is provided. The example policy includes **Enabled:Conditional Windows Lockdown Policy** option that isn't supported for WDAC enterprise policies. This rule must be removed before you use the example policy. To use this example policy as a starting point for creating your own policy, see [Create a custom base policy using an example WDAC base policy](design/create-wdac-policy-for-lightly-managed-devices.md#create-a-custom-base-policy-using-an-example-wdac-base-policy). +Starting in Windows 11 version 22H2, [Smart App Control](https://support.microsoft.com/topic/what-is-smart-app-control-285ea03d-fa88-4d56-882e-6698afdb7003) provides application control for consumers. Smart App Control is based on WDAC, allowing enterprise customers to create a policy that offers the same security and compatibility with the ability to customize it to run line-of-business (LOB) apps. To make it easier to implement this policy, an [example policy](design/example-appcontrol-base-policies.md) is provided. The example policy includes **Enabled:Conditional Windows Lockdown Policy** option that isn't supported for WDAC enterprise policies. This rule must be removed before you use the example policy. To use this example policy as a starting point for creating your own policy, see [Create a custom base policy using an example WDAC base policy](design/create-appcontrol-policy-for-lightly-managed-devices.md#create-a-custom-base-policy-using-an-example-wdac-base-policy). Smart App Control is only available on clean installation of Windows 11 version 22H2 or later, and starts in evaluation mode. Smart App Control is automatically turned off for enterprise managed devices unless the user has turned it on first. To turn off Smart App Control across your organization's endpoints, you can set the **VerifiedAndReputablePolicyState** (DWORD) registry value under `HKLM\SYSTEM\CurrentControlSet\Control\CI\Policy` as shown in the following table. After you change the registry value, you must either restart the device or use [CiTool.exe -r](/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands#refresh-the-wdac-policies-on-the-system) for the change to take effect. @@ -46,7 +46,7 @@ Smart App Control is only available on clean installation of Windows 11 version ### Smart App Control Enforced Blocks -Smart App Control enforces the [Microsoft Recommended Driver Block rules](design/microsoft-recommended-driver-block-rules.md) and the [Microsoft Recommended Block Rules](design/applications-that-can-bypass-wdac.md), with a few exceptions for compatibility considerations. The following aren't blocked by Smart App Control: +Smart App Control enforces the [Microsoft Recommended Driver Block rules](design/microsoft-recommended-driver-block-rules.md) and the [Microsoft Recommended Block Rules](design/applications-that-can-bypass-appcontrol.md), with a few exceptions for compatibility considerations. The following aren't blocked by Smart App Control: - Infdefaultinstall.exe - Microsoft.Build.dll @@ -57,7 +57,7 @@ Smart App Control enforces the [Microsoft Recommended Driver Block rules](design ## Related articles -- [WDAC design guide](design/wdac-design-guide.md) -- [WDAC deployment guide](deployment/wdac-deployment-guide.md) -- [WDAC operational guide](operations/wdac-operational-guide.md) +- [WDAC design guide](design/appcontrol-design-guide.md) +- [WDAC deployment guide](deployment/appcontrol-deployment-guide.md) +- [WDAC operational guide](operations/appcontrol-operational-guide.md) - [AppLocker overview](applocker/applocker-overview.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md b/windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md similarity index 91% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md index 0299b53b2a..a948419849 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md @@ -19,7 +19,7 @@ To understand if AppLocker is the correct application control solution for your | Article | Description | | --- | --- | | [Understand AppLocker policy design decisions](understand-applocker-policy-design-decisions.md) | This article describes AppLocker design questions, possible answers, and other considerations when you plan a deployment of application control policies by using AppLocker. | -| [Determine your application control objectives](determine-your-application-control-objectives.md) | This article helps you with the decisions you need to make to determine what applications to control and how to control them using AppLocker. | +| [Determine your application control objectives](../appcontrol-and-applocker-overview.md) | This article helps you with the decisions you need to make to determine what applications to control and how to control them using AppLocker. | | [Create a list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md) | This article describes the process of gathering app usage requirements from each business group in order to implement application control policies by using AppLocker. | | [Select the types of rules to create](select-types-of-rules-to-create.md) | This article lists resources you can use when selecting your application control policy rules by using AppLocker. | | [Determine the Group Policy structure and rule enforcement](determine-group-policy-structure-and-rule-enforcement.md) | This overview article describes the process to follow when you're planning to deploy AppLocker rules. | diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md similarity index 98% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md index 36cd302f29..81e26f0be3 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md @@ -77,7 +77,7 @@ There are three different types of conditions that can be applied to rules: An AppLocker policy is a set of rule collections and their corresponding configured enforcement mode settings applied to one or more computers. -- [Understand AppLocker enforcement settings](understand-applocker-enforcement-settings.md) +- [Understand AppLocker enforcement settings](working-with-applocker-rules.md#enforcement-modes) Rule enforcement is applied only to collections of rules, not individual rules. AppLocker divides the rules into four collections: executable files, Windows Installer files, scripts, and DLL files. The options for rule enforcement are **Not configured**, **Enforce rules**, or **Audit only**. Together, all AppLocker rule collections compose the application control policy, or AppLocker policy. By default, if enforcement isn't configured and rules are present in a rule collection, those rules are enforced. diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group.md similarity index 97% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group.md index de0b5c522f..f1965e03ea 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group.md @@ -30,7 +30,7 @@ Using the Automatically Generate Rules wizard quickly creates rules for the appl Using the **Audit only** enforcement method permits you to view the logs because it collects information about every process on the computers receiving the Group Policy Object (GPO). Therefore, you can evaluate the possible effects of enforcement on computers in a business group. AppLocker includes Windows PowerShell cmdlets that you can use to analyze the events from the event log and cmdlets to create rules. However, when you use Group Policy to deploy to several computers, a means to collect events in a central location is important for manageability. Because AppLocker logs information about files that users or other processes start on a computer, you could miss creating some rules initially. Therefore, you should continue your evaluation until you can verify that all required applications that are allowed to run are accessed successfully. > [!TIP] -> If you run Application Verifier against a custom application with any AppLocker policies enabled, it might prevent the application from running. You should either disable Application Verifier or AppLocker. +> If you run Application Verifier against a custom application with any AppLocker policies enabled, it might prevent the application from running. You should either disable Application Verifier or AppLocker. You can create an inventory of Packaged apps on a device by using two methods: the **Get-AppxPackage** Windows PowerShell cmdlet or the AppLocker console. @@ -44,7 +44,7 @@ The following articles describe how to perform each method: Identify the business group and each organizational unit (OU) within that group for application control policies. In addition, you should identify whether or not AppLocker is the most appropriate solution for these policies. For info about these steps, see the following articles: - [Understand AppLocker policy design decisions](understand-applocker-policy-design-decisions.md) -- [Determine your application control objectives](determine-your-application-control-objectives.md) +- [Determine your application control objectives](../appcontrol-and-applocker-overview.md) ## Next steps diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies.md similarity index 97% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies.md index 1b14478169..27273e567d 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies.md @@ -18,7 +18,7 @@ You can develop an application control policy plan to guide you in making succes 1. [Understand the AppLocker policy deployment process](understand-the-applocker-policy-deployment-process.md) 2. [Understand AppLocker policy design decisions](understand-applocker-policy-design-decisions.md) -3. [Determine your application control objectives](determine-your-application-control-objectives.md) +3. [Determine your application control objectives](../appcontrol-and-applocker-overview.md) 4. [Create a list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md) 5. [Select the types of rules to create](select-types-of-rules-to-create.md) 6. [Determine the Group Policy structure and rule enforcement](determine-group-policy-structure-and-rule-enforcement.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule.md b/windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md similarity index 92% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md index e974fdf194..8e4845601c 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md @@ -14,7 +14,7 @@ This article for IT professionals describes the steps to deploy AppLocker polici These procedures assume that your AppLocker policies are deployed with the enforcement mode set to **Audit only**, and you have been collecting data through the AppLocker event logs and other channels to determine what effect these policies have on your environment and the policy's adherence to your application control design. -For info about the AppLocker policy enforcement setting, see [Understand AppLocker enforcement settings](understand-applocker-enforcement-settings.md). +For info about the AppLocker policy enforcement setting, see [Understand AppLocker enforcement settings](working-with-applocker-rules.md#enforcement-modes). For info about how to plan an AppLocker policy deployment, see [AppLocker Design Guide](applocker-policies-design-guide.md). @@ -24,7 +24,7 @@ Updating an AppLocker policy that is currently enforced in your production envir ## Step 2: Alter the enforcement setting -Rule enforcement is applied to all rules within a rule collection, not to individual rules. AppLocker divides the rules into collections: executable files, Windows Installer files, packaged apps, scripts, and DLL files. For information about the enforcement mode setting, see [Understand AppLocker Enforcement Settings](understand-applocker-enforcement-settings.md). For the procedure to alter the enforcement mode setting, see [Configure an AppLocker policy for audit only](configure-an-applocker-policy-for-audit-only.md). +Rule enforcement is applied to all rules within a rule collection, not to individual rules. AppLocker divides the rules into collections: executable files, Windows Installer files, packaged apps, scripts, and DLL files. For information about the enforcement mode setting, see [Understand AppLocker Enforcement Settings](working-with-applocker-rules.md#enforcement-modes). For the procedure to alter the enforcement mode setting, see [Configure an AppLocker policy for audit only](configure-an-applocker-policy-for-audit-only.md). ## Step 3: Update the policy diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement.md similarity index 88% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement.md index fb13e22d88..54e63c866d 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement.md @@ -14,7 +14,7 @@ This overview article describes the process to follow when you're planning to de | Article | Description | | --- | --- | -| [Understand AppLocker enforcement settings](understand-applocker-enforcement-settings.md) | This article describes the AppLocker enforcement settings for rule collections. | +| [Understand AppLocker enforcement settings](working-with-applocker-rules.md#enforcement-modes) | This article describes the AppLocker enforcement settings for rule collections. | | [Understand AppLocker rules and enforcement setting inheritance in Group Policy](understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md) | This article for the IT professional describes how application control policies configured in AppLocker are applied through Group Policy.| | [Document the Group Policy structure and AppLocker rule enforcement](document-group-policy-structure-and-applocker-rule-enforcement.md) | This planning article describes what you need to investigate, determine, and document for your policy plan when you use AppLocker. | diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md b/windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md b/windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md similarity index 96% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md index 294689bc28..b89000e34f 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md @@ -14,7 +14,7 @@ This planning article describes what you should include in your plan when you us To complete this AppLocker planning document, you should first complete the following steps: -1. [Determine your application control objectives](determine-your-application-control-objectives.md) +1. [Determine your application control objectives](../appcontrol-and-applocker-overview.md) 2. [Create a list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md) 3. [Select the types of rules to create](select-types-of-rules-to-create.md) 4. [Determine the Group Policy structure and rule enforcement](determine-group-policy-structure-and-rule-enforcement.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list.md b/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md b/windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md b/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md b/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref.md b/windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/images/applocker-plan-inheritance.gif b/windows/security/application-security/application-control/app-control-for-business/applocker/images/applocker-plan-inheritance.gif similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/images/applocker-plan-inheritance.gif rename to windows/security/application-security/application-control/app-control-for-business/applocker/images/applocker-plan-inheritance.gif diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/images/applocker-plandeploy-quickreference.gif b/windows/security/application-security/application-control/app-control-for-business/applocker/images/applocker-plandeploy-quickreference.gif similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/images/applocker-plandeploy-quickreference.gif rename to windows/security/application-security/application-control/app-control-for-business/applocker/images/applocker-plandeploy-quickreference.gif diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/images/blockedappmsg.gif b/windows/security/application-security/application-control/app-control-for-business/applocker/images/blockedappmsg.gif similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/images/blockedappmsg.gif rename to windows/security/application-security/application-control/app-control-for-business/applocker/images/blockedappmsg.gif diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md b/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md b/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually.md b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance.md b/windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md b/windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management.md similarity index 99% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management.md index d82b85d412..71910f46d2 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management.md @@ -58,7 +58,7 @@ AppLocker event log is located in the following path: **Applications and Service 2. **MSI and Script**. Contains events for all files affected by the Windows Installer and script rule collections (.msi, .msp, .ps1, .bat, .cmd, .vbs, and .js). 3. **Packaged app-Deployment** or **Packaged app-Execution**, contains events for all Universal Windows apps affected by the packaged app and packed app installer rule collection (.appx). -Collecting these events in a central location can help you maintain your AppLocker policy and troubleshoot rule configuration problems. +Collecting these events in a central location can help you maintain your AppLocker policy and troubleshoot rule configuration problems. ### Policy maintenance @@ -101,7 +101,7 @@ Before editing the rule collection, first determine what rule is preventing the To complete this AppLocker planning document, you should first complete the following steps: -1. [Determine your application control objectives](determine-your-application-control-objectives.md) +1. [Determine your application control objectives](../appcontrol-and-applocker-overview.md) 2. [Create a list of apps deployed to each business group](create-list-of-applications-deployed-to-each-business-group.md) 3. [Select the types of rules to create](select-types-of-rules-to-create.md) 4. [Determine the Group Policy structure and rule enforcement](determine-group-policy-structure-and-rule-enforcement.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/rule-collection-extensions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/rule-collection-extensions.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md b/windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create.md b/windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md b/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules.md rename to windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide.md b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md similarity index 87% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md index 46d07c19a7..688747f887 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md @@ -11,7 +11,7 @@ ms.topic: overview > [!NOTE] > Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). -You should now have one or more Windows Defender Application Control (WDAC) policies ready to deploy. If you haven't yet completed the steps described in the [WDAC Design Guide](../design/wdac-design-guide.md), do so now before proceeding. +You should now have one or more Windows Defender Application Control (WDAC) policies ready to deploy. If you haven't yet completed the steps described in the [WDAC Design Guide](../design/appcontrol-design-guide.md), do so now before proceeding. ## Convert your WDAC policy XML to binary @@ -44,13 +44,13 @@ All Windows Defender Application Control policy changes should be deployed in au ## Choose how to deploy WDAC policies > [!IMPORTANT] -> Due to a known issue, you should always activate new **signed** WDAC Base policies with a reboot on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. We recommend [deploying via script](deploy-wdac-policies-with-script.md) in this case. +> Due to a known issue, you should always activate new **signed** WDAC Base policies with a reboot on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. We recommend [deploying via script](deploy-appcontrol-policies-with-script.md) in this case. > > This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity. There are several options to deploy Windows Defender Application Control policies to managed endpoints, including: -- [Deploy using a Mobile Device Management (MDM) solution](deploy-wdac-policies-using-intune.md), such as Microsoft Intune -- [Deploy using Microsoft Configuration Manager](deploy-wdac-policies-with-memcm.md) -- [Deploy via script](deploy-wdac-policies-with-script.md) -- [Deploy via group policy](deploy-wdac-policies-using-group-policy.md) +- [Deploy using a Mobile Device Management (MDM) solution](deploy-appcontrol-policies-using-intune.md), such as Microsoft Intune +- [Deploy using Microsoft Configuration Manager](deploy-appcontrol-policies-with-memcm.md) +- [Deploy via script](deploy-appcontrol-policies-with-script.md) +- [Deploy via group policy](deploy-appcontrol-policies-using-group-policy.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md similarity index 91% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md index fa463a999a..8e08b9a353 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md @@ -18,7 +18,7 @@ While a WDAC policy is running in audit mode, any binary that runs but would hav ## Overview of the process to create WDAC policy to allow apps using audit events > [!Note] -> You must have already deployed a WDAC audit mode policy to use this process. If you have not already done so, see [Deploying Windows Defender Application Control policies](wdac-deployment-guide.md). +> You must have already deployed a WDAC audit mode policy to use this process. If you have not already done so, see [Deploying Windows Defender Application Control policies](appcontrol-deployment-guide.md). To familiarize yourself with creating WDAC rules from audit events, follow these steps on a device with a WDAC audit mode policy. @@ -29,7 +29,7 @@ To familiarize yourself with creating WDAC rules from audit events, follow these **Figure 1. Exceptions to the deployed WDAC policy** ![Event showing exception to WDAC policy.](../images/dg-fig23-exceptionstocode.png) -3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create a WDAC policy for fully managed devices](../design/create-wdac-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**. +3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create a WDAC policy for fully managed devices](../design/create-appcontrol-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**. ```powershell $PolicyName= "Lamna_FullyManagedClients_Audit" @@ -47,7 +47,7 @@ To familiarize yourself with creating WDAC rules from audit events, follow these > [!NOTE] > When you create policies from audit events, you should carefully consider the file rule level that you select to trust. The preceding example uses the **FilePublisher** rule level with a fallback level of **Hash**, which may be more specific than desired. You can re-run the above command using different **-Level** and **-Fallback** options to meet your needs. For more information about WDAC rule levels, see [Understand WDAC policy rules and file rules](../design/select-types-of-rules-to-create.md). -5. Find and review the WDAC policy file **EventsPolicy.xml** that should be found on your desktop. Ensure that it only includes file and signer rules for applications, binaries, and scripts you wish to allow. You can remove rules by manually editing the policy XML or use the WDAC Policy Wizard tool (see [Editing existing base and supplemental WDAC policies with the Wizard](../design/wdac-wizard-editing-policy.md)). +5. Find and review the WDAC policy file **EventsPolicy.xml** that should be found on your desktop. Ensure that it only includes file and signer rules for applications, binaries, and scripts you wish to allow. You can remove rules by manually editing the policy XML or use the WDAC Policy Wizard tool (see [Editing existing base and supplemental WDAC policies with the Wizard](../design/appcontrol-wizard-editing-policy.md)). 6. Find and review the text file **EventsPolicyWarnings.txt** that should be found on your desktop. This file will include a warning for any files that WDAC couldn't create a rule for at either the specified rule level or fallback rule level. @@ -56,6 +56,6 @@ To familiarize yourself with creating WDAC rules from audit events, follow these 7. Merge **EventsPolicy.xml** with the Base policy **Lamna_FullyManagedClients_Audit.xml** or convert it to a supplemental policy. - For information on merging policies, refer to [Merge Windows Defender Application Control policies](merge-wdac-policies.md) and for information on supplemental policies see [Use multiple Windows Defender Application Control Policies](../design/deploy-multiple-wdac-policies.md). + For information on merging policies, refer to [Merge Windows Defender Application Control policies](merge-appcontrol-policies.md) and for information on supplemental policies see [Use multiple Windows Defender Application Control Policies](../design/deploy-multiple-appcontrol-policies.md). 8. Convert the Base or Supplemental policy to binary and deploy using your preferred method. diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac.md b/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md similarity index 99% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md index 7c3eabc52d..aa98aebabb 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md @@ -11,7 +11,7 @@ ms.date: 12/01/2022 >[!NOTE] >Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). -As you deploy Windows Defender Application Control (WDAC), you might need to sign catalog files or WDAC policies internally. To do this signing, you'll either need to use [Microsoft's Trusted Signing service](/azure/trusted-signing/), a publicly issued code signing certificate or an internal CA. If you've purchased a code signing certificate, you can skip this article, and instead follow other articles listed in the [Windows Defender Application Control Deployment Guide](wdac-deployment-guide.md). +As you deploy Windows Defender Application Control (WDAC), you might need to sign catalog files or WDAC policies internally. To do this signing, you'll either need to use [Microsoft's Trusted Signing service](/azure/trusted-signing/), a publicly issued code signing certificate or an internal CA. If you've purchased a code signing certificate, you can skip this article, and instead follow other articles listed in the [Windows Defender Application Control Deployment Guide](appcontrol-deployment-guide.md). If you have an internal CA, complete these steps to create a code signing certificate. diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md similarity index 98% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md index 78a686dada..8b6c9f2da9 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md @@ -32,7 +32,7 @@ To deploy and manage a Windows Defender Application Control policy with Group Po 2. Create a new GPO: right-click an OU and then select **Create a GPO in this domain, and Link it here**. > [!NOTE] - > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining WDAC policies (or keeping them separate), as discussed in [Plan for Windows Defender Application Control lifecycle policy management](../design/plan-wdac-management.md). + > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining WDAC policies (or keeping them separate), as discussed in [Plan for Windows Defender Application Control lifecycle policy management](../design/plan-appcontrol-management.md). ![Group Policy Management, create a GPO.](../images/dg-fig24-creategpo.png) @@ -42,7 +42,7 @@ To deploy and manage a Windows Defender Application Control policy with Group Po 5. In the selected GPO, navigate to Computer Configuration\\Administrative Templates\\System\\Device Guard. Right-click **Deploy Windows Defender Application Control** and then select **Edit**. - ![Edit the Group Policy for Windows Defender Application Control.](../images/wdac-edit-gp.png) + ![Edit the Group Policy for Windows Defender Application Control.](../images/appcontrol-edit-gp.png) 6. In the **Deploy Windows Defender Application Control** dialog box, select the **Enabled** option, and then specify the WDAC policy deployment path. diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md similarity index 96% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md index c7086b6b5e..df6ad5fdc8 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md @@ -14,7 +14,7 @@ ms.topic: how-to You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to configure Windows Defender Application Control (WDAC) on client machines. Intune includes native support for WDAC, which can be a helpful starting point, but customers may find the available circle-of-trust options too limiting. To deploy a custom policy through Intune and define your own circle of trust, you can configure a profile using Custom OMA-URI. If your organization uses another MDM solution, check with your solution provider for WDAC policy deployment steps. > [!IMPORTANT] -> Due to a known issue, you should always activate new **signed** WDAC Base policies *with a reboot* on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Instead of Mobile Device Management (MDM), deploy new signed WDAC Base policies [via script](deploy-wdac-policies-with-script.md) and activate the policy with a system restart. +> Due to a known issue, you should always activate new **signed** WDAC Base policies *with a reboot* on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Instead of Mobile Device Management (MDM), deploy new signed WDAC Base policies [via script](deploy-appcontrol-policies-with-script.md) and activate the policy with a system restart. > > This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity. @@ -38,7 +38,7 @@ To use Intune's built-in WDAC policies, configure [Endpoint Protection for Windo ## Deploy WDAC policies with custom OMA-URI > [!NOTE] -> Policies deployed through Intune custom OMA-URI are subject to a 350,000 byte limit. Customers should create Windows Defender Application Control policies that use signature-based rules, the Intelligent Security Graph, and managed installers where practical. Customers whose devices are running 1903+ builds of Windows are also encouraged to use [multiple policies](../design/deploy-multiple-wdac-policies.md) which allow more granular policy. +> Policies deployed through Intune custom OMA-URI are subject to a 350,000 byte limit. Customers should create Windows Defender Application Control policies that use signature-based rules, the Intelligent Security Graph, and managed installers where practical. Customers whose devices are running 1903+ builds of Windows are also encouraged to use [multiple policies](../design/deploy-multiple-appcontrol-policies.md) which allow more granular policy. You should now have one or more WDAC policies converted into binary form. If not, follow the steps described in [Deploying Windows Defender Application Control (WDAC) policies](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide). @@ -58,7 +58,7 @@ The steps to use Intune's custom OMA-URI functionality are: - **Data type**: Base64 (file) - **Certificate file**: Upload your binary format policy file. To do this, change your {GUID}.cip file to {GUID}.bin. You don't need to upload a Base64 file, as Intune converts the uploaded .bin file to Base64 on your behalf. - :::image type="content" alt-text="Configure custom WDAC." source="../images/wdac-intune-custom-oma-uri.png" lightbox="../images/wdac-intune-custom-oma-uri.png"::: + :::image type="content" alt-text="Configure custom WDAC." source="../images/appcontrol-intune-custom-oma-uri.png" lightbox="../images/appcontrol-intune-custom-oma-uri.png"::: > [!NOTE] > For the _Policy GUID_ value, do not include the curly brackets. diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md similarity index 88% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md index d4135733c2..1d1038cbee 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md @@ -29,49 +29,49 @@ Configuration Manager doesn't remove policies once deployed. To stop enforcement 1. Select **Asset and Compliance** > **Endpoint Protection** > **Windows Defender Application Control** > **Create Application Control Policy** - ![Create a WDAC policy in Configuration Manager.](../images/memcm/memcm-create-wdac-policy.jpg) + ![Create a WDAC policy in Configuration Manager.](../images/memcm/memcm-create-appcontrol-policy.jpg) 2. Enter the name of the policy > **Next** 3. Enable **Enforce a restart of devices so that this policy can be enforced for all processes** 4. Select the mode that you want the policy to run (Enforcement enabled / Audit Only) 5. Select **Next** - ![Create an enforced WDAC policy in Configuration Manager.](../images/memcm/memcm-create-wdac-policy-2.jpg) + ![Create an enforced WDAC policy in Configuration Manager.](../images/memcm/memcm-create-appcontrol-policy-2.jpg) 6. Select **Add** to begin creating rules for trusted software - ![Create a WDAC path rule in Configuration Manager.](../images/memcm/memcm-create-wdac-rule.jpg) + ![Create a WDAC path rule in Configuration Manager.](../images/memcm/memcm-create-appcontrol-rule.jpg) 7. Select **File** or **Folder** to create a path rule > **Browse** - ![Select a file or folder to create a path rule.](../images/memcm/memcm-create-wdac-rule-2.jpg) + ![Select a file or folder to create a path rule.](../images/memcm/memcm-create-appcontrol-rule-2.jpg) 8. Select the executable or folder for your path rule > **OK** - ![Select the executable file or folder.](../images/memcm/memcm-create-wdac-rule-3.jpg) + ![Select the executable file or folder.](../images/memcm/memcm-create-appcontrol-rule-3.jpg) 9. Select **OK** to add the rule to the table of trusted files or folder 10. Select **Next** to navigate to the summary page > **Close** - ![Confirm the WDAC path rule in Configuration Manager.](../images/memcm/memcm-confirm-wdac-rule.jpg) + ![Confirm the WDAC path rule in Configuration Manager.](../images/memcm/memcm-confirm-appcontrol-rule.jpg) ### Deploy the WDAC policy in Configuration Manager 1. Right-click the newly created policy > **Deploy Application Control Policy** - ![Deploy WDAC via Configuration Manager.](../images/memcm/memcm-deploy-wdac.jpg) + ![Deploy WDAC via Configuration Manager.](../images/memcm/memcm-deploy-appcontrol.jpg) 2. Select **Browse** - ![Select Browse.](../images/memcm/memcm-deploy-wdac-2.jpg) + ![Select Browse.](../images/memcm/memcm-deploy-appcontrol-2.jpg) 3. Select the Device Collection you created earlier > **OK** - ![Select the device collection.](../images/memcm/memcm-deploy-wdac-3.jpg) + ![Select the device collection.](../images/memcm/memcm-deploy-appcontrol-3.jpg) 4. Change the schedule > **OK** - ![Change the WDAC deployment schedule.](../images/memcm/memcm-deploy-wdac-4.jpg) + ![Change the WDAC deployment schedule.](../images/memcm/memcm-deploy-appcontrol-4.jpg) For more information on using Configuration Manager's native WDAC policies, see [Windows Defender Application Control management with Configuration Manager](/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager). @@ -79,4 +79,4 @@ Download the entire [WDAC in Configuration Manager lab paper](https://download.m ## Deploy custom WDAC policies using Packages/Programs or Task Sequences -Using Configuration Manager's built-in policies can be a helpful starting point, but customers may find the circle-of-trust options available in Configuration Manager too limiting. To define your own circle-of-trust, you can use Configuration Manager to deploy custom WDAC policies using [script-based deployment](deploy-wdac-policies-with-script.md) via Software Distribution Packages and Programs or Operating System Deployment Task Sequences. +Using Configuration Manager's built-in policies can be a helpful starting point, but customers may find the circle-of-trust options available in Configuration Manager too limiting. To define your own circle-of-trust, you can use Configuration Manager to deploy custom WDAC policies using [script-based deployment](deploy-appcontrol-policies-with-script.md) via Software Distribution Packages and Programs or Operating System Deployment Task Sequences. diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md similarity index 99% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md index 2265945d4e..056e35ce3f 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md @@ -34,7 +34,7 @@ To create a catalog file for an existing app, you can use a tool called **Packag $PolicyBinary = $env:USERPROFILE+"\Desktop\"+$PolicyId.substring(11)+".cip" ``` - Then apply the policy as described in [Deploy Windows Defender Application Control policies with script](deploy-wdac-policies-with-script.md). + Then apply the policy as described in [Deploy Windows Defender Application Control policies with script](deploy-appcontrol-policies-with-script.md). 2. Start Package Inspector to monitor file creation on a **local drive** where you install the app, for example, drive C: @@ -301,7 +301,7 @@ At the time of the next software inventory cycle, when the targeted clients rece ## Allow apps signed by your catalog signing certificate in your WDAC policy -Now that you have your signed catalog file, you can add a signer rule to your policy that allows anything signed with that certificate. If you haven't yet created a WDAC policy, see the [Windows Defender Application Control design guide](../design/wdac-design-guide.md). +Now that you have your signed catalog file, you can add a signer rule to your policy that allows anything signed with that certificate. If you haven't yet created a WDAC policy, see the [Windows Defender Application Control design guide](../design/appcontrol-design-guide.md). On a computer where the signed catalog file has been deployed, you can use [New-CiPolicyRule](/powershell/module/configci/new-cipolicyrule) to create a signer rule from any file included in that catalog. Then use [Merge-CiPolicy](/powershell/module/configci/merge-cipolicy) to add the rule to your policy XML. Be sure to replace the path values in the following sample: diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md similarity index 99% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md index 2685a6db1d..839bf11d55 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md @@ -65,7 +65,7 @@ The steps to use Intune's custom OMA-URI functionality to remove a WDAC policy a - **Certificate file**: upload your binary format policy file. You don't need to upload a Base64 file, as Intune will convert the uploaded .bin file to Base64 on your behalf. > [!div class="mx-imgBorder"] - > ![Configure custom WDAC.](../images/wdac-intune-custom-oma-uri.png) + > ![Configure custom WDAC.](../images/appcontrol-intune-custom-oma-uri.png) > [!NOTE] > For the _Policy GUID_ value, do not include the curly brackets. diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md similarity index 89% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md index 07bc66c51a..fe758fad88 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md @@ -19,11 +19,11 @@ You should now have one or more Windows Defender Application Control policies br ## Convert WDAC **base** policy from audit to enforced -As described in [common Windows Defender Application Control deployment scenarios](../design/common-wdac-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. +As described in [common Windows Defender Application Control deployment scenarios](../design/common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. **Alice Pena** is the IT team lead responsible for Lamna's WDAC rollout. -Alice previously created and deployed a policy for the organization's [fully managed devices](../design/create-wdac-policy-for-fully-managed-devices.md). They updated the policy based on audit event data as described in [Use audit events to create WDAC policy rules](audit-wdac-policies.md) and redeployed it. All remaining audit events are as expected and Alice is ready to switch to enforcement mode. +Alice previously created and deployed a policy for the organization's [fully managed devices](../design/create-appcontrol-policy-for-fully-managed-devices.md). They updated the policy based on audit event data as described in [Use audit events to create WDAC policy rules](audit-appcontrol-policies.md) and redeployed it. All remaining audit events are as expected and Alice is ready to switch to enforcement mode. 1. Initialize the variables that will be used and create the enforced policy by copying the audit version. @@ -96,4 +96,4 @@ Since the enforced policy was given a unique PolicyID in the previous procedure, ## Deploy your enforced policy and supplemental policies -Now that your base policy is in enforced mode, you can begin to deploy it to your managed endpoints. For information about deploying policies, see [Deploying Windows Defender Application Control (WDAC) policies](wdac-deployment-guide.md). +Now that your base policy is in enforced mode, you can begin to deploy it to your managed endpoints. For information about deploying policies, see [Deploying Windows Defender Application Control (WDAC) policies](appcontrol-deployment-guide.md). diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies.md similarity index 93% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies.md index d1b96ca2d6..79adf8c772 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies.md @@ -19,7 +19,7 @@ This article shows how to merge multiple policy XML files together and how to me ## Merge multiple WDAC policy XML files together -There are many scenarios where you may want to merge two or more policy files together. For example, if you [use audit events to create Windows Defender Application Control policy rules](audit-wdac-policies.md), you can merge those rules with your existing WDAC base policy. To merge the two WDAC policies referenced in that article, complete the following steps in an elevated Windows PowerShell session. +There are many scenarios where you may want to merge two or more policy files together. For example, if you [use audit events to create Windows Defender Application Control policy rules](audit-appcontrol-policies.md), you can merge those rules with your existing WDAC base policy. To merge the two WDAC policies referenced in that article, complete the following steps in an elevated Windows PowerShell session. 1. Initialize the variables that will be used: @@ -43,7 +43,7 @@ There are many scenarios where you may want to merge two or more policy files to Besides merging multiple policy XML files, you can also merge rules created with the New-CIPolicyRule cmdlet directly into an existing WDAC policy XML file. Directly merging rules is a convenient way to update your policy without creating extra policy XML files. For example, to add rules that allow the WDAC Wizard and the WDAC RefreshPolicy.exe tool, follow these steps: -1. Install the [WDAC Wizard](../design/wdac-wizard.md) packaged MSIX app. +1. Install the [WDAC Wizard](../design/appcontrol-wizard.md) packaged MSIX app. 2. Download the [Refresh Policy tool](https://aka.ms/refreshpolicy) for your processor architecture and save it to your desktop as RefreshPolicy.exe. 3. From a PowerShell session, run the following commands to create packaged app allow rules for the WDAC Wizard: @@ -80,4 +80,4 @@ Now that you have your new, merged policy, you can convert and deploy the policy 2. Upload your merged policy XML and the associated binary to the source control solution you are using for your Windows Defender Application Control policies. such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration). -3. Deploy the merged policy using your preferred deployment solution. See [Deploying Windows Defender Application Control (WDAC) policies](wdac-deployment-guide.md) +3. Deploy the merged policy using your preferred deployment solution. See [Deploying Windows Defender Application Control (WDAC) policies](appcontrol-deployment-guide.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection.md b/windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection.md similarity index 97% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection.md index 7e9e07b044..22c1e87ca0 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection.md @@ -26,7 +26,7 @@ You can use catalog files to easily add a signature to an existing application w > [!NOTE] > Since catalogs identify the files they sign by hash, any change to the file may invalidate its signature. You will need to deploy updated catalog signatures any time the application is updated. Integrating code signing with your app development or app deployment processes is generally the best approach. Be aware of self-updating apps, as their app binaries may change without your knowledge. -To learn how to create and manage catalog files for existing apps, see [Deploy catalog files to support Windows Defender Application Control](deploy-catalog-files-to-support-wdac.md). +To learn how to create and manage catalog files for existing apps, see [Deploy catalog files to support Windows Defender Application Control](deploy-catalog-files-to-support-appcontrol.md). ## Signed WDAC policies @@ -40,4 +40,4 @@ Some ways to obtain code signing certificates for your own use, include: - Use Microsoft's [Trusted Signing service](/azure/trusted-signing/). - Purchase a code signing certificate from one of the [Microsoft Trusted Root Program participants](/security/trusted-root/participants-list). -- To use your own digital certificate or public key infrastructure (PKI) to issue code signing certificates, see [Optional: Create a code signing certificate for Windows Defender Application Control](create-code-signing-cert-for-wdac.md). \ No newline at end of file +- To use your own digital certificate or public key infrastructure (PKI) to issue code signing certificates, see [Optional: Create a code signing certificate for Windows Defender Application Control](create-code-signing-cert-for-appcontrol.md). diff --git a/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering.md b/windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md similarity index 95% rename from windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering.md rename to windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md index a7f4170ab2..d99250c1bf 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md @@ -38,7 +38,7 @@ Before you attempt to deploy a signed policy, you should first deploy an unsigne ``` > [!NOTE] - > This example uses an enforced version of the WDAC policy that you created in [Create a Windows Defender Application Control policy from a reference computer](../design/create-wdac-policy-using-reference-computer.md) article. If you sign another policy, be sure to update the **$PolicyPath** and **$PolicyName** variables with the correct information. + > This example uses an enforced version of the WDAC policy that you created in [Create a Windows Defender Application Control policy from a reference computer](../design/create-appcontrol-policy-using-reference-computer.md) article. If you sign another policy, be sure to update the **$PolicyPath** and **$PolicyName** variables with the correct information. 2. Navigate to your desktop as the working directory: @@ -58,7 +58,7 @@ Before you attempt to deploy a signed policy, you should first deploy an unsigne ``` > [!IMPORTANT] - > Failing to perform this step will leave you unable to modify or disable this policy and will lead to boot failure. For more information about how to disable signed policies causing boot failure, see [Remove Windows Defender Application Control policies causing boot stop failures](disable-wdac-policies.md#remove-wdac-policies-causing-boot-stop-failures). + > Failing to perform this step will leave you unable to modify or disable this policy and will lead to boot failure. For more information about how to disable signed policies causing boot failure, see [Remove Windows Defender Application Control policies causing boot stop failures](disable-appcontrol-policies.md#remove-wdac-policies-causing-boot-stop-failures). 4. Use [Set-RuleOption](/powershell/module/configci/set-ruleoption) to remove the unsigned policy rule option: @@ -88,7 +88,7 @@ Before you attempt to deploy a signed policy, you should first deploy an unsigne If you purchased a code signing certificate or issued one from your own PKI, you can use [SignTool.exe](/windows/win32/seccrypto/signtool) to sign your WDAC policy files: -1. Import the .pfx code signing certificate into the user's personal store on the computer where the signing will happen. In this example, you use the certificate that was created in [Optional: Create a code signing certificate for Windows Defender Application Control](create-code-signing-cert-for-wdac.md). +1. Import the .pfx code signing certificate into the user's personal store on the computer where the signing will happen. In this example, you use the certificate that was created in [Optional: Create a code signing certificate for Windows Defender Application Control](create-code-signing-cert-for-appcontrol.md). 2. Sign the WDAC policy by using SignTool.exe: diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy.md rename to windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet.md rename to windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md similarity index 71% rename from windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide.md rename to windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md index 84a5e4839a..75f49b7218 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md @@ -28,10 +28,10 @@ Once these business factors are in place, you're ready to begin planning your Wi | Topic | Description | | - | - | -| [Plan for WDAC policy management](plan-wdac-management.md) | This topic describes the decisions you need to make to establish the processes for managing and maintaining WDAC policies. | -| [Understand WDAC policy design decisions](understand-wdac-policy-design-decisions.md) | This topic lists the design questions, possible answers, and ramifications of the decisions, when you plan a deployment of application control policies. | +| [Plan for WDAC policy management](plan-appcontrol-management.md) | This topic describes the decisions you need to make to establish the processes for managing and maintaining WDAC policies. | +| [Understand WDAC policy design decisions](understand-appcontrol-policy-design-decisions.md) | This topic lists the design questions, possible answers, and ramifications of the decisions, when you plan a deployment of application control policies. | | [Understand WDAC policy rules and file rules](select-types-of-rules-to-create.md) | This topic lists resources you can use when selecting your application control policy rules by using WDAC. | -| [Policy creation for common WDAC usage scenarios](common-wdac-use-cases.md) | This set of topics outlines common use case scenarios, and helps you begin to develop a plan for deploying WDAC in your organization. | -| [Policy creation using the WDAC Wizard tool](wdac-wizard.md) | This set of topics describes how to use the WDAC Wizard desktop app to easily create, edit, and merge WDAC policies. | +| [Policy creation for common WDAC usage scenarios](common-appcontrol-use-cases.md) | This set of topics outlines common use case scenarios, and helps you begin to develop a plan for deploying WDAC in your organization. | +| [Policy creation using the WDAC Wizard tool](appcontrol-wizard.md) | This set of topics describes how to use the WDAC Wizard desktop app to easily create, edit, and merge WDAC policies. | -After planning is complete, the next step is to deploy WDAC. The [Windows Defender Application Control Deployment Guide](../deployment/wdac-deployment-guide.md) covers creating and testing policies, deploying the enforcement setting, and managing and maintaining policies. +After planning is complete, the next step is to deploy WDAC. The [Windows Defender Application Control Deployment Guide](../deployment/appcontrol-deployment-guide.md) covers creating and testing policies, deploying the enforcement setting, and managing and maintaining policies. diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md similarity index 93% rename from windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy.md rename to windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md index 38dd2726e4..293fef697f 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md @@ -11,7 +11,7 @@ ms.date: 06/07/2023 > [!NOTE] > Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). -When creating policies for use with Windows Defender Application Control (WDAC), it's recommended to start with a template policy, and then add or remove rules to suit your application control scenario. For this reason, the WDAC Wizard offers three template policies to start from and customize during the base policy creation workflow. Prerequisite information about application control can be accessed through the [WDAC design guide](wdac-design-guide.md). This page outlines the steps to create a new application control policy from a template, configure the policy options, and the signer and file rules. +When creating policies for use with Windows Defender Application Control (WDAC), it's recommended to start with a template policy, and then add or remove rules to suit your application control scenario. For this reason, the WDAC Wizard offers three template policies to start from and customize during the base policy creation workflow. Prerequisite information about application control can be accessed through the [WDAC design guide](appcontrol-design-guide.md). This page outlines the steps to create a new application control policy from a template, configure the policy options, and the signer and file rules. ## Template Base Policies @@ -21,13 +21,13 @@ Each of the template policies has a unique set of policy allowlist rules that af |---------------------------------|-------------------------------------------------------------------| | **Default Windows Mode** | Default Windows mode authorizes the following components:
| | **Allow Microsoft Mode** | Allow mode authorizes the following components:
| -| **Signed and Reputable Mode** | Signed and Reputable mode authorizes the following components:
| +| **Signed and Reputable Mode** | Signed and Reputable mode authorizes the following components:
| *Italicized content denotes the changes in the current policy with respect to the policy prior.* -More information about the Default Windows Mode and Allow Microsoft Mode policies can be accessed through the [Example Windows Defender Application Control base policies article](example-wdac-base-policies.md). +More information about the Default Windows Mode and Allow Microsoft Mode policies can be accessed through the [Example Windows Defender Application Control base policies article](example-appcontrol-base-policies.md). -![Selecting a base template for the policy.](../images/wdac-wizard-template-selection.png) +![Selecting a base template for the policy.](../images/appcontrol-wizard-template-selection.png) Once the base template is selected, give the policy a name and choose where to save the application control policy on disk. @@ -53,7 +53,7 @@ The following table has a description of each policy rule, beginning with the le | **User Mode Code Integrity** | Windows Defender Application Control policies restrict both kernel-mode and user-mode binaries. By default, only kernel-mode binaries are restricted. Enabling this rule option validates user mode executables and scripts. | > [!div class="mx-imgBorder"] -> ![Rule options UI for Windows Allowed mode policy.](../images/wdac-wizard-rule-options-UI-advanced-collapsed.png) +> ![Rule options UI for Windows Allowed mode policy.](../images/appcontrol-wizard-rule-options-UI-advanced-collapsed.png) ### Advanced Policy Rules Description @@ -68,7 +68,7 @@ Selecting the **+ Advanced Options** label shows another column of policy rules, | **Invalidate EAs on Reboot** | When the Intelligent Security Graph option (14) is used, WDAC sets an extended file attribute that indicates that the file was authorized to run. This option causes WDAC to periodically revalidate the reputation for files authorized by the ISG.| | **Require EV Signers** | This option isn't currently supported. | -![Rule options UI for Windows Allowed mode.](../images/wdac-wizard-rule-options-UI.png) +![Rule options UI for Windows Allowed mode.](../images/appcontrol-wizard-rule-options-UI.png) > [!NOTE] > We recommend that you **enable Audit Mode** initially because it allows you to test new Windows Defender Application Control policies before you enforce them. With audit mode, no application is blocked-instead the policy logs an event whenever an application outside the policy is started. For this reason, all templates have Audit Mode enabled by default. @@ -88,7 +88,7 @@ The Publisher file rule type uses properties in the code signing certificate cha | **File version** | SignedVersion | This rule is a combination of PCACertificate, publisher, and a version number. Anything from the specified publisher with a version at or above the one specified is affected. | | **File name** | FilePublisher | Most specific. Combination of the file name, publisher, and PCA certificate and a minimum version number. Files from the publisher with the specified name and greater or equal to the specified version are affected. | -![Custom filepublisher file rule creation.](../images/wdac-wizard-custom-publisher-rule.png) +![Custom filepublisher file rule creation.](../images/appcontrol-wizard-custom-publisher-rule.png) ### Filepath Rules @@ -106,7 +106,7 @@ The Wizard supports the creation of [file name rules](select-types-of-rules-to-c | **Internal name** | Specifies the internal name of the binary. | > [!div class="mx-imgBorder"] -> ![Custom file attributes rule.](../images/wdac-wizard-custom-file-attribute-rule.png) +> ![Custom file attributes rule.](../images/appcontrol-wizard-custom-file-attribute-rule.png) ### File Hash Rules @@ -118,4 +118,4 @@ The policy signing rules list table on the left of the page documents the allow ## Up next -- [Editing a Windows Defender Application Control (WDAC) policy using the Wizard](wdac-wizard-editing-policy.md) +- [Editing a Windows Defender Application Control (WDAC) policy using the Wizard](appcontrol-wizard-editing-policy.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md similarity index 85% rename from windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy.md rename to windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md index 2d1d9a8c91..83b7294bde 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md @@ -11,23 +11,23 @@ ms.date: 06/07/2023 > [!NOTE] > Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). -Beginning in Windows 10 version 1903, Windows Defender Application Control (WDAC) supports the creation of multiple active policies on a device. One or more supplemental policies allow customers to expand a [WDAC base policy](wdac-wizard-create-base-policy.md) to increase the circle of trust of the policy. A supplemental policy can expand only one base policy, but multiple supplementals can expand the same base policy. When supplemental policies are used, applications allowed by the base or any of its supplemental policies are allowed to run. +Beginning in Windows 10 version 1903, Windows Defender Application Control (WDAC) supports the creation of multiple active policies on a device. One or more supplemental policies allow customers to expand a [WDAC base policy](appcontrol-wizard-create-base-policy.md) to increase the circle of trust of the policy. A supplemental policy can expand only one base policy, but multiple supplementals can expand the same base policy. When supplemental policies are used, applications allowed by the base or any of its supplemental policies are allowed to run. -Prerequisite information about application control can be accessed through the [WDAC design guide](wdac-design-guide.md). This page outlines the steps to create a supplemental application control policy, configure the policy options, and the signer and file rules. +Prerequisite information about application control can be accessed through the [WDAC design guide](appcontrol-design-guide.md). This page outlines the steps to create a supplemental application control policy, configure the policy options, and the signer and file rules. ## Expanding a Base Policy Once the Supplemental Policy type is chosen on the New Policy page, policy name and file dialog fields can be used to name and save the supplemental policy. The next step requires selecting a base policy to expand. To expand a base policy, the base must allow supplemental policies. The WDAC Wizard verifies if the base policy allows supplementals and shows the following confirmation. -![Base policy allows supplemental policies.](../images/wdac-wizard-supplemental-expandable.png) +![Base policy allows supplemental policies.](../images/appcontrol-wizard-supplemental-expandable.png) If the base policy isn't configured for supplemental policies, the Wizard attempts to convert the policy to one that can be supplemented. Once successful, the Wizard shows a dialog demonstrating that the addition of the Allow Supplemental Policy rule was completed. -![Wizard confirms modification of base policy.](../images/wdac-wizard-confirm-base-policy-modification.png) +![Wizard confirms modification of base policy.](../images/appcontrol-wizard-confirm-base-policy-modification.png) -Policies that can't be supplemented, for instance another supplemental policy, are detected by the Wizard and show the following error. Only a base policy can be supplemented. More information on supplemental policies can be found on our [Multiple Policies article](deploy-multiple-wdac-policies.md). +Policies that can't be supplemented, for instance another supplemental policy, are detected by the Wizard and show the following error. Only a base policy can be supplemented. More information on supplemental policies can be found on our [Multiple Policies article](deploy-multiple-appcontrol-policies.md). -![Wizard detects a bad base policy.](../images/wdac-wizard-supplemental-not-base.png) +![Wizard detects a bad base policy.](../images/appcontrol-wizard-supplemental-not-base.png) ## Configuring Policy Rules @@ -45,7 +45,7 @@ Supplemental policies can only configure three policy rules. The following table | **Managed Installer** | Use this option to automatically allow applications installed by a software distribution solution, such as Microsoft Configuration Manager, that has been defined as a managed installer. | | **Disable Runtime FilePath Rule Protection** | This option disables the default runtime check that only allows FilePath rules for paths that are only writable by an administrator. | -![Rule options UI for Windows Allowed mode.](../images/wdac-wizard-supplemental-policy-rule-options-UI.png) +![Rule options UI for Windows Allowed mode.](../images/appcontrol-wizard-supplemental-policy-rule-options-UI.png) ## Creating custom file rules @@ -62,7 +62,7 @@ The Publisher file rule type uses properties in the code signing certificate cha | **File version** | SignedVersion | This rule is a combination of the PCACertificate and Publisher rule, and a version number. Anything from the specified publisher with a version at or above the one specified is affected. | | **File name** | FilePublisher | Most specific. Combination of the file name, publisher, and PCA certificate and a minimum version number. Files from the publisher with the specified name and greater or equal to the specified version are affected. | -![Custom filepublisher file rule creation.](../images/wdac-wizard-custom-publisher-rule.png) +![Custom filepublisher file rule creation.](../images/appcontrol-wizard-custom-publisher-rule.png) ### Filepath Rules @@ -79,7 +79,7 @@ The Wizard supports the creation of [file name rules](select-types-of-rules-to-c | **Product name** | Specifies the name of the product with which the binary ships. | | **Internal name** | Specifies the internal name of the binary. | -![Custom file attributes rule.](../images/wdac-wizard-custom-file-attribute-rule.png) +![Custom file attributes rule.](../images/appcontrol-wizard-custom-file-attribute-rule.png) ### File Hash Rules @@ -91,4 +91,4 @@ The table on the left of the page documents the allow and deny rules in the temp ## Up next -- [Editing a Windows Defender Application Control (WDAC) policy using the Wizard](wdac-wizard-editing-policy.md) +- [Editing a Windows Defender Application Control (WDAC) policy using the Wizard](appcontrol-wizard-editing-policy.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md similarity index 92% rename from windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy.md rename to windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md index 95692365fc..214abcaf2e 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md @@ -22,7 +22,7 @@ The Windows Defender Application Control Wizard makes editing and viewing WDAC p The `Policy Rules` page will load with the in-edit policy rules configured per the set rules. Selecting the `+ Advanced Options` button will reveal the advanced policy rule options panel. This grouping of rules contains other policy rule options that are less common to most users. To edit any of the rules, flip the corresponding policy rule state. For instance, to disable Audit Mode and enable Enforcement Mode in the figure below, the button beside the `Audit Mode` label needs only to be pressed. Once the policy rules are configured, select the Next button to continue the next stage of editing: [Adding File Rules](#adding-file-rules). -![Configuring the policy rules.](../images/wdac-wizard-edit-policy-rules.png) +![Configuring the policy rules.](../images/appcontrol-wizard-edit-policy-rules.png) A description of the policy rule is shown at the bottom of the page when the cursor is placed over the rule title. For a complete list of the policy rules and their capabilities, see the [Windows Defender Application Control policy rules table](select-types-of-rules-to-create.md#windows-defender-application-control-policy-rules). @@ -30,13 +30,13 @@ A description of the policy rule is shown at the bottom of the page when the cur The Windows Defender Application Control Wizard allows users to add rules to their existing policy seamlessly. Previously, this rule-adding task would have involved creating a new policy with the new rules and merging it with the existing policy. -Selecting the `+ Custom Rules` button will open the Custom Rules panel. For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](wdac-wizard-create-base-policy.md#creating-custom-file-rules). +Selecting the `+ Custom Rules` button will open the Custom Rules panel. For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](appcontrol-wizard-create-base-policy.md#creating-custom-file-rules). ## Removing File Rules The WDAC Wizard makes deleting file rules from an existing policy quick and easy. To remove any type of file rule: publisher rule, path rule, filename rule, or a hash rule, select the rule in the `Policy Signing Rules List` table on the left-hand side of the page. Selecting the rule will highlight the entire row. Once the row is highlighted, select the remove icon underneath the table. The Wizard will prompt for user confirmation before removing the file rule. Once removed, the rule will no longer appear in the policy or the table. -![Removing file rule from policy during edit.](../images/wdac-wizard-edit-remove-file-rule.png) +![Removing file rule from policy during edit.](../images/appcontrol-wizard-edit-remove-file-rule.png) **Note:** removing a publisher rule will also remove the associated File Attribute rules. For instance, in the xml block below, removing ID_SIGNER_CONTOSO_PUBLISHER would also remove the rules ID_FILEATTRIB_LOB_APP_1 and ID_FILEATTRIB_LOB_APP_2. @@ -56,4 +56,4 @@ Once the policy is created, the new policy will be written to the same path as t ## Up next -- [Merging Windows Defender Application Control (WDAC) policies using the Wizard](wdac-wizard-merging-policies.md) +- [Merging Windows Defender Application Control (WDAC) policies using the Wizard](appcontrol-wizard-merging-policies.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md similarity index 92% rename from windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies.md rename to windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md index 2db7264ca4..ed2a734141 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md @@ -13,8 +13,8 @@ Beginning in Windows 10 version 1903, Windows Defender Application Control (WDAC Select the policies you wish to merge into one policy using the `+ Add Policy` button under the table. Once added, policies will be enumerated within the table. To remove a policy from the table, if accidentally added, highlight the policy row and select the `- Remove Policy` button. Confirmation will be required before the policy is withdrawn from the table. > [!NOTE] -> The policy type and ID of the final output policy will be determined based on the type and ID of the **first policy** in the policy list table. For instance, if a legacy policy format policy and a multi-policy format policy are merged together, the output format of the policy will be whichever policy is specified first in the table. For more information on policy formats, visit the [Multiple Windows Defender Application Control (WDAC) Policies page](deploy-multiple-wdac-policies.md). +> The policy type and ID of the final output policy will be determined based on the type and ID of the **first policy** in the policy list table. For instance, if a legacy policy format policy and a multi-policy format policy are merged together, the output format of the policy will be whichever policy is specified first in the table. For more information on policy formats, visit the [Multiple Windows Defender Application Control (WDAC) Policies page](deploy-multiple-appcontrol-policies.md). Lastly, select a filepath save location for the final merged policy using the `Browse` button. If a minimum of two policies are selected, and the save location is specified, select the `Next` button to build the policy. -![Merging WDAC policies into a final WDAC policy.](../images/wdac-wizard-merge.png) +![Merging WDAC policies into a final WDAC policy.](../images/appcontrol-wizard-merge.png) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md similarity index 89% rename from windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md rename to windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md index 5fb5ff24d3..bbdda00d86 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md @@ -28,7 +28,7 @@ To create rules from the WDAC event logs on the system: The Wizard parses the relevant audit and block events from the CodeIntegrity (WDAC) Operational and AppLocker MSI and Script logs. You see a notification when the Wizard successfully finishes reading the events. > [!div class="mx-imgBorder"] - > [![Parse WDAC and AppLocker event log system events](../images/wdac-wizard-event-log-system.png)](../images/wdac-wizard-event-log-system-expanded.png) + > [![Parse WDAC and AppLocker event log system events](../images/appcontrol-wizard-event-log-system.png)](../images/appcontrol-wizard-event-log-system-expanded.png) 4. Select the Next button to view the audit and block events and create rules. 5. [Generate rules from the events](#creating-policy-rules-from-the-events). @@ -45,7 +45,7 @@ To create rules from the WDAC `.EVTX` event logs files on the system: The Wizard parses the relevant audit and block events from the selected log files. You see a notification when the Wizard successfully finishes reading the events. > [!div class="mx-imgBorder"] - > [![Parse evtx file WDAC events](../images/wdac-wizard-event-log-files.png)](../images/wdac-wizard-event-log-files-expanded.png) + > [![Parse evtx file WDAC events](../images/appcontrol-wizard-event-log-files.png)](../images/appcontrol-wizard-event-log-files-expanded.png) 5. Select the Next button to view the audit and block events and create rules. 6. [Generate rules from the events](#creating-policy-rules-from-the-events). @@ -82,7 +82,7 @@ To create rules from the WDAC events in [MDE Advanced Hunting](../operations/que 2. Export the WDAC event results by selecting the **Export** button in the results view. > [!div class="mx-imgBorder"] - > [![Export the MDE Advanced Hunting results to CSV](../images/wdac-wizard-event-log-mde-ah-export.png)](../images/wdac-wizard-event-log-mde-ah-export-expanded.png) + > [![Export the MDE Advanced Hunting results to CSV](../images/appcontrol-wizard-event-log-mde-ah-export.png)](../images/appcontrol-wizard-event-log-mde-ah-export-expanded.png) 3. Select **Policy Editor** from the main page. 4. Select **Convert Event Log to a WDAC Policy**. @@ -92,7 +92,7 @@ To create rules from the WDAC events in [MDE Advanced Hunting](../operations/que The Wizard will parse the relevant audit and block events from the selected Advanced Hunting log files. You see a notification when the Wizard successfully finishes reading the events. > [!div class="mx-imgBorder"] - > [![Parse the Advanced Hunting CSV WDAC event files](../images/wdac-wizard-event-log-mde-ah-parsing.png)](../images/wdac-wizard-event-log-mde-ah-parsing-expanded.png) + > [![Parse the Advanced Hunting CSV WDAC event files](../images/appcontrol-wizard-event-log-mde-ah-parsing.png)](../images/appcontrol-wizard-event-log-mde-ah-parsing-expanded.png) 7. Select the Next button to view the audit and block events and create rules. 8. [Generate rules from the events](#creating-policy-rules-from-the-events). @@ -109,7 +109,7 @@ To create a rule and add it to the WDAC policy: 4. Select the **Add Allow Rule** button to add the configured rule to the policy generated by the Wizard. The "Added to policy" label is shown in the selected row confirming that the rule will be generated. > [!div class="mx-imgBorder"] - > [![Adding a publisher rule to the WDAC policy](../images/wdac-wizard-event-rule-creation.png)](../images/wdac-wizard-event-rule-creation-expanded.png) + > [![Adding a publisher rule to the WDAC policy](../images/appcontrol-wizard-event-rule-creation.png)](../images/appcontrol-wizard-event-rule-creation-expanded.png) 5. Select the **Next** button to output the policy. Once generated, the event log policy should be merged with your base or supplemental policies. @@ -118,4 +118,4 @@ To create a rule and add it to the WDAC policy: ## Up next -- [Merging Windows Defender Application Control (WDAC) policies using the Wizard](wdac-wizard-merging-policies.md) +- [Merging Windows Defender Application Control (WDAC) policies using the Wizard](appcontrol-wizard-merging-policies.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md similarity index 73% rename from windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard.md rename to windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md index 2f67ee3ad7..1468e8c87d 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md @@ -30,7 +30,7 @@ If neither requirement is satisfied, it throws an error as the cmdlets aren't av | Article | Description | | - | - | -| [Creating a new base policy](wdac-wizard-create-base-policy.md) | This article describes how to create a new base policy using one of the supplied policy templates. | -| [Creating a new supplemental policy](wdac-wizard-create-supplemental-policy.md) | This article describes the steps necessary to create a supplemental policy, from one of the supplied templates, for an existing base policy. | -| [Editing a base or supplemental policy](wdac-wizard-editing-policy.md) | This article demonstrates how to modify an existing policy and the tool's editing capabilities. | -| [Merging policies](wdac-wizard-merging-policies.md) | This article describes how to merge policies into a single application control policy. | +| [Creating a new base policy](appcontrol-wizard-create-base-policy.md) | This article describes how to create a new base policy using one of the supplied policy templates. | +| [Creating a new supplemental policy](appcontrol-wizard-create-supplemental-policy.md) | This article describes the steps necessary to create a supplemental policy, from one of the supplied templates, for an existing base policy. | +| [Editing a base or supplemental policy](appcontrol-wizard-editing-policy.md) | This article demonstrates how to modify an existing policy and the tool's editing capabilities. | +| [Merging policies](appcontrol-wizard-merging-policies.md) | This article describes how to merge policies into a single application control policy. | diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md similarity index 99% rename from windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md rename to windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md index 13ff7f41f2..06d8413204 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md @@ -1531,4 +1531,4 @@ The blocklist policy that follows includes "Allow all" rules for both kernel and ## More information -- [Merge WDAC policies](../deployment/merge-wdac-policies.md) +- [Merge WDAC policies](../deployment/merge-appcontrol-policies.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases.md b/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md similarity index 98% rename from windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases.md rename to windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md index 7f203efaf7..8ab01119a3 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md @@ -34,4 +34,4 @@ Recently, Lamna experienced a ransomware event that required an expensive recove ## Up next -- [Create a Windows Defender Application Control policy for lightly managed devices](create-wdac-policy-for-lightly-managed-devices.md) +- [Create a Windows Defender Application Control policy for lightly managed devices](create-appcontrol-policy-for-lightly-managed-devices.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md similarity index 99% rename from windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer.md rename to windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md index ff3b5d8fa8..87f332d446 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md @@ -212,7 +212,7 @@ Below are steps to create a WDAC policy that allows Windows to boot and enables Set-RuleOption -FilePath -Option 13 ``` -4. Deploy your WDAC policy. See [Deploying Windows Defender Application Control (WDAC) policies](../deployment/wdac-deployment-guide.md). +4. Deploy your WDAC policy. See [Deploying Windows Defender Application Control (WDAC) policies](../deployment/appcontrol-deployment-guide.md). > [!NOTE] > Your WDAC policy must include rules for all system/boot components, kernel drivers, and any other authorized applications that can't be deployed through a managed installer. @@ -223,4 +223,4 @@ To remove the Managed Installer feature from the device, you'll need to remove t ## Related articles -- [Managed installer and ISG technical reference and troubleshooting guide](../operations/configure-wdac-managed-installer.md) +- [Managed installer and ISG technical reference and troubleshooting guide](../operations/configure-appcontrol-managed-installer.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy.md similarity index 97% rename from windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy.md rename to windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy.md index 3e76a698d2..44f9310f69 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy.md @@ -50,7 +50,7 @@ Policy2 is our new deny policy, which blocks MaliciousApp.exe and also the Windo ## Mixed Allow and Deny policy considerations -If the set of deny rules is to be added into an existing policy that includes explicit allow rules, then don't include the preceding "Allow All" rules. Instead, the deny rules should be merged with the existing WDAC policy via the [WDAC Wizard](wdac-wizard-merging-policies.md) or using the following PowerShell command: +If the set of deny rules is to be added into an existing policy that includes explicit allow rules, then don't include the preceding "Allow All" rules. Instead, the deny rules should be merged with the existing WDAC policy via the [WDAC Wizard](appcontrol-wizard-merging-policies.md) or using the following PowerShell command: ```PowerShell $DenyPolicy = @@ -60,7 +60,7 @@ Merge-CIPolicy -PolicyPaths $ DenyPolicy, $ExistingPolicy -OutputFilePath $Exist ## Best Practices -1. **Test first in Audit mode** - as with all new policies, we recommend rolling out your new deny policy in Audit Mode and monitoring the [3076 audit block events](../operations/event-id-explanations.md) to ensure only the applications you intended to block are blocked. More information on monitoring block events via the Event Viewer logs and Advanced Hunting: [Managing and troubleshooting Windows Defender Application Control policies](../operations/wdac-operational-guide.md) +1. **Test first in Audit mode** - as with all new policies, we recommend rolling out your new deny policy in Audit Mode and monitoring the [3076 audit block events](../operations/event-id-explanations.md) to ensure only the applications you intended to block are blocked. More information on monitoring block events via the Event Viewer logs and Advanced Hunting: [Managing and troubleshooting Windows Defender Application Control policies](../operations/appcontrol-operational-guide.md) 2. **Recommended Deny Rules Types** - signer and file attribute rules are recommended from a security, manageability, and performance perspective. Hash rules should only be used if necessary. Since the hash of a file changes with any change to the file, it's hard to keep up with a hash-based block policy where the attacker can trivially update the file. While WDAC has optimized parsing of hash rules, some devices may see performance impacts at runtime evaluation if policies have tens of thousands or more hash rules. diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md similarity index 88% rename from windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices.md rename to windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md index 76720b9535..9a351a6af1 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md @@ -11,12 +11,12 @@ ms.date: 11/07/2022 >[!NOTE] >Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). -This section outlines the process to create a Windows Defender Application Control (WDAC) policy for **fully managed devices** within an organization. The key difference between this scenario and [lightly managed devices](create-wdac-policy-for-lightly-managed-devices.md) is that all software deployed to a fully managed device is managed by IT and users of the device can't install arbitrary apps. Ideally, all apps are deployed using a software distribution solution, such as Microsoft Intune. Additionally, users on fully managed devices should ideally run as standard user and only authorized IT pros have administrative access. +This section outlines the process to create a Windows Defender Application Control (WDAC) policy for **fully managed devices** within an organization. The key difference between this scenario and [lightly managed devices](create-appcontrol-policy-for-lightly-managed-devices.md) is that all software deployed to a fully managed device is managed by IT and users of the device can't install arbitrary apps. Ideally, all apps are deployed using a software distribution solution, such as Microsoft Intune. Additionally, users on fully managed devices should ideally run as standard user and only authorized IT pros have administrative access. > [!NOTE] > Some of the Windows Defender Application Control options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's WDAC policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs. -As described in [common Windows Defender Application Control deployment scenarios](common-wdac-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. +As described in [common Windows Defender Application Control deployment scenarios](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. **Alice Pena** is the IT team lead tasked with the rollout of WDAC. @@ -44,7 +44,7 @@ Based on the above, Alice defines the pseudo-rules for the policy: 2. **"ConfigMgr works"** rules that include signer and hash rules for Configuration Manager components to properly function. 3. **Allow Managed Installer** (Configuration Manager and *LamnaITInstaller.exe* configured as a managed installer) -The critical differences between this set of pseudo-rules and those pseudo-rules defined for Lamna's [lightly managed devices](create-wdac-policy-for-lightly-managed-devices.md#define-the-circle-of-trust-for-lightly-managed-devices) are: +The critical differences between this set of pseudo-rules and those pseudo-rules defined for Lamna's [lightly managed devices](create-appcontrol-policy-for-lightly-managed-devices.md#define-the-circle-of-trust-for-lightly-managed-devices) are: - Removal of the Intelligent Security Graph (ISG) option; and - Removal of filepath rules. @@ -56,7 +56,7 @@ Having defined the "circle-of-trust", Alice is ready to generate the initial pol Alice follows these steps to complete this task: > [!NOTE] -> If you do not use Configuration Manager or prefer to use a different [example Windows Defender Application Control base policy](example-wdac-base-policies.md) for your own policy, skip to step 2 and substitute the Configuration Manager policy path with your preferred example base policy. +> If you do not use Configuration Manager or prefer to use a different [example Windows Defender Application Control base policy](example-appcontrol-base-policies.md) for your own policy, skip to step 2 and substitute the Configuration Manager policy path with your preferred example base policy. 1. [Use Configuration Manager to create and deploy an audit policy](/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) to a client device running Windows 10 version 1903 or above, or Windows 11. @@ -145,5 +145,5 @@ Alice has defined a policy for Lamna's fully managed devices that makes some tra ## Up next -- [Create a Windows Defender Application Control policy for fixed-workload devices using a reference computer](create-wdac-policy-using-reference-computer.md) -- [Prepare to deploy Windows Defender Application Control policies](../deployment/wdac-deployment-guide.md) +- [Create a Windows Defender Application Control policy for fixed-workload devices using a reference computer](create-appcontrol-policy-using-reference-computer.md) +- [Prepare to deploy Windows Defender Application Control policies](../deployment/appcontrol-deployment-guide.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md similarity index 92% rename from windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices.md rename to windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md index d4b6d3f256..b3ca05904b 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md @@ -16,7 +16,7 @@ This section outlines the process to create a Windows Defender Application Contr > [!NOTE] > Some of the Windows Defender Application Control options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's WDAC policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs. -As in [Windows Defender Application Control deployment in different scenarios: types of devices](common-wdac-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. +As in [Windows Defender Application Control deployment in different scenarios: types of devices](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. **Alice Pena** is the IT team lead tasked with the rollout of WDAC. Lamna currently has loose application usage policies and a culture of maximum app flexibility for users. So, Alice knows she'll need to take an incremental approach to application control and use different policies for different workloads. @@ -61,7 +61,7 @@ Alice follows these steps to complete this task: 1. On a client device, run the following commands in an elevated Windows PowerShell session to initialize variables: > [!NOTE] - > If you prefer to use a different [example Windows Defender Application Control base policy](example-wdac-base-policies.md), substitute the example policy path with your preferred base policy in this step. + > If you prefer to use a different [example Windows Defender Application Control base policy](example-appcontrol-base-policies.md), substitute the example policy path with your preferred base policy in this step. ```powershell $PolicyPath = $env:userprofile+"\Desktop\" @@ -79,7 +79,7 @@ Alice follows these steps to complete this task: 1. Modify the policy to remove unsupported rule: > [!NOTE] - > `SmartAppControl.xml` is available on Windows 11 version 22H2 and later. This policy includes "Enabled:Conditional Windows Lockdown Policy" rule that is unsupported for enterprise WDAC policies and must be removed. For more information, see [WDAC and Smart App Control](../wdac.md#wdac-and-smart-app-control). If you are using an example policy other than `SmartAppControl.xml`, skip this step. + > `SmartAppControl.xml` is available on Windows 11 version 22H2 and later. This policy includes "Enabled:Conditional Windows Lockdown Policy" rule that is unsupported for enterprise WDAC policies and must be removed. For more information, see [WDAC and Smart App Control](../appcontrol.md#wdac-and-smart-app-control). If you are using an example policy other than `SmartAppControl.xml`, skip this step. ```powershell [xml]$xml = Get-Content $LamnaPolicy @@ -173,7 +173,7 @@ In order to minimize user productivity impact, Alice has defined a policy that m - **Intelligent Security Graph (ISG)** - See [security considerations with the Intelligent Security Graph](use-wdac-with-intelligent-security-graph.md#security-considerations-with-the-isg-option) + See [security considerations with the Intelligent Security Graph](use-appcontrol-with-intelligent-security-graph.md#security-considerations-with-the-isg-option) Possible mitigations: @@ -208,5 +208,5 @@ In order to minimize user productivity impact, Alice has defined a policy that m ## Up next -- [Create a Windows Defender Application Control policy for fully managed devices](create-wdac-policy-for-fully-managed-devices.md) -- [Prepare to deploy Windows Defender Application Control policies](../deployment/wdac-deployment-guide.md) +- [Create a Windows Defender Application Control policy for fully managed devices](create-appcontrol-policy-for-fully-managed-devices.md) +- [Prepare to deploy Windows Defender Application Control policies](../deployment/appcontrol-deployment-guide.md) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md similarity index 96% rename from windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer.md rename to windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md index 4b7a2f317b..afe2c9ef35 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md @@ -16,7 +16,7 @@ This section outlines the process to create a Windows Defender Application Contr > [!NOTE] > Some of the Windows Defender Application Control options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's WDAC policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs. -As described in [common Windows Defender Application Control deployment scenarios](common-wdac-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. +As described in [common Windows Defender Application Control deployment scenarios](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. **Alice Pena** is the IT team lead tasked with the rollout of WDAC. @@ -114,7 +114,7 @@ Alice previously created a policy for the organization's fully managed devices. Alice identifies the following key factors to arrive at the "circle-of-trust" for Lamna's fully managed in-use devices: -- Everything described for Lamna's [Fully Managed Devices](create-wdac-policy-for-fully-managed-devices.md); +- Everything described for Lamna's [Fully Managed Devices](create-appcontrol-policy-for-fully-managed-devices.md); - Users have installed apps that they need to continue to run. Based on the above, Alice defines the pseudo-rules for the policy: diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/deploy-multiple-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/design/deploy-multiple-wdac-policies.md rename to windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md similarity index 95% rename from windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies.md rename to windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md index e186ea2bb6..d0a5989c5f 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md @@ -21,7 +21,7 @@ When you create policies for use with Windows Defender Application Control (WDAC | **AllowAll_EnableHVCI.xml** | This example policy can be used to enable [memory integrity](https://support.microsoft.com/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78) (also known as hypervisor-protected code integrity) using WDAC. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\AllowAll_EnableHVCI.xml | | **DenyAllAudit.xml** | ***Warning: Will cause boot issues on Windows Server 2019 and earlier. Do not use on those operating systems.*** Only deploy this example policy in audit mode to track all binaries running on critical systems or to meet regulatory requirements. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\DenyAllAudit.xml | | **Microsoft Configuration Manager** | Customers who use Configuration Manager can deploy a policy with Configuration Manager's built-in WDAC integration, and then use the generated policy XML as an example base policy. | %OSDrive%\Windows\CCM\DeviceGuard on a managed endpoint | -| **SmartAppControl.xml** | This example policy includes rules based on [Smart App Control](https://support.microsoft.com/topic/what-is-smart-app-control-285ea03d-fa88-4d56-882e-6698afdb7003) that are well-suited for lightly managed systems. This policy includes a rule that is unsupported for enterprise WDAC policies and must be removed. For more information about using this example policy, see [Create a custom base policy using an example base policy](create-wdac-policy-for-lightly-managed-devices.md#create-a-custom-base-policy-using-an-example-wdac-base-policy). | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\SmartAppControl.xml
%ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\SignedReputable.xml | +| **SmartAppControl.xml** | This example policy includes rules based on [Smart App Control](https://support.microsoft.com/topic/what-is-smart-app-control-285ea03d-fa88-4d56-882e-6698afdb7003) that are well-suited for lightly managed systems. This policy includes a rule that is unsupported for enterprise WDAC policies and must be removed. For more information about using this example policy, see [Create a custom base policy using an example base policy](create-appcontrol-policy-for-lightly-managed-devices.md#create-a-custom-base-policy-using-an-example-wdac-base-policy). | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\SmartAppControl.xml
%ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\SignedReputable.xml | | **Example supplemental policy** | This example policy shows how to use supplemental policy to expand the DefaultWindows_Audit.xml allow a single Microsoft-signed file. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_Supplemental.xml | | **Microsoft Recommended Block List** | This policy includes a list of Windows and Microsoft-signed code that Microsoft recommends blocking when using WDAC, if possible. | [Microsoft recommended block rules](/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules)
%ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\Recommended_UserMode_Blocklist.xml | | **Microsoft recommended driver blocklist** | This policy includes rules to block known vulnerable or malicious kernel drivers. | [Microsoft recommended driver block rules](/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules)
%OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\RecommendedDriverBlock_Enforced.xml
%ProgramFiles%\WindowsApps\Microsoft.WDAC.WDACWizard*\Recommended_Driver_Blocklist.xml | diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac.md b/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md similarity index 97% rename from windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac.md rename to windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md index d136e3824b..3d4bd0b9c0 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md @@ -78,7 +78,7 @@ Use the following steps to create a WDAC PFN rule for an app that is installed o 7. Select **Create Rule**. 8. Create any other rules desired, then complete the Wizard. -![Create PFN rule from WDAC Wizard](../images/wdac-wizard-custom-pfn-rule.png) +![Create PFN rule from WDAC Wizard](../images/appcontrol-wizard-custom-pfn-rule.png) ##### Create a PFN rule using a custom string @@ -91,4 +91,4 @@ Use the following steps to create a PFN rule with a custom string value: 5. Select **Create Rule**. 6. Create any other rules desired, then complete the Wizard. -![Create PFN rule with custom string from WDAC Wizard](../images/wdac-wizard-custom-manual-pfn-rule.png) +![Create PFN rule with custom string from WDAC Wizard](../images/appcontrol-wizard-custom-manual-pfn-rule.png) diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md b/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md rename to windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management.md b/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md similarity index 93% rename from windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management.md rename to windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md index caebc2c6c3..369b3581c4 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md @@ -19,7 +19,7 @@ The first step in implementing application control is to consider how your polic Most Windows Defender Application Control policies will evolve over time and proceed through a set of identifiable phases during their lifetime. Typically, these phases include: -1. [Define (or refine) the "circle-of-trust"](understand-wdac-policy-design-decisions.md) for the policy and build an audit mode version of the policy XML. In audit mode, block events are generated but files aren't prevented from executing. +1. [Define (or refine) the "circle-of-trust"](understand-appcontrol-policy-design-decisions.md) for the policy and build an audit mode version of the policy XML. In audit mode, block events are generated but files aren't prevented from executing. 2. [Deploy the audit mode policy](/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies) to intended devices. 3. [Monitor audit block events](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations) from the intended devices and add/edit/delete rules as needed to address unexpected/unwanted blocks. 4. Repeat steps 2-3 until the remaining block events meet expectations. @@ -38,7 +38,7 @@ To effectively manage Windows Defender Application Control policies, you should Use the [Set-CIPolicyIDInfo](/powershell/module/configci/set-cipolicyidinfo) cmdlet to give each policy a descriptive name and set a unique policy ID. These unique attributes help you differentiate each policy when reviewing Windows Defender Application Control events or when viewing the policy XML document. Although you can specify a string value for PolicyId, for policies using the multiple policy format we recommend using the -ResetPolicyId switch to let the system autogenerate a unique ID for the policy. > [!NOTE] -> PolicyID only applies to policies using the [multiple policy format](deploy-multiple-wdac-policies.md) on computers running Windows 10, version 1903 and above, or Windows 11. Running -ResetPolicyId on a policy created for pre-1903 computers will convert it to multiple policy format and prevent it from running on those earlier versions of Windows 10. +> PolicyID only applies to policies using the [multiple policy format](deploy-multiple-appcontrol-policies.md) on computers running Windows 10, version 1903 and above, or Windows 11. Running -ResetPolicyId on a policy created for pre-1903 computers will convert it to multiple policy format and prevent it from running on those earlier versions of Windows 10. > PolicyID should be set only once per policy and use different PolicyID's for the audit and enforced mode versions of each policy. In addition, we recommend using the [Set-CIPolicyVersion](/powershell/module/configci/set-cipolicyversion) cmdlet to increment the policy's internal version number when you make changes to the policy. The version must be defined as a standard four-part version string (for example, "1.0.0.0"). diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement.md b/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement.md rename to windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create.md b/windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create.md similarity index 99% rename from windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create.md rename to windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create.md index ce2f7e2e2f..598c2f8e14 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create.md @@ -97,7 +97,7 @@ As part of normal operations, they'll eventually install software updates, or pe ## File rule precedence order -WDAC has a built-in file rule conflict logic that translates to precedence order. It first processes all explicit deny rules it finds. Then, it processes any explicit allow rules. If no deny or allow rule exists, WDAC checks for a [Managed Installer claim](../deployment/deploy-wdac-policies-with-memcm.md) if allowed by the policy. Lastly, WDAC falls back to the [ISG](use-wdac-with-intelligent-security-graph.md) if allowed by the policy. +WDAC has a built-in file rule conflict logic that translates to precedence order. It first processes all explicit deny rules it finds. Then, it processes any explicit allow rules. If no deny or allow rule exists, WDAC checks for a [Managed Installer claim](../deployment/deploy-appcontrol-policies-with-memcm.md) if allowed by the policy. Lastly, WDAC falls back to the [ISG](use-appcontrol-with-intelligent-security-graph.md) if allowed by the policy. > [!NOTE] > To make it easier to reason over your WDAC policies, we recommend maintaining separate ALLOW and DENY policies on Windows versions that support [multiple WDAC policies](/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies). diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions.md b/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md similarity index 88% rename from windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions.md rename to windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md index abaeda5f34..31876f2c5b 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md @@ -26,7 +26,7 @@ You should consider using Windows Defender Application Control as part of your o ## Decide what policies to create -Beginning with Windows 10, version 1903, Windows Defender Application Control allows [multiple simultaneous policies](deploy-multiple-wdac-policies.md) to be applied to each device. This concurrent application opens up many new use cases for organizations, but your policy management can easily become unwieldy without a well-thought-out plan for the number and types of policies to create. +Beginning with Windows 10, version 1903, Windows Defender Application Control allows [multiple simultaneous policies](deploy-multiple-appcontrol-policies.md) to be applied to each device. This concurrent application opens up many new use cases for organizations, but your policy management can easily become unwieldy without a well-thought-out plan for the number and types of policies to create. The first step is to define the desired "circle-of-trust" for your WDAC policies. By "circle-of-trust," we mean a description of the business intent of the policy expressed in natural language. This "circle-of-trust" definition will guide you as you create the actual policy rules for your policy XML. @@ -45,8 +45,8 @@ Organizations with well-defined, centrally managed app management and deployment | Possible answers | Design considerations| | - | - | | All apps are centrally managed and deployed using endpoint management tools like [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager). | Organizations that centrally manage all apps are best-suited for application control. Windows Defender Application Control options like [managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) can make it easy to authorize apps that are deployed by the organization's app distribution management solution. | -| Some apps are centrally managed and deployed, but teams can install other apps for their members. | [Supplemental policies](deploy-multiple-wdac-policies.md) can be used to allow team-specific exceptions to your core organization-wide Windows Defender Application Control policy. Alternatively, teams can use managed installers to install their team-specific apps, or admin-only file path rules can be used to allow apps installed by admin users. | -| Users and teams are free to download and install apps but the organization wants to restrict that right to prevalent and reputable apps only. | Windows Defender Application Control can integrate with Microsoft's [Intelligent Security Graph](use-wdac-with-intelligent-security-graph.md) (the same source of intelligence that powers Microsoft Defender Antivirus and Windows Defender SmartScreen) to allow only apps and binaries that have positive reputation. | +| Some apps are centrally managed and deployed, but teams can install other apps for their members. | [Supplemental policies](deploy-multiple-appcontrol-policies.md) can be used to allow team-specific exceptions to your core organization-wide Windows Defender Application Control policy. Alternatively, teams can use managed installers to install their team-specific apps, or admin-only file path rules can be used to allow apps installed by admin users. | +| Users and teams are free to download and install apps but the organization wants to restrict that right to prevalent and reputable apps only. | Windows Defender Application Control can integrate with Microsoft's [Intelligent Security Graph](use-appcontrol-with-intelligent-security-graph.md) (the same source of intelligence that powers Microsoft Defender Antivirus and Windows Defender SmartScreen) to allow only apps and binaries that have positive reputation. | | Users and teams are free to download and install apps without restriction. | Windows Defender Application Control policies can be deployed in audit mode to gain insight into the apps and binaries running in your organization without impacting user and team productivity.| ### Are internally developed line-of-business (LOB) apps and apps developed by third-party companies digitally signed? @@ -56,7 +56,7 @@ Traditional Win32 apps on Windows can run without being digitally signed. This p | Possible answers | Design considerations | | - | - | | All apps used in your organization must be signed. | Organizations that enforce [codesigning](../deployment/use-code-signing-for-better-control-and-protection.md) for all executable code are best-positioned to protect their Windows computers from malicious code execution. Windows Defender Application Control rules can be created to authorize apps and binaries from the organization's internal development teams and from trusted independent software vendors (ISV). | -| Apps used in your organization don't need to meet any codesigning requirements. | Organizations can [use built-in Windows tools](../deployment/deploy-catalog-files-to-support-wdac.md) to add organization-specific App Catalog signatures to existing apps as a part of the app deployment process, which can be used to authorize code execution. Solutions like Microsoft Intune offer multiple ways to distribute signed App Catalogs. | +| Apps used in your organization don't need to meet any codesigning requirements. | Organizations can [use built-in Windows tools](../deployment/deploy-catalog-files-to-support-appcontrol.md) to add organization-specific App Catalog signatures to existing apps as a part of the app deployment process, which can be used to authorize code execution. Solutions like Microsoft Intune offer multiple ways to distribute signed App Catalogs. | ### Are there specific groups in your organization that need customized application control policies? diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/understanding-wdac-policy-settings.md b/windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/design/understanding-wdac-policy-settings.md rename to windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md rename to windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph.md b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md similarity index 98% rename from windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph.md rename to windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md index 02cd2f93cd..555cbdcb32 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md @@ -94,4 +94,4 @@ Packaged apps aren't supported with the ISG and will need to be separately autho The ISG doesn't authorize kernel mode drivers. The WDAC policy must have rules that allow the necessary drivers to run. > [!NOTE] -> A rule that explicitly denies or allows a file will take precedence over that file's reputation data. Microsoft Intune's built-in WDAC support includes the option to trust apps with good reputation via the ISG, but it has no option to add explicit allow or deny rules. In most cases, customers using application control will need to deploy a custom WDAC policy (which can include the ISG option if desired) using [Intune's OMA-URI functionality](../deployment/deploy-wdac-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri). +> A rule that explicitly denies or allows a file will take precedence over that file's reputation data. Microsoft Intune's built-in WDAC support includes the option to trust apps with good reputation via the ISG, but it has no option to add explicit allow or deny rules. In most cases, customers using application control will need to deploy a custom WDAC policy (which can include the ISG option if desired) using [Intune's OMA-URI functionality](../deployment/deploy-appcontrol-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri). diff --git a/windows/security/application-security/application-control/windows-defender-application-control/feature-availability.md b/windows/security/application-security/application-control/app-control-for-business/feature-availability.md similarity index 85% rename from windows/security/application-security/application-control/windows-defender-application-control/feature-availability.md rename to windows/security/application-security/application-control/app-control-for-business/feature-availability.md index 264f3589f8..5e6d77e3a5 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/feature-availability.md +++ b/windows/security/application-security/application-control/app-control-for-business/feature-availability.md @@ -15,7 +15,7 @@ ms.topic: overview |-------------|------|-------------| | Platform support | Available on Windows 10, Windows 11, and Windows Server 2016 or later. | Available on Windows 8 or later. | | Edition availability | Available on Windows 10, Windows 11, and Windows Server 2016 or later.
WDAC PowerShell cmdlets aren't available on Home edition, but policies are effective on all editions. | Policies are supported on all editions Windows 10 version 2004 and newer with [KB 5024351](https://support.microsoft.com/help/5024351).

Windows versions older than version 2004, including Windows Server 2019:
  • Policies deployed through GP are only supported on Enterprise and Server editions.
  • Policies deployed through MDM are supported on all editions.
| -| Management solutions |
  • [Intune](deployment/deploy-wdac-policies-using-intune.md)
  • [Microsoft Configuration Manager](/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) (limited built-in policies or custom policy deployment via software distribution)
  • [Group policy](deployment/deploy-wdac-policies-using-group-policy.md)
  • [Script](/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script)
|
  • [Intune](/windows/client-management/mdm/applocker-csp) (custom policy deployment via OMA-URI only)
  • Configuration Manager (custom policy deployment via software distribution only)
  • [Group Policy](applocker/determine-group-policy-structure-and-rule-enforcement.md)
  • PowerShell
      • | +| Management solutions |
      • [Intune](deployment/deploy-appcontrol-policies-using-intune.md)
      • [Microsoft Configuration Manager](/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) (limited built-in policies or custom policy deployment via software distribution)
      • [Group policy](deployment/deploy-appcontrol-policies-using-group-policy.md)
      • [Script](/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script)
      |
      • [Intune](/windows/client-management/mdm/applocker-csp) (custom policy deployment via OMA-URI only)
      • Configuration Manager (custom policy deployment via software distribution only)
      • [Group Policy](applocker/determine-group-policy-structure-and-rule-enforcement.md)
      • PowerShell
          • | | Per-user and Per-user group rules | Not available (policies are device-wide). | Available on Windows 8+. | | Kernel mode policies | Available on Windows 10, Windows 11, and Windows Server 2016 or later. | Not available. | | [Rule option 11 - Disabled:Script Enforcement](/windows/security/threat-protection/windows-defender-application-control/design/script-enforcement) | Available on all versions of Windows 10 except 1607 LTSB, Windows 11, and Windows Server 2019 and above. **Disabled:Script Enforcement** isn't supported on **Windows Server 2016** or on **Windows 10 1607 LTSB** and shouldn't be used on those platforms. Doing so results in unexpected script enforcement behaviors. | MSI and Script rule collection is separately configurable. | diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-edit-gp.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-edit-gp.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-edit-gp.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-edit-gp.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-intune-custom-oma-uri.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-intune-custom-oma-uri.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-intune-custom-oma-uri.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-confirm-base-policy-modification.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-confirm-base-policy-modification.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-confirm-base-policy-modification.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-confirm-base-policy-modification.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-file-attribute-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-file-attribute-rule.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-file-attribute-rule.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-file-attribute-rule.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-manual-pfn-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-manual-pfn-rule.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-manual-pfn-rule.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-manual-pfn-rule.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-pfn-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-pfn-rule.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-pfn-rule.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-pfn-rule.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-publisher-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-publisher-rule.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-custom-publisher-rule.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-custom-publisher-rule.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-edit-policy-rules.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-edit-policy-rules.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-edit-policy-rules.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-edit-policy-rules.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-edit-remove-file-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-edit-remove-file-rule.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-edit-remove-file-rule.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-edit-remove-file-rule.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-files-expanded.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-files-expanded.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-files-expanded.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-files-expanded.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-files.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-files.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-files.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-files.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-export-expanded.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-export-expanded.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-export-expanded.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-export-expanded.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-export.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-export.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-export.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-export.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-parsing-expanded.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-parsing-expanded.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-parsing-expanded.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-parsing-expanded.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-parsing.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-parsing.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-mde-ah-parsing.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-mde-ah-parsing.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-system-expanded.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-system-expanded.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-system-expanded.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-system-expanded.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-system.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-system.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-log-system.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-log-system.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-rule-creation-expanded.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-rule-creation-expanded.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-rule-creation-expanded.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-rule-creation-expanded.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-rule-creation.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-rule-creation.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-event-rule-creation.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-event-rule-creation.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-merge.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-merge.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-merge.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-merge.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-rule-options-UI-advanced-collapsed.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-rule-options-UI-advanced-collapsed.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-rule-options-UI-advanced-collapsed.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-rule-options-UI-advanced-collapsed.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-rule-options-UI.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-rule-options-UI.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-rule-options-UI.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-rule-options-UI.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-expandable.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-expandable.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-expandable.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-expandable.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-not-base.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-not-base.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-not-base.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-not-base.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-policy-rule-options-UI.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-policy-rule-options-UI.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-supplemental-policy-rule-options-UI.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-supplemental-policy-rule-options-UI.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-template-selection.png b/windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-template-selection.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/wdac-wizard-template-selection.png rename to windows/security/application-security/application-control/app-control-for-business/images/appcontrol-wizard-template-selection.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/appid-wdac-wizard-1.png b/windows/security/application-security/application-control/app-control-for-business/images/appid-appcontrol-wizard-1.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/appid-wdac-wizard-1.png rename to windows/security/application-security/application-control/app-control-for-business/images/appid-appcontrol-wizard-1.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/appid-wdac-wizard-2.png b/windows/security/application-security/application-control/app-control-for-business/images/appid-appcontrol-wizard-2.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/appid-wdac-wizard-2.png rename to windows/security/application-security/application-control/app-control-for-business/images/appid-appcontrol-wizard-2.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-task-mgr.png b/windows/security/application-security/application-control/app-control-for-business/images/appid-pid-task-mgr.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-task-mgr.png rename to windows/security/application-security/application-control/app-control-for-business/images/appid-pid-task-mgr.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-windbg-token.png b/windows/security/application-security/application-control/app-control-for-business/images/appid-pid-windbg-token.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-windbg-token.png rename to windows/security/application-security/application-control/app-control-for-business/images/appid-pid-windbg-token.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-windbg.png b/windows/security/application-security/application-control/app-control-for-business/images/appid-pid-windbg.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/appid-pid-windbg.png rename to windows/security/application-security/application-control/app-control-for-business/images/appid-pid-windbg.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/bit-toggling-keyboard-icon.png b/windows/security/application-security/application-control/app-control-for-business/images/bit-toggling-keyboard-icon.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/bit-toggling-keyboard-icon.png rename to windows/security/application-security/application-control/app-control-for-business/images/bit-toggling-keyboard-icon.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/calculator-menu-icon.png b/windows/security/application-security/application-control/app-control-for-business/images/calculator-menu-icon.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/calculator-menu-icon.png rename to windows/security/application-security/application-control/app-control-for-business/images/calculator-menu-icon.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/calculator-with-hex-in-binary.png b/windows/security/application-security/application-control/app-control-for-business/images/calculator-with-hex-in-binary.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/calculator-with-hex-in-binary.png rename to windows/security/application-security/application-control/app-control-for-business/images/calculator-with-hex-in-binary.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig12-verifysigning.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig12-verifysigning.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig12-verifysigning.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig12-verifysigning.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig13-createnewgpo.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig13-createnewgpo.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig13-createnewgpo.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig13-createnewgpo.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig14-createnewfile.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig14-createnewfile.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig14-createnewfile.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig14-createnewfile.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig15-setnewfileprops.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig15-setnewfileprops.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig15-setnewfileprops.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig15-setnewfileprops.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig16-specifyinfo.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig16-specifyinfo.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig16-specifyinfo.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig16-specifyinfo.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig17-specifyinfo.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig17-specifyinfo.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig17-specifyinfo.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig17-specifyinfo.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig18-specifyux.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig18-specifyux.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig18-specifyux.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig18-specifyux.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig19-customsettings.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig19-customsettings.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig19-customsettings.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig19-customsettings.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig20-setsoftwareinv.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig20-setsoftwareinv.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig20-setsoftwareinv.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig20-setsoftwareinv.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig21-pathproperties.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig21-pathproperties.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig21-pathproperties.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig21-pathproperties.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig23-exceptionstocode.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig23-exceptionstocode.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig23-exceptionstocode.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig23-exceptionstocode.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig24-creategpo.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig24-creategpo.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig24-creategpo.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig24-creategpo.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig26-enablecode.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig26-enablecode.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig26-enablecode.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig26-enablecode.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig27-managecerttemp.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig27-managecerttemp.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig27-managecerttemp.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig27-managecerttemp.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig29-enableconstraints.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig29-enableconstraints.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig29-enableconstraints.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig29-enableconstraints.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig30-selectnewcert.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig30-selectnewcert.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig30-selectnewcert.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig30-selectnewcert.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig31-getmoreinfo.png b/windows/security/application-security/application-control/app-control-for-business/images/dg-fig31-getmoreinfo.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/dg-fig31-getmoreinfo.png rename to windows/security/application-security/application-control/app-control-for-business/images/dg-fig31-getmoreinfo.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/event-3077.png b/windows/security/application-security/application-control/app-control-for-business/images/event-3077.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/event-3077.png rename to windows/security/application-security/application-control/app-control-for-business/images/event-3077.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/event-3089.png b/windows/security/application-security/application-control/app-control-for-business/images/event-3089.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/event-3089.png rename to windows/security/application-security/application-control/app-control-for-business/images/event-3089.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/event-3099-options.png b/windows/security/application-security/application-control/app-control-for-business/images/event-3099-options.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/event-3099-options.png rename to windows/security/application-security/application-control/app-control-for-business/images/event-3099-options.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/hex-icon.png b/windows/security/application-security/application-control/app-control-for-business/images/hex-icon.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/hex-icon.png rename to windows/security/application-security/application-control/app-control-for-business/images/hex-icon.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/known-issue-appid-dll-rule-xml.png b/windows/security/application-security/application-control/app-control-for-business/images/known-issue-appid-dll-rule-xml.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/known-issue-appid-dll-rule-xml.png rename to windows/security/application-security/application-control/app-control-for-business/images/known-issue-appid-dll-rule-xml.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/known-issue-appid-dll-rule.png b/windows/security/application-security/application-control/app-control-for-business/images/known-issue-appid-dll-rule.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/known-issue-appid-dll-rule.png rename to windows/security/application-security/application-control/app-control-for-business/images/known-issue-appid-dll-rule.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-confirm-wdac-rule.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-confirm-appcontrol-rule.jpg similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-confirm-wdac-rule.jpg rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-confirm-appcontrol-rule.jpg diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-policy-2.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-policy-2.jpg similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-policy-2.jpg rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-policy-2.jpg diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-policy.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-policy.jpg similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-policy.jpg rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-policy.jpg diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule-2.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule-2.jpg similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule-2.jpg rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule-2.jpg diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule-3.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule-3.jpg similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule-3.jpg rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule-3.jpg diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule.jpg similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-create-wdac-rule.jpg rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-create-appcontrol-rule.jpg diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-2.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-2.jpg similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-2.jpg rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-2.jpg diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-3.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-3.jpg similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-3.jpg rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-3.jpg diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-4.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-4.jpg similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac-4.jpg rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol-4.jpg diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac.jpg b/windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol.jpg similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/memcm/memcm-deploy-wdac.jpg rename to windows/security/application-security/application-control/app-control-for-business/images/memcm/memcm-deploy-appcontrol.jpg diff --git a/windows/security/application-security/application-control/windows-defender-application-control/images/policyflow.png b/windows/security/application-security/application-control/app-control-for-business/images/policyflow.png similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/images/policyflow.png rename to windows/security/application-security/application-control/app-control-for-business/images/policyflow.png diff --git a/windows/security/application-security/application-control/windows-defender-application-control/index.yml b/windows/security/application-security/application-control/app-control-for-business/index.yml similarity index 69% rename from windows/security/application-security/application-control/windows-defender-application-control/index.yml rename to windows/security/application-security/application-control/app-control-for-business/index.yml index 04252abe74..5bf64100cc 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/index.yml +++ b/windows/security/application-security/application-control/app-control-for-business/index.yml @@ -19,9 +19,9 @@ landingContent: - linkListType: overview links: - text: What is Application Control? - url: wdac.md + url: appcontrol.md - text: What is Windows Defender Application Control (WDAC)? - url: wdac-and-applocker-overview.md + url: appcontrol-and-applocker-overview.md - text: What is AppLocker? url: applocker\applocker-overview.md - text: WDAC and AppLocker feature availability @@ -34,27 +34,27 @@ landingContent: - text: Using code signing to simplify application control url: deployment/use-code-signing-for-better-control-and-protection.md - text: Applications that can bypass WDAC and how to block them - url: design/applications-that-can-bypass-wdac.md + url: design/applications-that-can-bypass-appcontrol.md - text: Microsoft's Recommended Driver Blocklist url: design/microsoft-recommended-driver-block-rules.md - text: Example WDAC policies - url: design/example-wdac-base-policies.md + url: design/example-appcontrol-base-policies.md - text: Managing multiple policies - url: design/deploy-multiple-wdac-policies.md + url: design/deploy-multiple-appcontrol-policies.md - linkListType: how-to-guide links: - text: Create a WDAC policy for a lightly managed device - url: design/create-wdac-policy-for-lightly-managed-devices.md + url: design/create-appcontrol-policy-for-lightly-managed-devices.md - text: Create a WDAC policy for a fully managed device - url: design/create-wdac-policy-for-fully-managed-devices.md + url: design/create-appcontrol-policy-for-fully-managed-devices.md - text: Create a WDAC policy for a fixed-workload - url: design/create-wdac-policy-using-reference-computer.md + url: design/create-appcontrol-policy-using-reference-computer.md - text: Create a WDAC blocklist policy - url: design/create-wdac-deny-policy.md + url: design/create-appcontrol-deny-policy.md - text: Deploying catalog files for WDAC management - url: deployment/deploy-catalog-files-to-support-wdac.md + url: deployment/deploy-catalog-files-to-support-appcontrol.md - text: Using the WDAC Wizard - url: design/wdac-wizard.md + url: design/appcontrol-wizard.md #- linkListType: Tutorial (videos) # links: # - text: Using the WDAC Wizard @@ -69,49 +69,49 @@ landingContent: - text: Understanding policy and file rules url: design/select-types-of-rules-to-create.md - text: Understanding WDAC secure settings - url: design/understanding-wdac-policy-settings.md + url: design/understanding-appcontrol-policy-settings.md - linkListType: how-to-guide links: - text: Allow managed installer and configure managed installer rules url: design/configure-authorized-apps-deployed-with-a-managed-installer.md - text: Allow reputable apps with ISG - url: design/use-wdac-with-intelligent-security-graph.md + url: design/use-appcontrol-with-intelligent-security-graph.md - text: Managed MSIX and Appx Packaged Apps - url: design/manage-packaged-apps-with-wdac.md + url: design/manage-packaged-apps-with-appcontrol.md - text: Allow com object registration - url: design/allow-com-object-registration-in-wdac-policy.md + url: design/allow-com-object-registration-in-appcontrol-policy.md - text: Manage plug-ins, add-ins, and modules - url: design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules.md + url: design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md # Card - title: Learn how to deploy WDAC Policies linkLists: - linkListType: overview links: - text: Using signed policies to protect against tampering - url: deployment/use-signed-policies-to-protect-wdac-against-tampering.md + url: deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md - text: Audit mode policies - url: deployment/audit-wdac-policies.md + url: deployment/audit-appcontrol-policies.md - text: Enforcement mode policies - url: deployment/enforce-wdac-policies.md + url: deployment/enforce-appcontrol-policies.md - text: Disabling WDAC policies - url: deployment/disable-wdac-policies.md + url: deployment/disable-appcontrol-policies.md - linkListType: tutorial links: - text: Deployment with MDM - url: deployment/deploy-wdac-policies-using-intune.md + url: deployment/deploy-appcontrol-policies-using-intune.md - text: Deployment with Configuration Manager - url: deployment/deploy-wdac-policies-with-memcm.md + url: deployment/deploy-appcontrol-policies-with-memcm.md - text: Deployment with script and refresh policy - url: deployment/deploy-wdac-policies-with-script.md + url: deployment/deploy-appcontrol-policies-with-script.md - text: Deployment with group policy - url: deployment/deploy-wdac-policies-using-group-policy.md + url: deployment/deploy-appcontrol-policies-using-group-policy.md # Card - title: Learn how to troubleshoot and debug WDAC events linkLists: - linkListType: overview links: - text: Debugging and troubleshooting - url: operations/wdac-debugging-and-troubleshooting.md + url: operations/appcontrol-debugging-and-troubleshooting.md - text: Understanding event IDs url: operations/event-id-explanations.md - text: Understanding event Tags diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md similarity index 99% rename from windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md rename to windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md index dc6c98cb9b..6ae9a1a3fe 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md @@ -104,7 +104,7 @@ Sometimes, you may be able to supplement the information contained in the core W Having gathered the necessary diagnostic information from a device, you're ready to begin your analysis of the diagnostic data collected in the previous section. -1. Verify the set of WDAC policies that are active and enforced. Confirm that only those policies you expect to be active are currently active. Be aware of the [Windows inbox policies](inbox-wdac-policies.md) that may also be active. You can use either of these methods: +1. Verify the set of WDAC policies that are active and enforced. Confirm that only those policies you expect to be active are currently active. Be aware of the [Windows inbox policies](inbox-appcontrol-policies.md) that may also be active. You can use either of these methods: - Review the output from *CiTool.exe -lp*, if applicable, which was saved to the CIDiag output directory as CiToolOutput.json. See [use Microsoft Edge to view the formatted json file](/microsoft-edge/devtools-guide-chromium/json-viewer/json-viewer). - Review all [policy activation events](/windows/security/threat-protection/windows-defender-application-control/event-id-explanations#wdac-policy-activation-events) from the core WDAC event log found at **Applications and Services logs - Microsoft - Windows - CodeIntegrity - Operational**. Within the CIDiag output directory, this event log is called CIOperational.evtx. diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-operational-guide.md b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-operational-guide.md rename to windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/citool-commands.md b/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/operations/citool-commands.md rename to windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/configure-wdac-managed-installer.md b/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/operations/configure-wdac-managed-installer.md rename to windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations.md b/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md similarity index 99% rename from windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations.md rename to windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md index a100e1a2c0..6f332731a9 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md @@ -45,7 +45,7 @@ These events are found in the **AppLocker - MSI and Script** event log. |--------|-----------| | 8028 | This event indicates that a script host, such as PowerShell, queried Application Control about a file the script host was about to run. Since the policy was in audit mode, the script or MSI file should have run, but wouldn't have passed the WDAC policy if it was enforced. Some script hosts may have additional information in their logs. Note: Most third-party script hosts don't integrate with Application Control. Consider the risks from unverified scripts when choosing which script hosts you allow to run. | | 8029 | This event is the enforcement mode equivalent of event 8028. Note: While this event says that a script was blocked, the script hosts control the actual script enforcement behavior. The script host may allow the file to run with restrictions and not block the file outright. For example, PowerShell runs script not allowed by your WDAC policy in [Constrained Language Mode](/powershell/module/microsoft.powershell.core/about/about_language_modes). | -| 8036| COM object was blocked. To learn more about COM object authorization, see [Allow COM object registration in a Windows Defender Application Control policy](../design/allow-com-object-registration-in-wdac-policy.md). | +| 8036| COM object was blocked. To learn more about COM object authorization, see [Allow COM object registration in a Windows Defender Application Control policy](../design/allow-com-object-registration-in-appcontrol-policy.md). | | 8037 | This event indicates that a script host checked whether to allow a script to run, and the file passed the WDAC policy. | | 8038 | Signing information event correlated with either an 8028 or 8029 event. One 8038 event is generated for each signature of a script file. Contains the total number of signatures on a script file and an index as to which signature it is. Unsigned script files generate a single 8038 event with TotalSignatureCount 0. These events are correlated with 8028 and 8029 events and can be matched using the `Correlation ActivityID` found in the **System** portion of the event. | | 8039 | This event indicates that a packaged app (MSIX/AppX) was allowed to install or run because the WDAC policy is in audit mode. But, it would have been blocked if the policy was enforced. | diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/event-tag-explanations.md b/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/operations/event-tag-explanations.md rename to windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/inbox-wdac-policies.md b/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/operations/inbox-wdac-policies.md rename to windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues.md b/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md similarity index 99% rename from windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues.md rename to windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md index f33e99121c..9f7e0f0155 100644 --- a/windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md @@ -89,7 +89,7 @@ msiexec -i c:\temp\Windows10_Version_1511_ADMX.msi ### Slow boot and performance with custom policies -WDAC evaluates all processes that run, including inbox Windows processes. You can cause slower boot times, degraded performance, and possibly boot issues if your policies don't build upon the WDAC templates or don't trust the Windows signers. For these reasons, you should use the [WDAC base templates](../design/example-wdac-base-policies.md) whenever possible to create your policies. +WDAC evaluates all processes that run, including inbox Windows processes. You can cause slower boot times, degraded performance, and possibly boot issues if your policies don't build upon the WDAC templates or don't trust the Windows signers. For these reasons, you should use the [WDAC base templates](../design/example-appcontrol-base-policies.md) whenever possible to create your policies. #### AppId Tagging policy considerations diff --git a/windows/security/application-security/application-control/windows-defender-application-control/operations/querying-application-control-events-centrally-using-advanced-hunting.md b/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md similarity index 100% rename from windows/security/application-security/application-control/windows-defender-application-control/operations/querying-application-control-events-centrally-using-advanced-hunting.md rename to windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md diff --git a/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md b/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md index 239ddd052c..5038cdb7a5 100644 --- a/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md +++ b/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md @@ -38,6 +38,6 @@ WDAC has no specific hardware or software requirements. ## Related articles -- [Windows Defender Application Control](windows-defender-application-control/wdac.md) +- [Windows Defender Application Control](app-control-for-business/appcontrol.md) - [Memory integrity](../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) - [Driver compatibility with memory integrity](https://techcommunity.microsoft.com/t5/windows-hardware-certification/driver-compatibility-with-device-guard-in-windows-10/ba-p/364865) diff --git a/windows/security/application-security/application-control/toc.yml b/windows/security/application-security/application-control/toc.yml index f8b2ebf7a8..a84a5f19c5 100644 --- a/windows/security/application-security/application-control/toc.yml +++ b/windows/security/application-security/application-control/toc.yml @@ -1,8 +1,8 @@ items: - name: Smart App Control - href: windows-defender-application-control/wdac.md + href: app-control-for-business/appcontrol.md - name: Windows Defender Application Control - href: windows-defender-application-control/wdac.md + href: app-control-for-business/appcontrol.md - name: Windows Defender Application Control and virtualization-based protection of code integrity href: introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md - name: User Account Control (UAC) @@ -14,5 +14,4 @@ items: - name: UAC settings and configuration href: user-account-control/settings-and-configuration.md - name: Microsoft Vulnerable Driver Blocklist - href: windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md - + href: app-control-for-business/design/microsoft-recommended-driver-block-rules.md diff --git a/windows/security/operating-system-security/network-security/windows-firewall/rules.md b/windows/security/operating-system-security/network-security/windows-firewall/rules.md index 4729ae6e10..d668a98028 100644 --- a/windows/security/operating-system-security/network-security/windows-firewall/rules.md +++ b/windows/security/operating-system-security/network-security/windows-firewall/rules.md @@ -50,7 +50,7 @@ In either of these scenarios, once the rules are added, they must be deleted to Windows Firewall supports the use of Windows Defender Application Control (WDAC) Application ID (AppID) tags in firewall rules. With this capability, Windows Firewall rules can be scoped to an application or a group of applications by referencing process tags, without using absolute path or sacrificing security. There are two steps for this configuration: -1. Deploy *WDAC AppId tagging policies*: a Windows Defender Application Control policy must be deployed, which specifies individual applications or groups of applications to apply a *PolicyAppId tag* to the process token(s). Then, the admin can define firewall rules that are scoped to all processes tagged with the matching *PolicyAppId*. For more information, see the [WDAC AppId tagging guide](../../../application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide.md) to create, deploy, and test an AppID policy to tag applications. +1. Deploy *WDAC AppId tagging policies*: a Windows Defender Application Control policy must be deployed, which specifies individual applications or groups of applications to apply a *PolicyAppId tag* to the process token(s). Then, the admin can define firewall rules that are scoped to all processes tagged with the matching *PolicyAppId*. For more information, see the [WDAC AppId tagging guide](../../../application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md) to create, deploy, and test an AppID policy to tag applications. 1. Configure firewall rules using *PolicyAppId tags* using one of the two methods: - Using the [PolicyAppId node of the Firewall CSP](/windows/client-management/mdm/firewall-csp#mdmstorefirewallrulesfirewallrulenamepolicyappid) with an MDM solution like Microsoft Intune. If you use Microsoft Intune, you can deploy the rules from Microsoft Intune Admin center, under the path **Endpoint security** > **Firewall** > **Create policy** > **Windows 10, Windows 11, and Windows Server** > **Windows Firewall Rules**. When creating the rules, provide the *AppId tag* in the **Policy App ID** setting - Create local firewall rules with PowerShell: use the [`New-NetFirewallRule`](/powershell/module/netsecurity/new-netfirewallrule) cmdlet and specify the `-PolicyAppId` parameter. You can specify one tag at a time while creating firewall rules. Multiple User Ids are supported diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md index 564b83b498..dd250485d8 100644 --- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md +++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md @@ -386,7 +386,7 @@ Examples: Set-ProcessMitigation -Name notepad.exe -Enable SEHOP -Disable MandatoryASLR,DEPATL ``` -- **Convert Attack surface reduction (ASR) settings to a Code Integrity policy file**: If the input file contains any settings for EMET's Attack surface reduction (ASR) mitigation, the converter will also create a Code Integrity policy file. In this case, you can complete the merging, auditing, and deployment process for the Code Integrity policy. For more information, see [Deploying Windows Defender Application Control (WDAC) policies](../application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide.md). This completion will enable protections on Windows 10 equivalent to EMET's ASR protections. +- **Convert Attack surface reduction (ASR) settings to a Code Integrity policy file**: If the input file contains any settings for EMET's Attack surface reduction (ASR) mitigation, the converter will also create a Code Integrity policy file. In this case, you can complete the merging, auditing, and deployment process for the Code Integrity policy. For more information, see [Deploying Windows Defender Application Control (WDAC) policies](../application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md). This completion will enable protections on Windows 10 equivalent to EMET's ASR protections. - **Convert Certificate Trust settings to enterprise certificate pinning rules**: If you have an EMET "Certificate Trust" XML file (pinning rules file), you can also use ConvertTo-ProcessMitigationPolicy to convert the pinning rules file into an enterprise certificate pinning rules file. Then you can finish enabling that file as described in [Enterprise Certificate Pinning](/windows/access-protection/enterprise-certificate-pinning). For example: From b497abbc0d5222dfff7d8ccddea399d7b0a2c699 Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Tue, 10 Sep 2024 15:57:36 -0600 Subject: [PATCH 02/23] Add missing redirect --- .openpublishing.redirection.windows-security.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.openpublishing.redirection.windows-security.json b/.openpublishing.redirection.windows-security.json index bcbf7f307d..ad9e6e6bf0 100644 --- a/.openpublishing.redirection.windows-security.json +++ b/.openpublishing.redirection.windows-security.json @@ -400,6 +400,11 @@ "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker", "redirect_document_id": false }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create.md", + "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create", + "redirect_document_id": false + }, { "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md", "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy", From 66fe0945b45eedaebf300d2eff934af5675d1a31 Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Tue, 10 Sep 2024 17:16:45 -0600 Subject: [PATCH 03/23] Cleanup redirects --- ...blishing.redirection.windows-security.json | 2400 ----------------- 1 file changed, 2400 deletions(-) diff --git a/.openpublishing.redirection.windows-security.json b/.openpublishing.redirection.windows-security.json index ad9e6e6bf0..7a1c2827b5 100644 --- a/.openpublishing.redirection.windows-security.json +++ b/.openpublishing.redirection.windows-security.json @@ -145,11 +145,6 @@ "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions", "redirect_document_id": false }, - { - "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview", - "redirect_document_id": false - }, { "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference.md", "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference", @@ -490,11 +485,6 @@ "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies", "redirect_document_id": false }, - { - "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac", - "redirect_document_id": false - }, { "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md", "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets", @@ -505,11 +495,6 @@ "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker", "redirect_document_id": false }, - { - "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac", - "redirect_document_id": false - }, { "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker.md", "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker", @@ -655,11 +640,6 @@ "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol", "redirect_document_id": false }, - { - "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac", - "redirect_document_id": false - }, { "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md", "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules", @@ -830,81 +810,6 @@ "redirect_url": "/windows/security/operating-system-security/system-security/cryptography-certificate-mgmt", "redirect_document_id": false }, - { - "source_path": "windows/security/encryption-data-protection.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/index", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/encrypted-hard-drive.md", - "redirect_url": "/windows/security/information-protection/encrypted-hard-drive", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/how-hardware-based-containers-help-protect-windows.md", - "redirect_url": "/windows/security/identity-protection/how-hardware-based-containers-help-protect-windows", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/secure-the-windows-10-boot-process.md", - "redirect_url": "/windows/security/information-protection/secure-the-windows-10-boot-process", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md", - "redirect_url": "/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/change-the-tpm-owner-password.md", - "redirect_url": "/windows/security/information-protection/tpm/change-the-tpm-owner-password", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/how-windows-uses-the-tpm.md", - "redirect_url": "/windows/security/information-protection/tpm/how-windows-uses-the-tpm", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md", - "redirect_url": "/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/manage-tpm-commands.md", - "redirect_url": "/windows/security/information-protection/tpm/manage-tpm-commands", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/manage-tpm-lockout.md", - "redirect_url": "/windows/security/information-protection/tpm/manage-tpm-lockout", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md", - "redirect_url": "/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/tpm-fundamentals.md", - "redirect_url": "/windows/security/information-protection/tpm/tpm-fundamentals", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/tpm-recommendations.md", - "redirect_url": "/windows/security/information-protection/tpm/tpm-recommendations", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/trusted-platform-module-overview.md", - "redirect_url": "/windows/security/information-protection/tpm/trusted-platform-module-overview", - "redirect_document_id": false - }, - { - "source_path": "windows/security/hardware-protection/tpm/trusted-platform-module-services-group-policy-settings.md", - "redirect_url": "/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings", - "redirect_document_id": false - }, { "source_path": "windows/security/hardware-protection/tpm/trusted-platform-module-top-node.md", "redirect_url": "/windows/security/hardware-security/tpm/trusted-platform-module-overview", @@ -990,11 +895,6 @@ "redirect_url": "/windows/security/identity-protection/credential-guard/configure", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md", - "redirect_url": "/windows/security/identity-protection/credential-guard/credential-guard-protection-limits", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md", "redirect_url": "/windows/security/identity-protection/credential-guard/how-it-works", @@ -1015,11 +915,6 @@ "redirect_url": "/windows/security/identity-protection/credential-guard", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/credential-guard/dg-readiness-tool.md", - "redirect_url": "/windows/security/identity-protection/credential-guard/credential-guard", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/hello-for-business/deploy/cloud.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud-only", @@ -1065,11 +960,6 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/multifactor-unlock", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md", "redirect_url": "/windows-server/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services", @@ -1100,16 +990,6 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust", @@ -1190,21 +1070,6 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-new-install.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-validate-pki.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki", @@ -1220,36 +1085,11 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-ad.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-validate-pki", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-provision", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust-provision.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works#provisioning", @@ -1260,81 +1100,16 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-dirsync.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-provision.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-enroll", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-validate-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-pki", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-ad.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", - "redirect_document_id": false - }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-identity-verification.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/requirements", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs", @@ -1350,11 +1125,6 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md", - "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-mfa", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", @@ -1420,11 +1190,6 @@ "redirect_url": "/windows/security/windows/security/identity-protection/hello-for-business/webauthn-apis", "redirect_document_id": false }, - { - "source_path": "windows/security/identity-protection/how-hardware-based-containers-help-protect-windows.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/how-hardware-based-containers-help-protect-windows", - "redirect_document_id": false - }, { "source_path": "windows/security/identity-protection/installing-digital-certificates-on-windows-10-mobile.md", "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", @@ -1535,26 +1300,11 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-and-adds-faq", "redirect_document_id": false }, - { - "source_path": "windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-basic-deployment", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/bitlocker/bitlocker-countermeasures.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-countermeasures", - "redirect_document_id": false - }, { "source_path": "windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-and-administration-faq", "redirect_document_id": false }, - { - "source_path": "windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-comparison", - "redirect_document_id": false - }, { "source_path": "windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker#device-encryption", @@ -1570,31 +1320,11 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-frequently-asked-questions", "redirect_document_id": false }, - { - "source_path": "windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-group-policy-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-enable-network-unlock", - "redirect_document_id": false - }, { "source_path": "windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-key-management-faq", "redirect_document_id": false }, - { - "source_path": "windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-management-for-enterprises", - "redirect_document_id": false - }, { "source_path": "windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-network-unlock-faq", @@ -1635,11 +1365,6 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-upgrading-faq", "redirect_document_id": false }, - { - "source_path": "windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker", - "redirect_document_id": false - }, { "source_path": "windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/manage-recovery-passwords#bitlocker-recovery-password-viewer", @@ -1650,26 +1375,6 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-using-with-other-programs-faq", "redirect_document_id": false }, - { - "source_path": "windows/security/information-protection/bitlocker/choose-the-right-bitlocker-countermeasure.md", - "redirect_url": "/windows/security/information-protection/bitlocker/bitlocker-countermeasures", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/bitlocker/protect-bitlocker-from-pre-boot-attacks.md", - "redirect_url": "/windows/security/information-protection/bitlocker/bitlocker-countermeasures", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker", - "redirect_document_id": false - }, { "source_path": "windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md", "redirect_url": "/troubleshoot/windows-client/windows-security/bitlocker-issues-troubleshooting", @@ -1715,26 +1420,11 @@ "redirect_url": "/troubleshoot/windows-client/windows-security/bitlocker-and-tpm-other-known-issues", "redirect_document_id": false }, - { - "source_path": "windows/security/information-protection/bitlocker/types-of-attacks-for-volume-encryption-keys.md", - "redirect_url": "/windows/security/information-protection/bitlocker/bitlocker-countermeasures", - "redirect_document_id": false - }, { "source_path": "windows/security/information-protection/encrypted-hard-drive.md", "redirect_url": "/windows/security/operating-system-security/data-protection/encrypted-hard-drive", "redirect_document_id": false }, - { - "source_path": "windows/security/information-protection/index.md", - "redirect_url": "/windows/security/encryption-data-protection", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/personal-data-encryption/configure-pde-in-intune.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure-pde-in-intune", - "redirect_document_id": false - }, { "source_path": "windows/security/information-protection/personal-data-encryption/faq-pde.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/faq-pde", @@ -1745,36 +1435,6 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/index", "redirect_document_id": false }, - { - "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-arso.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-arso", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-hibernation.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-hibernation", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-memory-dumps.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-memory-dumps", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-password-connected-standby.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-password-connected-standby", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-wer.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-wer", - "redirect_document_id": false - }, - { - "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-enable-pde.md", - "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-enable-pde", - "redirect_document_id": false - }, { "source_path": "windows/security/information-protection/pluton/microsoft-pluton-security-processor.md", "redirect_url": "/windows/security/hardware-security/pluton/microsoft-pluton-security-processor", @@ -1845,11 +1505,6 @@ "redirect_url": "/windows/security/hardware-security/tpm/trusted-platform-module-services-group-policy-settings", "redirect_document_id": false }, - { - "source_path": "windows/security/information-protection/tpm/trusted-platform-module-top-node.md", - "redirect_url": "/windows/security/hardware-security/tpm/trusted-platform-module-top-node", - "redirect_document_id": false - }, { "source_path": "windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/app-behavior-with-wip", @@ -2725,436 +2380,11 @@ "redirect_url": "/compliance/assurance/assurance-microsoft-security-development-lifecycle", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/applocker/administer-applocker-using-mdm.md", "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker-using-mdm", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/applocker/administer-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/applocker-architecture-and-components.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/applocker-functions.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/applocker-overview.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/applocker-policies-deployment-guide.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/applocker-policies-design-guide.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/applocker-policy-use-scenarios.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/applocker-processes-and-interactions.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/applocker-settings.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/applocker-technical-reference.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/configure-an-applocker-policy-for-audit-only.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/configure-an-applocker-policy-for-enforce-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/configure-exceptions-for-an-applocker-rule.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/configure-the-application-identity-service.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/configure-the-appLocker-reference-device.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/create-a-rule-for-packaged-apps.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/create-a-rule-that-uses-a-file-hash-condition.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/create-a-rule-that-uses-a-path-condition.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/create-a-rule-that-uses-a-publisher-condition.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/create-applocker-default-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/create-list-of-applications-deployed-to-each-business-group.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/create-your-applocker-policies.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/create-your-applocker-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/delete-an-applocker-rule.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/deploy-the-applocker-policy-into-production.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/determine-group-policy-structure-and-rule-enforcement.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/determine-your-application-control-objectives.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/dll-rules-in-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/document-your-application-list.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/document-your-applocker-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/edit-an-applocker-policy.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/edit-applocker-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/enable-the-dll-rule-collection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/enforce-applocker-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/executable-rules-in-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/export-an-applocker-policy-from-a-gpo.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/export-an-applocker-policy-to-an-xml-file.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/how-applocker-works-techref.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/import-an-applocker-policy-from-another-computer.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/import-an-applocker-policy-into-a-gpo.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/maintain-applocker-policies.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/manage-packaged-apps-with-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/merge-applocker-policies-manually.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/monitor-application-usage-with-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/optimize-applocker-performance.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/plan-for-applocker-policy-management.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/refresh-an-applocker-policy.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/requirements-for-deploying-applocker-policies.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/requirements-to-use-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/run-the-automatically-generate-rules-wizard.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/script-rules-in-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/security-considerations-for-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/select-types-of-rules-to-create.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/test-and-update-an-applocker-policy.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/tools-to-use-with-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understand-applocker-enforcement-settings.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understand-applocker-policy-design-decisions.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understand-the-applocker-policy-deployment-process.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understanding-applocker-default-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-behavior.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-collections.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-condition-types.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-exceptions.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understanding-the-file-hash-rule-condition-in-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understanding-the-path-rule-condition-in-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/understanding-the-publisher-rule-condition-in-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/use-the-applocker-windows-powershell-cmdlets.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/using-event-viewer-with-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/using-software-restriction-policies-and-applocker-policies.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/what-is-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/windows-installer-rules-in-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/working-with-applocker-policies.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/applocker/working-with-applocker-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md", "redirect_url": "/windows/security/operating-system-security/device-management/block-untrusted-fonts-in-enterprise", @@ -3175,51 +2405,26 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/device-control-report", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/device-guard/deploy-catalog-files-to-support-windows-defender-application-control.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/device-guard/deploy-managed-installer-for-device-guard.md", "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/device-guard/deploy-windows-defender-application-control-policy-rules-and-file-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/device-guard/device-guard-deployment-enable-virtualization-based-security.md", "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/enable-virtualization-based-security", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/device-guard/device-guard-deployment-guide.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/device-guard/memory-integrity.md", "redirect_url": "https://support.microsoft.com/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/device-guard/optional-create-a-code-signing-certificate-for-windows-defender-application-control.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md", "redirect_url": "/windows/security", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/fips-140-validation.md", "redirect_url": "/windows/security/security-foundations/certification/fips-140-validation", @@ -3340,11 +2545,6 @@ "redirect_url": "/microsoft-365/security/mtp/top-scoring-industry-tests", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/intelligence/transparency-report.md", - "redirect_url": "/windows/security/threat-protection/intelligence/av-tests", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/intelligence/trojans-malware.md", "redirect_url": "/microsoft-365/security/intelligence/trojans-malware", @@ -5870,11 +5070,6 @@ "redirect_url": "/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/msft-security-dev-lifecycle.md", - "redirect_url": "/windows/security/security-foundations/msft-security-dev-lifecycle", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md", "redirect_url": "/windows/security/operating-system-security/device-management/override-mitigation-options-for-app-related-security-policies", @@ -6335,11 +5530,6 @@ "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-if-server-agrees.md", - "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers", @@ -6360,11 +5550,6 @@ "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-if-client-agress.md", - "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire", @@ -6635,26 +5820,6 @@ "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md", - "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees.md", - "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always.md", - "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-if-client-agrees.md", - "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption", @@ -7120,601 +6285,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/microsoft-defender-security-center-antivirus", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/windows-defender-application-control-appid-tagging-guide.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-your-application-control-objectives", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-enforcement-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/audit-and-enforce-windows-defender-application-control-policies.md", "redirect_url": "/windows/security", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/citool-commands.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/configure-wdac-managed-installer", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/create-your-windows-defender-application-control-planning-document.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/deploy-multiple-wdac-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-group-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-script", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-group-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/event-tag-explanations", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/feature-availability.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/feature-availability", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/index.yml", "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/index", @@ -7725,166 +6300,11 @@ "redirect_url": "/previous-versions/windows/it-pro/windows-10/deployment/s-mode/wdac-allow-lob-win32-apps", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/operations/citool-commands.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/citool-commands", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/operations/inbox-wdac-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/inbox-wdac-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/querying-application-control-events-centrally-using-advanced-hunting", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/types-of-devices.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/understanding-wdac-policy-settings.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/understanding-wdac-policy-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md", "redirect_url": "https://aka.ms/AzureCodeSigning", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-editing-policy.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-merging-policies.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-parsing-event-logs.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-operational-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md", - "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-device-guard-and-applocker.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md", "redirect_url": "/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard", @@ -7990,11 +6410,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/basic-permissions", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/check-sensor-status", @@ -8005,11 +6420,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/collect-investigation-package", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/community-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/community", @@ -8130,11 +6540,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/custom-ti-api", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/dashboard-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/data-retention-settings-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/data-retention-settings", @@ -8215,11 +6620,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/exposed-apis-odata-samples", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/exposed-apis-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/files-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/files", @@ -8230,11 +6630,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/find-machine-info-by-ip", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/find-machine-info-by-ip-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/find-machines-by-ip-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/find-machines-by-ip", @@ -8255,91 +6650,41 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/data-retention-settings", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-actor-information-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-actor-related-alerts-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-info-by-id", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-actor-info-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-related-domain-info", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-related-files-info", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-related-ip-info", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-related-machine-info", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-related-user-info", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alerts", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-cvekbmap-collection-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-cvekbmap-collection", @@ -8355,21 +6700,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-domain-related-alerts", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-domain-related-alerts-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-domain-related-machines", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-domain-statistics-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-domain-statistics", @@ -8380,96 +6715,46 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-file-information", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-information-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-file-related-alerts", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-file-related-machines", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-file-statistics", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-filemachineaction-object", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-filemachineactions-collection", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-ip-related-alerts", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-ip-related-machines", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-ip-statistics", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-kbinfo-collection-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-kbinfo-collection", @@ -8485,46 +6770,21 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-machine-by-id", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-machine-log-on-users", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-machine-related-alerts", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/get-machineaction-object", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-machineaction-object.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-machineaction-object", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/get-machineactions-collection", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-machineactions-collection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-machineactions-collection", @@ -8545,11 +6805,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-machines", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-machinesecuritystates-collection-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-machinesecuritystates-collection", @@ -8565,21 +6820,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-package-sas-uri", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-started.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-started", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-ti-indicator-by-id-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-ti-indicators-collection", @@ -8590,31 +6835,16 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-user-information", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-user-related-alerts", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-user-related-machines", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/how-hardware-based-containers-help-protect-windows.md", "redirect_url": "/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-containers-help-protect-windows", @@ -8685,31 +6915,16 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/is-domain-seen-in-org", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/is-ip-seen-org", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/isolate-machine", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/licensing", @@ -8755,11 +6970,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/manage-alerts", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/manage-allowed-blocked-list-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/manage-allowed-blocked-list", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/manage-allowed-blocked-list.md", "redirect_url": "/microsoft-365/security/defender-endpoint/manage-allowed-blocked-list", @@ -8795,11 +7005,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/manage-incidents", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/manage-indicators-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/manage-indicators", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/manage-indicators.md", "redirect_url": "/microsoft-365/security/defender-endpoint/manage-allowed-blocked-list", @@ -8970,11 +7175,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/rbac", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/respond-file-alerts", @@ -8995,11 +7195,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/restrict-code-execution", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/run-advanced-query-api.md", "redirect_url": "/microsoft-365/security/defender-endpoint/run-advanced-query-api", @@ -9035,11 +7230,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/run-av-scan", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/run-detection-test-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/run-detection-test", @@ -9050,11 +7240,6 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/secure-score-dashboard", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/security-operations-dashboard", @@ -9065,41 +7250,16 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/service-status", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/settings-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/time-settings-windows-defender-advanced-threat-protection", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/stop-and-quarantine-file-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/stop-and-quarantine-file", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/stop-and-quarantine-file-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/supported-apis-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/supported-response-apis-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/supported-response-apis", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/threat-analytics", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/threat-analytics-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/threat-analytics.md", "redirect_url": "/microsoft-365/security/defender-endpoint/threat-analytics", @@ -9170,31 +7330,16 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/tvm-dashboard-insights", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/unblock-file-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/unisolate-machine", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/unrestrict-code-execution", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md", - "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-atp/update-alert-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/update-alert", @@ -9315,601 +7460,56 @@ "redirect_url": "/windows/security/operating-system-security/system-security/windows-defender-security-center/windows-defender-security-center", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md", - "redirect_url": "/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md", "redirect_url": "https://feedback.smartscreen.microsoft.com/smartscreenfaq.aspx", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md", - "redirect_url": "/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-set-individual-device", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md", "redirect_url": "/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/assign-security-group-filters-to-the-gpo", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/basic-firewall-policy-design", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/best-practices-configuring.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/best-practices-configuring", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/boundary-zone-gpos", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/boundary-zone.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/boundary-zone", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design-example", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/change-rules-from-request-to-require-mode", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-basic-firewall-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-boundary-zone", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-encryption-zone", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-isolated-domain", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-group-policy-objects", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-inbound-firewall-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-outbound-firewall-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-basic-firewall-policy-design", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-domain-isolation-policy-design", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/configure-authentication-methods.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-authentication-methods", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-data-protection-quick-mode-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-key-exchange-main-mode-settings", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-the-rules-to-require-encryption", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-logging", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-the-workstation-authentication-certificate-template", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/confirm-that-certificates-are-deployed-correctly", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/copy-a-gpo-to-create-a-new-gpo", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-a-group-account-in-active-directory", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-a-group-policy-object", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-exemption-list-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-request-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-icmp-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-port-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-program-or-service-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-port-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-program-or-service-rule", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-inbound-rules-to-support-rpc", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/documenting-the-zones.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/documenting-the-zones", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design-example", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-inbound-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-outbound-rules", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/encryption-zone-gpos", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/encryption-zone.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/encryption-zone", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md", "redirect_url": "/windows/security", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/exempt-icmp-from-authentication", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/exemption-list.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/exemption-list", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-firewall/filter-origin-documentation.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/filter-origin-documentation", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-firewall/firewall-gpos.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/firewall-gpos", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/firewall-policy-design-example", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/firewall-settings-lost-on-upgrade", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-active-directory-deployment", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-current-network-infrastructure", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-devices", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gathering-other-relevant-information", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gathering-the-information-you-need", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-boundary", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-encryption", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-firewall", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-clients", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-servers", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/isolated-domain-gpos", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/isolated-domain.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/isolated-domain", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md", "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831418(v=ws.11)", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/link-the-gpo-to-the-domain", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/open-windows-firewall-with-advanced-security", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-certificate-based-authentication", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-domain-isolation-zones", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-gpo-deployment", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-isolation-groups-for-the-zones", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-network-access-groups.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-network-access-groups", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-server-isolation-zones", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-settings-for-a-basic-firewall-policy", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-the-gpos.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-the-gpos", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-your-windows-firewall-with-advanced-security-design", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md", "redirect_url": "/windows/security", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/protect-devices-from-unwanted-network-traffic", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-firewall/quarantine.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/quarantine", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/require-encryption-when-accessing-sensitive-network-resources", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-specified-users-or-devices", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-trusted-devices", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/restrict-server-access-to-members-of-a-group-only", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/server-isolation-gpos.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-gpos", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design-example", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/troubleshooting-uwp-firewall", "redirect_document_id": false }, - { - "source_path": "windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/verify-that-network-traffic-is-authenticated", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-deployment-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-design-guide", - "redirect_document_id": false - }, - { - "source_path": "windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md", - "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security", - "redirect_document_id": false - }, { "source_path": "windows/security/threat-protection/windows-platform-common-criteria.md", "redirect_url": "/windows/security/security-foundations/certification/windows-platform-common-criteria", From 9fbf7abbcde52d71da319d147a3ee4a4ef78cb23 Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Tue, 10 Sep 2024 17:30:07 -0600 Subject: [PATCH 04/23] Undo cleanup --- ...blishing.redirection.windows-security.json | 2402 ++++++++++++++++- 1 file changed, 2401 insertions(+), 1 deletion(-) diff --git a/.openpublishing.redirection.windows-security.json b/.openpublishing.redirection.windows-security.json index 7a1c2827b5..1ecd6242b4 100644 --- a/.openpublishing.redirection.windows-security.json +++ b/.openpublishing.redirection.windows-security.json @@ -145,6 +145,11 @@ "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions", "redirect_document_id": false }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview", + "redirect_document_id": false + }, { "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference.md", "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference", @@ -485,6 +490,11 @@ "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies", "redirect_document_id": false }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac", + "redirect_document_id": false + }, { "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md", "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets", @@ -495,6 +505,11 @@ "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker", "redirect_document_id": false }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac", + "redirect_document_id": false + }, { "source_path": "windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker.md", "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker", @@ -640,6 +655,11 @@ "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol", "redirect_document_id": false }, + { + "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac", + "redirect_document_id": false + }, { "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md", "redirect_url": "/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules", @@ -810,6 +830,81 @@ "redirect_url": "/windows/security/operating-system-security/system-security/cryptography-certificate-mgmt", "redirect_document_id": false }, + { + "source_path": "windows/security/encryption-data-protection.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/index", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/encrypted-hard-drive.md", + "redirect_url": "/windows/security/information-protection/encrypted-hard-drive", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/how-hardware-based-containers-help-protect-windows.md", + "redirect_url": "/windows/security/identity-protection/how-hardware-based-containers-help-protect-windows", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/secure-the-windows-10-boot-process.md", + "redirect_url": "/windows/security/information-protection/secure-the-windows-10-boot-process", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md", + "redirect_url": "/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/change-the-tpm-owner-password.md", + "redirect_url": "/windows/security/information-protection/tpm/change-the-tpm-owner-password", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/how-windows-uses-the-tpm.md", + "redirect_url": "/windows/security/information-protection/tpm/how-windows-uses-the-tpm", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md", + "redirect_url": "/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/manage-tpm-commands.md", + "redirect_url": "/windows/security/information-protection/tpm/manage-tpm-commands", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/manage-tpm-lockout.md", + "redirect_url": "/windows/security/information-protection/tpm/manage-tpm-lockout", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md", + "redirect_url": "/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/tpm-fundamentals.md", + "redirect_url": "/windows/security/information-protection/tpm/tpm-fundamentals", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/tpm-recommendations.md", + "redirect_url": "/windows/security/information-protection/tpm/tpm-recommendations", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/trusted-platform-module-overview.md", + "redirect_url": "/windows/security/information-protection/tpm/trusted-platform-module-overview", + "redirect_document_id": false + }, + { + "source_path": "windows/security/hardware-protection/tpm/trusted-platform-module-services-group-policy-settings.md", + "redirect_url": "/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings", + "redirect_document_id": false + }, { "source_path": "windows/security/hardware-protection/tpm/trusted-platform-module-top-node.md", "redirect_url": "/windows/security/hardware-security/tpm/trusted-platform-module-overview", @@ -895,6 +990,11 @@ "redirect_url": "/windows/security/identity-protection/credential-guard/configure", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md", + "redirect_url": "/windows/security/identity-protection/credential-guard/credential-guard-protection-limits", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md", "redirect_url": "/windows/security/identity-protection/credential-guard/how-it-works", @@ -915,6 +1015,11 @@ "redirect_url": "/windows/security/identity-protection/credential-guard", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/credential-guard/dg-readiness-tool.md", + "redirect_url": "/windows/security/identity-protection/credential-guard/credential-guard", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/deploy/cloud.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud-only", @@ -960,6 +1065,11 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/multifactor-unlock", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/cloud", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md", "redirect_url": "/windows-server/administration/performance-tuning/role/active-directory-server/capacity-planning-for-active-directory-domain-services", @@ -990,6 +1100,16 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-mfa", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-pki", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust", @@ -1070,6 +1190,21 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-new-install.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-validate-pki.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki", @@ -1085,11 +1220,36 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-ad.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-validate-pki", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-provision", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust-provision.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/how-it-works#provisioning", @@ -1100,16 +1260,81 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-dirsync.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-provision.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-enroll", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-validate-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-pki", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-ad.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust", + "redirect_document_id": false + }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-identity-verification.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/requirements", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs", @@ -1125,6 +1350,11 @@ "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md", + "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-mfa", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md", "redirect_url": "/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust", @@ -1190,6 +1420,11 @@ "redirect_url": "/windows/security/windows/security/identity-protection/hello-for-business/webauthn-apis", "redirect_document_id": false }, + { + "source_path": "windows/security/identity-protection/how-hardware-based-containers-help-protect-windows.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/how-hardware-based-containers-help-protect-windows", + "redirect_document_id": false + }, { "source_path": "windows/security/identity-protection/installing-digital-certificates-on-windows-10-mobile.md", "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", @@ -1300,11 +1535,26 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-and-adds-faq", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-basic-deployment", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/bitlocker/bitlocker-countermeasures.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-countermeasures", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-and-administration-faq", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-comparison", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker#device-encryption", @@ -1320,11 +1570,31 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-frequently-asked-questions", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-group-policy-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-enable-network-unlock", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-key-management-faq", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-management-for-enterprises", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-network-unlock-faq", @@ -1365,6 +1635,11 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-upgrading-faq", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md", "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/manage-recovery-passwords#bitlocker-recovery-password-viewer", @@ -1375,6 +1650,26 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-using-with-other-programs-faq", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/bitlocker/choose-the-right-bitlocker-countermeasure.md", + "redirect_url": "/windows/security/information-protection/bitlocker/bitlocker-countermeasures", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/bitlocker/protect-bitlocker-from-pre-boot-attacks.md", + "redirect_url": "/windows/security/information-protection/bitlocker/bitlocker-countermeasures", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/bitlocker/troubleshoot-bitlocker.md", "redirect_url": "/troubleshoot/windows-client/windows-security/bitlocker-issues-troubleshooting", @@ -1420,11 +1715,26 @@ "redirect_url": "/troubleshoot/windows-client/windows-security/bitlocker-and-tpm-other-known-issues", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/bitlocker/types-of-attacks-for-volume-encryption-keys.md", + "redirect_url": "/windows/security/information-protection/bitlocker/bitlocker-countermeasures", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/encrypted-hard-drive.md", "redirect_url": "/windows/security/operating-system-security/data-protection/encrypted-hard-drive", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/index.md", + "redirect_url": "/windows/security/encryption-data-protection", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/personal-data-encryption/configure-pde-in-intune.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure-pde-in-intune", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/personal-data-encryption/faq-pde.yml", "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/faq-pde", @@ -1435,6 +1745,36 @@ "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/index", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-arso.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-arso", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-hibernation.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-hibernation", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-memory-dumps.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-memory-dumps", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-password-connected-standby.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-password-connected-standby", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-wer.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-wer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-enable-pde.md", + "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-enable-pde", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/pluton/microsoft-pluton-security-processor.md", "redirect_url": "/windows/security/hardware-security/pluton/microsoft-pluton-security-processor", @@ -1505,6 +1845,11 @@ "redirect_url": "/windows/security/hardware-security/tpm/trusted-platform-module-services-group-policy-settings", "redirect_document_id": false }, + { + "source_path": "windows/security/information-protection/tpm/trusted-platform-module-top-node.md", + "redirect_url": "/windows/security/hardware-security/tpm/trusted-platform-module-top-node", + "redirect_document_id": false + }, { "source_path": "windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/app-behavior-with-wip", @@ -2380,11 +2725,436 @@ "redirect_url": "/compliance/assurance/assurance-microsoft-security-development-lifecycle", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/applocker/administer-applocker-using-mdm.md", "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker-using-mdm", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/applocker/administer-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/applocker-architecture-and-components.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/applocker-functions.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/applocker-overview.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/applocker-policies-deployment-guide.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/applocker-policies-design-guide.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/applocker-policy-use-scenarios.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/applocker-processes-and-interactions.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/applocker-settings.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/applocker-technical-reference.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/configure-an-applocker-policy-for-audit-only.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/configure-an-applocker-policy-for-enforce-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/configure-exceptions-for-an-applocker-rule.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/configure-the-application-identity-service.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/configure-the-appLocker-reference-device.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/create-a-rule-for-packaged-apps.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/create-a-rule-that-uses-a-file-hash-condition.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/create-a-rule-that-uses-a-path-condition.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/create-a-rule-that-uses-a-publisher-condition.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/create-applocker-default-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/create-list-of-applications-deployed-to-each-business-group.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/create-your-applocker-policies.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/create-your-applocker-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/delete-an-applocker-rule.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/deploy-the-applocker-policy-into-production.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/determine-group-policy-structure-and-rule-enforcement.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/determine-your-application-control-objectives.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/dll-rules-in-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/document-your-application-list.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/document-your-applocker-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/edit-an-applocker-policy.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/edit-applocker-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/enable-the-dll-rule-collection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/enforce-applocker-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/executable-rules-in-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/export-an-applocker-policy-from-a-gpo.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/export-an-applocker-policy-to-an-xml-file.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/how-applocker-works-techref.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/import-an-applocker-policy-from-another-computer.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/import-an-applocker-policy-into-a-gpo.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/maintain-applocker-policies.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/manage-packaged-apps-with-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/merge-applocker-policies-manually.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/monitor-application-usage-with-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/optimize-applocker-performance.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/plan-for-applocker-policy-management.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/refresh-an-applocker-policy.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/requirements-for-deploying-applocker-policies.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/requirements-to-use-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/run-the-automatically-generate-rules-wizard.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/script-rules-in-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/security-considerations-for-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/select-types-of-rules-to-create.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/test-and-update-an-applocker-policy.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/tools-to-use-with-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understand-applocker-enforcement-settings.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understand-applocker-policy-design-decisions.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understand-the-applocker-policy-deployment-process.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understanding-applocker-default-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-behavior.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-collections.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-condition-types.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-exceptions.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understanding-the-file-hash-rule-condition-in-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understanding-the-path-rule-condition-in-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/understanding-the-publisher-rule-condition-in-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/use-the-applocker-windows-powershell-cmdlets.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/using-event-viewer-with-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/using-software-restriction-policies-and-applocker-policies.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/what-is-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/windows-installer-rules-in-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/working-with-applocker-policies.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/applocker/working-with-applocker-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md", "redirect_url": "/windows/security/operating-system-security/device-management/block-untrusted-fonts-in-enterprise", @@ -2405,26 +3175,51 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/device-control-report", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/device-guard/deploy-catalog-files-to-support-windows-defender-application-control.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/device-guard/deploy-managed-installer-for-device-guard.md", "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/device-guard/deploy-windows-defender-application-control-policy-rules-and-file-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/device-guard/device-guard-deployment-enable-virtualization-based-security.md", "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/enable-virtualization-based-security", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/device-guard/device-guard-deployment-guide.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/device-guard/memory-integrity.md", "redirect_url": "https://support.microsoft.com/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/device-guard/optional-create-a-code-signing-certificate-for-windows-defender-application-control.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md", "redirect_url": "/windows/security", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/fips-140-validation.md", "redirect_url": "/windows/security/security-foundations/certification/fips-140-validation", @@ -2545,6 +3340,11 @@ "redirect_url": "/microsoft-365/security/mtp/top-scoring-industry-tests", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/intelligence/transparency-report.md", + "redirect_url": "/windows/security/threat-protection/intelligence/av-tests", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/intelligence/trojans-malware.md", "redirect_url": "/microsoft-365/security/intelligence/trojans-malware", @@ -5070,6 +5870,11 @@ "redirect_url": "/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/msft-security-dev-lifecycle.md", + "redirect_url": "/windows/security/security-foundations/msft-security-dev-lifecycle", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md", "redirect_url": "/windows/security/operating-system-security/device-management/override-mitigation-options-for-app-related-security-policies", @@ -5530,6 +6335,11 @@ "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-if-server-agrees.md", + "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers", @@ -5550,6 +6360,11 @@ "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-if-client-agress.md", + "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire", @@ -5820,6 +6635,26 @@ "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md", + "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees.md", + "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always.md", + "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-if-client-agrees.md", + "redirect_url": "/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md", "redirect_url": "/previous-versions/windows/it-pro/windows-10/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption", @@ -6285,11 +7120,601 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/microsoft-defender-security-center-antivirus", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/allow-com-object-registration-in-wdac-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/debugging-operational-guide-appid-tagging-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/deploy-appid-tagging-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/AppIdTagging/windows-defender-application-control-appid-tagging-guide.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/AppIdTagging/wdac-appid-tagging-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/administer-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-architecture-and-components", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-functions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-deployment-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policies-design-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-policy-use-scenarios", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-processes-and-interactions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-technical-reference", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-application-identity-service", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-the-appLocker-reference-device", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-applocker-default-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/create-your-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/delete-an-applocker-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/determine-your-application-control-objectives", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/dll-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-application-list", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/document-your-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-an-applocker-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/edit-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/enable-the-dll-rule-collection", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/enforce-applocker-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/executable-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/how-applocker-works-techref", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/maintain-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/merge-applocker-policies-manually", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/monitor-application-usage-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/optimize-applocker-performance", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/plan-for-applocker-policy-management", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/refresh-an-applocker-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/requirements-to-use-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/script-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/security-considerations-for-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/select-types-of-rules-to-create", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/test-and-update-an-applocker-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/tools-to-use-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-enforcement-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-default-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-behavior", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-collections", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-event-viewer-with-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/what-is-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/windows-installer-rules-in-applocker", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/audit-and-enforce-windows-defender-application-control-policies.md", "redirect_url": "/windows/security", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/audit-wdac-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/citool-commands.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/configure-wdac-managed-installer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/create-code-signing-cert-for-wdac", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-using-reference-computer", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-deny-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-fully-managed-devices", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/create-wdac-policy-for-lightly-managed-devices", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/create-your-windows-defender-application-control-planning-document.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-catalog-files-to-support-wdac", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/deploy-multiple-wdac-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-group-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-with-script", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-group-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-group-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/deployment/deploy-windows-defender-application-control-policies-using-intune.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/deploy-wdac-policies-using-intune", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/design/script-enforcement.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/script-enforcement", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/disable-wdac-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/enforce-wdac-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/event-tag-explanations", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/example-wdac-base-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/feature-availability.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/feature-availability", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/index.yml", "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/index", @@ -6300,11 +7725,166 @@ "redirect_url": "/previous-versions/windows/it-pro/windows-10/deployment/s-mode/wdac-allow-lob-win32-apps", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/manage-packaged-apps-with-wdac", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/merge-wdac-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/operations/citool-commands.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/citool-commands", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/operations/inbox-wdac-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/inbox-wdac-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/known-issues", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-debugging-and-troubleshooting", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/plan-wdac-management", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/querying-application-control-events-centrally-using-advanced-hunting", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/select-types-of-rules-to-create", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/types-of-devices.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/common-wdac-use-cases", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/understand-wdac-policy-design-decisions", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/understanding-wdac-policy-settings.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/understanding-wdac-policy-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md", "redirect_url": "https://aka.ms/AzureCodeSigning", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-signed-policies-to-protect-wdac-against-tampering", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-policy-to-control-specific-plug-ins-add-ins-and-modules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-and-dotnet", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-base-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-create-supplemental-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-editing-policy.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-editing-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-merging-policies.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-merging-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard-parsing-event-logs.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard-parsing-event-logs", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/wdac-wizard.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-wizard", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/deployment/wdac-deployment-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/wdac-design-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/operations/wdac-operational-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md", + "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/wdac", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-device-guard-and-applocker.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md", "redirect_url": "/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard", @@ -6410,6 +7990,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/basic-permissions", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/check-sensor-status", @@ -6420,6 +8005,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/collect-investigation-package", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/community-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/community", @@ -6540,6 +8130,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/custom-ti-api", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/dashboard-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/data-retention-settings-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/data-retention-settings", @@ -6620,6 +8215,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/exposed-apis-odata-samples", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/exposed-apis-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/files-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/files", @@ -6630,6 +8230,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/find-machine-info-by-ip", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/find-machine-info-by-ip-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/find-machines-by-ip-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/find-machines-by-ip", @@ -6650,41 +8255,91 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/data-retention-settings", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-actor-information-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-actor-related-alerts-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-info-by-id", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-actor-info-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-related-domain-info", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-related-files-info", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-related-ip-info", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-related-machine-info", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alert-related-user-info", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-alerts", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-cvekbmap-collection-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-cvekbmap-collection", @@ -6700,11 +8355,21 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-domain-related-alerts", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-domain-related-alerts-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-domain-related-machines", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-domain-statistics-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-domain-statistics", @@ -6715,46 +8380,96 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-file-information", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-information-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-file-related-alerts", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-file-related-machines", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-file-statistics", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-filemachineaction-object", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-filemachineactions-collection", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-ip-related-alerts", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-ip-related-machines", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-ip-statistics", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-kbinfo-collection-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-kbinfo-collection", @@ -6770,21 +8485,46 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-machine-by-id", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-machine-log-on-users", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-machine-related-alerts", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/get-machineaction-object", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-machineaction-object.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-machineaction-object", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/get-machineactions-collection", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-machineactions-collection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-machineactions-collection", @@ -6805,6 +8545,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-machines", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-machinesecuritystates-collection-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-machinesecuritystates-collection", @@ -6820,11 +8565,21 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-package-sas-uri", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-started.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-started", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-ti-indicator-by-id-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-ti-indicators-collection", @@ -6835,16 +8590,31 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/get-user-information", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-user-related-alerts", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/get-user-related-machines", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/how-hardware-based-containers-help-protect-windows.md", "redirect_url": "/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-containers-help-protect-windows", @@ -6915,16 +8685,31 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/is-domain-seen-in-org", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/is-ip-seen-org", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/isolate-machine", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/licensing", @@ -6970,6 +8755,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/manage-alerts", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/manage-allowed-blocked-list-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/manage-allowed-blocked-list", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/manage-allowed-blocked-list.md", "redirect_url": "/microsoft-365/security/defender-endpoint/manage-allowed-blocked-list", @@ -7005,6 +8795,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/manage-incidents", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/manage-indicators-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/manage-indicators", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/manage-indicators.md", "redirect_url": "/microsoft-365/security/defender-endpoint/manage-allowed-blocked-list", @@ -7175,6 +8970,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/rbac", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/respond-file-alerts", @@ -7195,6 +8995,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/restrict-code-execution", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/run-advanced-query-api.md", "redirect_url": "/microsoft-365/security/defender-endpoint/run-advanced-query-api", @@ -7230,6 +9035,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/run-av-scan", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/run-detection-test-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/run-detection-test", @@ -7240,6 +9050,11 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/secure-score-dashboard", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/security-operations-dashboard", @@ -7250,16 +9065,41 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/service-status", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/settings-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/time-settings-windows-defender-advanced-threat-protection", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/stop-and-quarantine-file-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/stop-and-quarantine-file", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/stop-and-quarantine-file-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/supported-apis-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/supported-response-apis-windows-defender-advanced-threat-protection.md", "redirect_url": "/microsoft-365/security/defender-endpoint/supported-response-apis", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/threat-analytics", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/threat-analytics-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/threat-analytics.md", "redirect_url": "/microsoft-365/security/defender-endpoint/threat-analytics", @@ -7330,16 +9170,31 @@ "redirect_url": "/microsoft-365/security/defender-endpoint/tvm-dashboard-insights", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/unblock-file-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/unisolate-machine", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/unrestrict-code-execution", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md", + "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-atp/update-alert-windows-defender-advanced-threat-protection-new.md", "redirect_url": "/microsoft-365/security/defender-endpoint/update-alert", @@ -7460,56 +9315,601 @@ "redirect_url": "/windows/security/operating-system-security/system-security/windows-defender-security-center/windows-defender-security-center", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md", + "redirect_url": "/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md", "redirect_url": "https://feedback.smartscreen.microsoft.com/smartscreenfaq.aspx", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md", + "redirect_url": "/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-set-individual-device", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md", "redirect_url": "/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/assign-security-group-filters-to-the-gpo", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/basic-firewall-policy-design", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/best-practices-configuring.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/best-practices-configuring", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/boundary-zone-gpos", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/boundary-zone.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/boundary-zone", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design-example", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/certificate-based-isolation-policy-design", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/change-rules-from-request-to-require-mode", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-basic-firewall-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-boundary-zone", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-encryption-zone", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-configuring-rules-for-the-isolated-domain", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-group-policy-objects", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-inbound-firewall-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-outbound-firewall-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-basic-firewall-policy-design", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-domain-isolation-policy-design", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/configure-authentication-methods.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-authentication-methods", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-data-protection-quick-mode-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-key-exchange-main-mode-settings", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-the-rules-to-require-encryption", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-logging", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-the-workstation-authentication-certificate-template", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/confirm-that-certificates-are-deployed-correctly", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/copy-a-gpo-to-create-a-new-gpo", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-a-group-account-in-active-directory", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-a-group-policy-object", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-exemption-list-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-authentication-request-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-icmp-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-port-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-inbound-program-or-service-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-port-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-an-outbound-program-or-service-rule", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-inbound-rules-to-support-rpc", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-windows-firewall-rules-in-intune", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/create-wmi-filters-for-the-gpo", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/determining-the-trusted-state-of-your-devices", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/documenting-the-zones.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/documenting-the-zones", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design-example", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/domain-isolation-policy-design", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-inbound-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/enable-predefined-outbound-rules", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/encryption-zone-gpos", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/encryption-zone.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/encryption-zone", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md", "redirect_url": "/windows/security", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/exempt-icmp-from-authentication", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/exemption-list.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/exemption-list", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-firewall/filter-origin-documentation.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/filter-origin-documentation", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-firewall/firewall-gpos.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/firewall-gpos", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/firewall-policy-design-example", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/firewall-settings-lost-on-upgrade", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-active-directory-deployment", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-current-network-infrastructure", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gathering-information-about-your-devices", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gathering-other-relevant-information", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gathering-the-information-you-need", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-boundary", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-encryption", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-firewall", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-clients", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/gpo-domiso-isolateddomain-servers", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/isolated-domain-gpos", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/isolated-domain.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/isolated-domain", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md", "redirect_url": "/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831418(v=ws.11)", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/link-the-gpo-to-the-domain", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/open-the-group-policy-management-console-to-windows-firewall", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/open-windows-firewall-with-advanced-security", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-certificate-based-authentication", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-domain-isolation-zones", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-gpo-deployment", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-isolation-groups-for-the-zones", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-network-access-groups.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-network-access-groups", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-server-isolation-zones", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-settings-for-a-basic-firewall-policy", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-the-gpos.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-the-gpos", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/planning-your-windows-firewall-with-advanced-security-design", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md", "redirect_url": "/windows/security", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/protect-devices-from-unwanted-network-traffic", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-firewall/quarantine.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/quarantine", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/require-encryption-when-accessing-sensitive-network-resources", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-specified-users-or-devices", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/restrict-access-to-only-trusted-devices", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/restrict-server-access-to-members-of-a-group-only", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/server-isolation-gpos.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-gpos", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design-example", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/server-isolation-policy-design", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md", "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/troubleshooting-uwp-firewall", "redirect_document_id": false }, + { + "source_path": "windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/verify-that-network-traffic-is-authenticated", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-deployment-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security-design-guide", + "redirect_document_id": false + }, + { + "source_path": "windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md", + "redirect_url": "/windows/security/operating-system-security/network-security/windows-firewall/windows-firewall-with-advanced-security", + "redirect_document_id": false + }, { "source_path": "windows/security/threat-protection/windows-platform-common-criteria.md", "redirect_url": "/windows/security/security-foundations/certification/windows-platform-common-criteria", @@ -7581,4 +9981,4 @@ "redirect_document_id": false } ] -} +} \ No newline at end of file From ce67c73e1fa2cf4ace841ca69ec8773012fbdef0 Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Wed, 11 Sep 2024 13:08:45 -0600 Subject: [PATCH 05/23] Update App Control for Business redirect links --- .../appcontrol-appid-tagging-guide.md | 13 +- ...perational-guide-appid-tagging-policies.md | 7 +- .../deploy-appid-tagging-policies.md | 21 ++-- .../design-create-appid-tagging-policies.md | 102 ++++++++------- .../app-control-for-business/TOC.yml | 92 +++++++------- .../appcontrol-and-applocker-overview.md | 31 +++-- .../app-control-for-business/appcontrol.md | 17 ++- .../applocker/applocker-overview.md | 6 +- .../applocker-policies-design-guide.md | 2 +- .../applocker-processes-and-interactions.md | 3 +- ...r-policies-by-using-set-applockerpolicy.md | 2 +- .../merge-applocker-policies-manually.md | 2 +- .../applocker/rule-collection-extensions.md | 2 +- ...ent-setting-inheritance-in-group-policy.md | 2 +- .../applocker/what-is-applocker.md | 2 +- .../deployment/appcontrol-deployment-guide.md | 37 +++--- .../deployment/audit-appcontrol-policies.md | 39 +++--- ...create-code-signing-cert-for-appcontrol.md | 19 ++- ...-appcontrol-policies-using-group-policy.md | 39 +++--- ...deploy-appcontrol-policies-using-intune.md | 39 +++--- .../deploy-appcontrol-policies-with-memcm.md | 41 +++--- .../deploy-appcontrol-policies-with-script.md | 31 +++-- ...loy-catalog-files-to-support-appcontrol.md | 25 ++-- .../deployment/disable-appcontrol-policies.md | 55 ++++---- .../deployment/enforce-appcontrol-policies.md | 31 +++-- .../deployment/merge-appcontrol-policies.md | 39 +++--- ...gning-for-better-control-and-protection.md | 21 ++-- ...to-protect-appcontrol-against-tampering.md | 33 +++-- ...bject-registration-in-appcontrol-policy.md | 21 ++-- .../design/appcontrol-and-dotnet.md | 28 ++--- .../design/appcontrol-design-guide.md | 25 ++-- .../appcontrol-wizard-create-base-policy.md | 39 +++--- ...ntrol-wizard-create-supplemental-policy.md | 23 ++-- .../appcontrol-wizard-editing-policy.md | 23 ++-- .../appcontrol-wizard-merging-policies.md | 16 +-- .../appcontrol-wizard-parsing-event-logs.md | 73 ++++++----- .../design/appcontrol-wizard.md | 13 +- ...applications-that-can-bypass-appcontrol.md | 21 ++-- .../design/common-appcontrol-use-cases.md | 23 ++-- ...-apps-deployed-with-a-managed-installer.md | 33 +++-- .../design/create-appcontrol-deny-policy.md | 22 ++-- ...ontrol-policy-for-fully-managed-devices.md | 39 +++--- ...trol-policy-for-lightly-managed-devices.md | 39 +++--- ...control-policy-using-reference-computer.md | 37 +++--- .../deploy-multiple-appcontrol-policies.md | 21 ++-- .../example-appcontrol-base-policies.md | 29 +++-- .../manage-packaged-apps-with-appcontrol.md | 37 +++--- ...icrosoft-recommended-driver-block-rules.md | 23 ++-- .../design/plan-appcontrol-management.md | 51 ++++---- .../design/script-enforcement.md | 39 +++--- .../design/select-types-of-rules-to-create.md | 99 ++++++++------- ...tand-appcontrol-policy-design-decisions.md | 39 +++--- ...nderstanding-appcontrol-policy-settings.md | 14 +-- ...l-specific-plug-ins-add-ins-and-modules.md | 15 ++- ...control-with-intelligent-security-graph.md | 39 +++--- .../feature-availability.md | 32 ++--- .../includes/feature-availability-note.md | 9 ++ .../app-control-for-business/index.yml | 32 ++--- ...ppcontrol-debugging-and-troubleshooting.md | 117 +++++++++--------- .../appcontrol-operational-guide.md | 27 ++-- .../operations/citool-commands.md | 12 +- .../configure-appcontrol-managed-installer.md | 9 +- .../operations/event-id-explanations.md | 36 +++--- .../operations/event-tag-explanations.md | 14 +-- .../operations/inbox-appcontrol-policies.md | 15 ++- .../operations/known-issues.md | 51 ++++---- ...events-centrally-using-advanced-hunting.md | 16 +-- ...nd-windows-defender-application-control.md | 43 ------- ...alization-based-security-and-appcontrol.md | 43 +++++++ .../application-control/toc.yml | 2 +- ...-guard-secure-launch-and-smm-protection.md | 2 +- windows/security/threat-protection/index.md | 2 +- 72 files changed, 1028 insertions(+), 1068 deletions(-) create mode 100644 windows/security/application-security/application-control/app-control-for-business/includes/feature-availability-note.md delete mode 100644 windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md create mode 100644 windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md index 4dc0da5aba..c43cf2dd90 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md @@ -1,23 +1,22 @@ --- -title: Designing, creating, managing, and troubleshooting Windows Defender Application Control AppId Tagging policies -description: How to design, create, manage, and troubleshoot your WDAC AppId Tagging policies +title: Designing, creating, managing, and troubleshooting App Control for Business AppId Tagging policies +description: How to design, create, manage, and troubleshoot your App Control AppId Tagging policies ms.localizationpriority: medium ms.date: 04/27/2022 ms.topic: conceptual --- -# WDAC Application ID (AppId) Tagging guide +# App Control Application ID (AppId) Tagging guide -> [!NOTE] -> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] ## AppId Tagging Feature Overview -The Application ID (AppId) Tagging Policy feature, while based off Windows Defender Application Control (WDAC), doesn't control whether applications run. AppId Tagging policies can be used to mark the processes of the running application with a customizable tag defined in the policy. Application processes that pass the AppId policy receive the tag while failing applications don't. +The Application ID (AppId) Tagging Policy feature, while based off App Control for Business, doesn't control whether applications run. AppId Tagging policies can be used to mark the processes of the running application with a customizable tag defined in the policy. Application processes that pass the AppId policy receive the tag while failing applications don't. ## AppId Tagging Feature Availability -The WDAC AppId Tagging feature is available on the following versions of the Windows platform: +The App Control AppId Tagging feature is available on the following versions of the Windows platform: Client: - Windows 10 20H1, 20H2, and 21H1 versions only diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md index 1507fc348c..454998fcc3 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md @@ -8,14 +8,13 @@ ms.topic: troubleshooting # Testing and Debugging AppId Tagging Policies -> [!NOTE] -> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -After deployment of the WDAC AppId Tagging policy, WDAC will log a 3099 policy deployed event in the [Event Viewer logs](../operations/event-id-explanations.md). You first should ensure that the policy has been successfully deployed onto the system by verifying the presence of the 3099 event. +After deployment of the App Control AppId Tagging policy, App Control will log a 3099 policy deployed event in the [Event Viewer logs](../operations/event-id-explanations.md). You first should ensure that the policy has been successfully deployed onto the system by verifying the presence of the 3099 event. ## Verifying Tags on Running Processes -After verifying the policy has been deployed, the next step is to verify that the application processes you expect to pass the AppId Tagging policy have your tag set. Note that processes running at the time of policy deployment will need to be restarted since Windows Defender Application Control (WDAC) can only tag processes created after the policy has been deployed. +After verifying the policy has been deployed, the next step is to verify that the application processes you expect to pass the AppId Tagging policy have your tag set. Note that processes running at the time of policy deployment will need to be restarted since App Control for Business can only tag processes created after the policy has been deployed. 1. Download and Install the Windows Debugger diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md index df92759921..0c63966c1e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md @@ -1,17 +1,16 @@ --- -title: Deploying Windows Defender Application Control AppId tagging policies -description: How to deploy your WDAC AppId tagging policies locally and globally within your managed environment. +title: Deploying App Control for Business AppId tagging policies +description: How to deploy your App Control AppId tagging policies locally and globally within your managed environment. ms.localizationpriority: medium ms.date: 04/29/2022 ms.topic: conceptual --- -# Deploying Windows Defender Application Control AppId tagging policies +# Deploying App Control for Business AppId tagging policies -> [!NOTE] -> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. For more information, see [Windows Defender Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -Similar to Windows Defender Application Control (WDAC) policies, WDAC AppId tagging policies can be deployed locally and to your managed endpoints several ways. Once you've created your AppId tagging policy, use one of the following methods to deploy: +Similar to App Control for Business policies, App Control AppId tagging policies can be deployed locally and to your managed endpoints several ways. Once you've created your AppId tagging policy, use one of the following methods to deploy: 1. [Deploy AppId tagging policies with MDM](#deploy-appid-tagging-policies-with-mdm) 1. [Deploy policies with Configuration Manager](#deploy-appid-tagging-policies-with-configuration-manager) @@ -20,23 +19,23 @@ Similar to Windows Defender Application Control (WDAC) policies, WDAC AppId tagg ## Deploy AppId tagging policies with MDM -Custom AppId tagging policies can be deployed to endpoints using [the OMA-URI feature in MDM](../deployment/deploy-appcontrol-policies-using-intune.md#deploy-wdac-policies-with-custom-oma-uri). +Custom AppId tagging policies can be deployed to endpoints using [the OMA-URI feature in MDM](../deployment/deploy-appcontrol-policies-using-intune.md#deploy-app-control-policies-with-custom-oma-uri). ## Deploy AppId tagging policies with Configuration Manager -Custom AppId tagging policies can be deployed via Configuration Manager using the [deployment task sequences](../deployment/deploy-appcontrol-policies-with-memcm.md#deploy-custom-wdac-policies-using-packagesprograms-or-task-sequences), policies can be deployed to your managed endpoints and users. +Custom AppId tagging policies can be deployed via Configuration Manager using the [deployment task sequences](../deployment/deploy-appcontrol-policies-with-memcm.md#deploy-custom-app-control-policies-using-packagesprograms-or-task-sequences), policies can be deployed to your managed endpoints and users. ### Deploy AppId tagging Policies via Scripting -Scripting hosts can be used to deploy AppId tagging policies as well. This approach is often best suited for local deployment, but works for deployment to managed endpoints and users too. For more information on how to deploy WDAC AppId tagging policies via scripting, see [Deploy WDAC policies using script](../deployment/deploy-appcontrol-policies-with-script.md). For AppId tagging policies, the only applicable method is deploying to version 1903 or later. +Scripting hosts can be used to deploy AppId tagging policies as well. This approach is often best suited for local deployment, but works for deployment to managed endpoints and users too. For more information on how to deploy App Control AppId tagging policies via scripting, see [Deploy App Control policies using script](../deployment/deploy-appcontrol-policies-with-script.md). For AppId tagging policies, the only applicable method is deploying to version 1903 or later. ### Deploying policies via the ApplicationControl CSP -Multiple WDAC policies can be managed from an MDM server through ApplicationControl configuration service provider (CSP). The CSP also provides support for rebootless policy deployment. +Multiple App Control policies can be managed from an MDM server through ApplicationControl configuration service provider (CSP). The CSP also provides support for rebootless policy deployment. However, when policies are unenrolled from an MDM server, the CSP will attempt to remove every policy from devices, not just the policies added by the CSP. The reason for this is that the ApplicationControl CSP doesn't track enrollment sources for individual policies, even though it will query all policies on a device, regardless if they were deployed by the CSP. For more information, see [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp) to deploy multiple policies, and optionally use Microsoft Intune's Custom OMA-URI capability. > [!NOTE] -> WMI and GP don't currently support multiple policies. If you can't directly access the MDM stack, use the [ApplicationControl CSP via the MDM Bridge WMI Provider](/windows/client-management/mdm/applicationcontrol-csp#powershell-and-wmi-bridge-usage-guidance) to manage multiple policy format Windows Defender Application Control policies. +> WMI and GP don't currently support multiple policies. If you can't directly access the MDM stack, use the [ApplicationControl CSP via the MDM Bridge WMI Provider](/windows/client-management/mdm/applicationcontrol-csp#powershell-and-wmi-bridge-usage-guidance) to manage multiple policy format App Control for Business policies. diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md index ea51fb388c..6de85994c9 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md @@ -1,85 +1,83 @@ --- -title: Create your Windows Defender Application Control AppId Tagging Policies -description: Create your Windows Defender Application Control AppId tagging policies for Windows devices. +title: Create your App Control for Business AppId Tagging Policies +description: Create your App Control for Business AppId tagging policies for Windows devices. ms.localizationpriority: medium ms.date: 04/29/2022 ms.topic: conceptual --- -# Creating your WDAC AppId Tagging Policies +# Creating your App Control AppId Tagging Policies -> [!NOTE] -> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -## Create the policy using the WDAC Wizard +## Create the policy using the App Control Wizard -You can use the Windows Defender Application Control (WDAC) Wizard and the PowerShell commands to create an application control policy and convert it to an AppIdTagging policy. The WDAC Wizard is available for download at the [WDAC Wizard Installer site](https://aka.ms/wdacwizard). These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](appcontrol-appid-tagging-guide.md). +You can use the App Control for Business Wizard and the PowerShell commands to create an application control policy and convert it to an AppIdTagging policy. The App Control Wizard is available for download at the [App Control Wizard Installer site](https://aka.ms/wdacwizard). These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](appcontrol-appid-tagging-guide.md). 1. Create a new base policy using the templates: - Start with the Policy Creator task and select Multiple Policy Format and Base Policy. Select the Base Template to use for the policy. The following example shows beginning with the [Default Windows Mode](../design/appcontrol-wizard-create-base-policy.md#template-base-policies) template and build on top of these rules. + Start with the Policy Creator task and select Multiple Policy Format and Base Policy. Select the Base Template to use for the policy. The following example shows beginning with the [Default Windows Mode](../design/appcontrol-wizard-create-base-policy.md#template-base-policies) template and build on top of these rules. - ![Configuring the policy base and template.](../images/appid-appcontrol-wizard-1.png) + ![Configuring the policy base and template.](../images/appid-appcontrol-wizard-1.png) - > [!NOTE] - > If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates. - For more information on the issue, see the [AppId Tagging Known Issue](../operations/known-issues.md#slow-boot-and-performance-with-custom-policies). + > [!NOTE] + > If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates. For more information on the issue, see the [AppId Tagging Known Issue](../operations/known-issues.md#slow-boot-and-performance-with-custom-policies). -2. Set the following rule-options using the Wizard toggles: +2. Set the following rule-options using the Wizard toggles: - ![Configuring the policy rule-options.](../images/appid-appcontrol-wizard-2.png) + ![Configuring the policy rule-options.](../images/appid-appcontrol-wizard-2.png) 3. Create custom rules: - Selecting the `+ Custom Rules` button opens the Custom Rules panel. The Wizard supports five types of file rules: + Selecting the `+ Custom Rules` button opens the Custom Rules panel. The Wizard supports five types of file rules: - - Publisher rules: Create a rule based off the signing certificate hierarchy. Additionally, the original filename and version can be combined with the signing certificate for added security. - - Path rules: Create a rule based off the path to a file or a parent folder path. Path rules support wildcards. - - File attribute rules: Create a rule based off a file's immutable properties like the original filename, file description, product name or internal name. - - Package app name rules: Create a rule based off the package family name of an appx/msix. - - Hash rules: Create a rule based off the PE Authenticode hash of a file. + - Publisher rules: Create a rule based off the signing certificate hierarchy. Additionally, the original filename and version can be combined with the signing certificate for added security. + - Path rules: Create a rule based off the path to a file or a parent folder path. Path rules support wildcards. + - File attribute rules: Create a rule based off a file's immutable properties like the original filename, file description, product name or internal name. + - Package app name rules: Create a rule based off the package family name of an appx/msix. + - Hash rules: Create a rule based off the PE Authenticode hash of a file. - For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](../design/appcontrol-wizard-create-base-policy.md#creating-custom-file-rules). + For more information on creating new policy file rules, see the guidelines provided in the [creating policy file rules section](../design/appcontrol-wizard-create-base-policy.md#creating-custom-file-rules). 4. Convert to AppId Tagging Policy: - After the Wizard builds the policy file, open the file in a text editor and remove the entire "Value=131" SigningScenario text block. The only remaining signing scenario should be "Value=12" which is the user mode application section. Next, open PowerShell in an elevated prompt and run the following command. Replace the AppIdTagging Key-Value pair for your scenario: + After the Wizard builds the policy file, open the file in a text editor and remove the entire "Value=131" SigningScenario text block. The only remaining signing scenario should be "Value=12" which is the user mode application section. Next, open PowerShell in an elevated prompt and run the following command. Replace the AppIdTagging Key-Value pair for your scenario: - ```powershell - Set-CIPolicyIdInfo -ResetPolicyID -FilePath .\AppIdPolicy.xml -AppIdTaggingPolicy -AppIdTaggingKey "MyKey" -AppIdTaggingValue "MyValue" - ``` - The policyID GUID is returned by the PowerShell command if successful. + ```powershell + Set-CIPolicyIdInfo -ResetPolicyID -FilePath .\AppIdPolicy.xml -AppIdTaggingPolicy -AppIdTaggingKey "MyKey" -AppIdTaggingValue "MyValue" + ``` + The policyID GUID is returned by the PowerShell command if successful. ## Create the policy using PowerShell -Using this method, you create an AppId Tagging policy directly using the WDAC PowerShell commands. These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](appcontrol-appid-tagging-guide.md). In an elevate PowerShell instance: +Using this method, you create an AppId Tagging policy directly using the App Control PowerShell commands. These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](appcontrol-appid-tagging-guide.md). In an elevate PowerShell instance: -1. Create an AppId rule for the policy based on a combination of the signing certificate chain and version of the application. In the example below, the level has been set to SignedVersion. Any of the [WDAC File Rule Levels](../design/select-types-of-rules-to-create.md#table-2-windows-defender-application-control-policy---file-rule-levels) can be used in AppId rules: +1. Create an AppId rule for the policy based on a combination of the signing certificate chain and version of the application. In the example below, the level has been set to SignedVersion. Any of the [App Control File Rule Levels](../design/select-types-of-rules-to-create.md#table-2-app-control-for-business-policy---file-rule-levels) can be used in AppId rules: - ```powershell - $rule = New-CiPolicyRule -Level SignedVersion -DriverFilePath - ``` + ```powershell + $rule = New-CiPolicyRule -Level SignedVersion -DriverFilePath + ``` 2. Create the AppId Tagging Policy. Replace the AppIdTagging Key-Value pair for your scenario: - ```powershell - New-CIPolicy -rules $rule -FilePath .\AppIdPolicy.xml -AppIdTaggingPolicy -AppIdTaggingKey "MyKey" -AppIdTaggingValue "MyValue" - ``` + ```powershell + New-CIPolicy -rules $rule -FilePath .\AppIdPolicy.xml -AppIdTaggingPolicy -AppIdTaggingKey "MyKey" -AppIdTaggingValue "MyValue" + ``` 3. Set the rule-options for the policy: - ```powershell - Set-RuleOption -Option 0 .\AppIdPolicy.xml # Usermode Code Integrity (UMCI) - Set-RuleOption -Option 16 .\AppIdPolicy.xml # Refresh Policy no Reboot - Set-RuleOption -Option 18 .\AppIdPolicy.xml # (Optional) Disable FilePath Rule Protection - ``` + ```powershell + Set-RuleOption -Option 0 .\AppIdPolicy.xml # Usermode Code Integrity (UMCI) + Set-RuleOption -Option 16 .\AppIdPolicy.xml # Refresh Policy no Reboot + Set-RuleOption -Option 18 .\AppIdPolicy.xml # (Optional) Disable FilePath Rule Protection + ``` - If you're using filepath rules, you may want to set option 18. Otherwise, there's no need. + If you're using filepath rules, you may want to set option 18. Otherwise, there's no need. 4. Set the name and ID on the policy, which is helpful for future debugging: - ```powershell - Set-CIPolicyIdInfo -ResetPolicyId -PolicyName "MyPolicyName" -PolicyId "MyPolicyId" -AppIdTaggingPolicy -FilePath ".\AppIdPolicy.xml" - ``` - The policyID GUID is returned by the PowerShell command if successful. + ```powershell + Set-CIPolicyIdInfo -ResetPolicyId -PolicyName "MyPolicyName" -PolicyId "MyPolicyId" -AppIdTaggingPolicy -FilePath ".\AppIdPolicy.xml" + ``` + The policyID GUID is returned by the PowerShell command if successful. ## Deploy for Local Testing @@ -87,18 +85,18 @@ After creating your AppId Tagging policy in the above steps, you can deploy the 1. Depending on your deployment method, convert the xml to binary: - ```powershell - Convertfrom-CIPolicy .\policy.xml ".\{PolicyIDGUID}.cip" - ``` + ```powershell + Convertfrom-CIPolicy .\policy.xml ".\{PolicyIDGUID}.cip" + ``` 2. Optionally, deploy it for local testing: - ```powershell - copy ".\{Policy ID}.cip" c:\windows\system32\codeintegrity\CiPolicies\Active\ - ./RefreshPolicy.exe - ``` + ```powershell + copy ".\{Policy ID}.cip" c:\windows\system32\codeintegrity\CiPolicies\Active\ + ./RefreshPolicy.exe + ``` - RefreshPolicy.exe is available for download from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=102925). + RefreshPolicy.exe is available for download from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=102925). ## Next Steps For more information on debugging and broad deployment of the AppId Tagging policy, see [Debugging AppId policies](debugging-operational-guide-appid-tagging-policies.md) and [Deploying AppId policies](deploy-appid-tagging-policies.md). diff --git a/windows/security/application-security/application-control/app-control-for-business/TOC.yml b/windows/security/application-security/application-control/app-control-for-business/TOC.yml index c24abf5f4e..d7bad29ee6 100644 --- a/windows/security/application-security/application-control/app-control-for-business/TOC.yml +++ b/windows/security/application-security/application-control/app-control-for-business/TOC.yml @@ -4,22 +4,22 @@ href: appcontrol.md expanded: true items: - - name: WDAC and AppLocker Overview + - name: App Control and AppLocker Overview href: appcontrol-and-applocker-overview.md - - name: WDAC and AppLocker Feature Availability + - name: App Control and AppLocker Feature Availability href: feature-availability.md - name: Virtualization-based protection of code integrity - href: ../introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md -- name: WDAC design guide + href: ../introduction-to-virtualization-based-security-and-appcontrol.md +- name: App Control design guide href: design/appcontrol-design-guide.md items: - - name: Plan for WDAC policy lifecycle management + - name: Plan for App Control policy lifecycle management href: design/plan-appcontrol-management.md - - name: Design your WDAC policy + - name: Design your App Control policy items: - - name: Understand WDAC policy design decisions + - name: Understand App Control policy design decisions href: design/understand-appcontrol-policy-design-decisions.md - - name: Understand WDAC policy rules and file rules + - name: Understand App Control policy rules and file rules href: design/select-types-of-rules-to-create.md items: - name: Allow apps installed by a managed installer @@ -28,88 +28,88 @@ href: design/use-appcontrol-with-intelligent-security-graph.md - name: Allow COM object registration href: design/allow-com-object-registration-in-appcontrol-policy.md - - name: Use WDAC with .NET hardening + - name: Use App Control with .NET hardening href: design/appcontrol-and-dotnet.md - - name: Script enforcement with Windows Defender Application Control + - name: Script enforcement with App Control for Business href: design/script-enforcement.md - - name: Manage packaged apps with WDAC + - name: Manage packaged apps with App Control href: design/manage-packaged-apps-with-appcontrol.md - - name: Use WDAC to control specific plug-ins, add-ins, and modules + - name: Use App Control to control specific plug-ins, add-ins, and modules href: design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md - - name: Understand WDAC policy settings + - name: Understand App Control policy settings href: design/understanding-appcontrol-policy-settings.md - - name: Use multiple WDAC policies + - name: Use multiple App Control policies href: design/deploy-multiple-appcontrol-policies.md - - name: Create your WDAC policy + - name: Create your App Control policy items: - - name: Example WDAC base policies + - name: Example App Control base policies href: design/example-appcontrol-base-policies.md - - name: Policy creation for common WDAC usage scenarios + - name: Policy creation for common App Control usage scenarios href: design/common-appcontrol-use-cases.md items: - - name: Create a WDAC policy for lightly managed devices + - name: Create a App Control policy for lightly managed devices href: design/create-appcontrol-policy-for-lightly-managed-devices.md - - name: Create a WDAC policy for fully managed devices + - name: Create a App Control policy for fully managed devices href: design/create-appcontrol-policy-for-fully-managed-devices.md - - name: Create a WDAC policy for fixed-workload devices + - name: Create a App Control policy for fixed-workload devices href: design/create-appcontrol-policy-using-reference-computer.md - - name: Create a WDAC deny list policy + - name: Create a App Control deny list policy href: design/create-appcontrol-deny-policy.md - - name: Applications that can bypass WDAC and how to block them + - name: Applications that can bypass App Control and how to block them href: design/applications-that-can-bypass-appcontrol.md - name: Microsoft recommended driver block rules href: design/microsoft-recommended-driver-block-rules.md - - name: Use the WDAC Wizard tool + - name: Use the App Control Wizard tool href: design/appcontrol-wizard.md items: - - name: Create a base WDAC policy with the Wizard + - name: Create a base App Control policy with the Wizard href: design/appcontrol-wizard-create-base-policy.md - - name: Create a supplemental WDAC policy with the Wizard + - name: Create a supplemental App Control policy with the Wizard href: design/appcontrol-wizard-create-supplemental-policy.md - - name: Editing a WDAC policy with the Wizard + - name: Editing a App Control policy with the Wizard href: design/appcontrol-wizard-editing-policy.md - - name: Creating WDAC Policy Rules from WDAC Events + - name: Creating App Control Policy Rules from App Control Events href: design/appcontrol-wizard-parsing-event-logs.md - - name: Merging multiple WDAC policies with the Wizard + - name: Merging multiple App Control policies with the Wizard href: design/appcontrol-wizard-merging-policies.md -- name: WDAC deployment guide +- name: App Control deployment guide href: deployment/appcontrol-deployment-guide.md items: - - name: Deploy WDAC policies with MDM + - name: Deploy App Control policies with MDM href: deployment/deploy-appcontrol-policies-using-intune.md - - name: Deploy WDAC policies with Configuration Manager + - name: Deploy App Control policies with Configuration Manager href: deployment/deploy-appcontrol-policies-with-memcm.md - - name: Deploy WDAC policies with script + - name: Deploy App Control policies with script href: deployment/deploy-appcontrol-policies-with-script.md - - name: Deploy WDAC policies with group policy + - name: Deploy App Control policies with group policy href: deployment/deploy-appcontrol-policies-using-group-policy.md - - name: Audit WDAC policies + - name: Audit App Control policies href: deployment/audit-appcontrol-policies.md - - name: Merge WDAC policies + - name: Merge App Control policies href: deployment/merge-appcontrol-policies.md - - name: Enforce WDAC policies + - name: Enforce App Control policies href: deployment/enforce-appcontrol-policies.md - - name: Use code signing for added control and protection with WDAC + - name: Use code signing for added control and protection with App Control href: deployment/use-code-signing-for-better-control-and-protection.md items: - - name: Deploy catalog files to support WDAC + - name: Deploy catalog files to support App Control href: deployment/deploy-catalog-files-to-support-appcontrol.md - - name: Use signed policies to protect Windows Defender Application Control against tampering + - name: Use signed policies to protect App Control for Business against tampering href: deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md - - name: "Optional: Create a code signing cert for WDAC" + - name: "Optional: Create a code signing cert for App Control" href: deployment/create-code-signing-cert-for-appcontrol.md - - name: Disable WDAC policies + - name: Disable App Control policies href: deployment/disable-appcontrol-policies.md -- name: WDAC operational guide +- name: App Control operational guide href: operations/appcontrol-operational-guide.md items: - - name: WDAC debugging and troubleshooting + - name: App Control debugging and troubleshooting href: operations/appcontrol-debugging-and-troubleshooting.md - name: Understanding Application Control event IDs href: operations/event-id-explanations.md - name: Understanding Application Control event tags href: operations/event-tag-explanations.md - - name: Query WDAC events with Advanced hunting + - name: Query App Control events with Advanced hunting href: operations/querying-application-control-events-centrally-using-advanced-hunting.md - name: Known Issues href: operations/known-issues.md @@ -117,9 +117,9 @@ href: operations/configure-appcontrol-managed-installer.md - name: CITool.exe technical reference href: operations/citool-commands.md - - name: Inbox WDAC policies + - name: Inbox App Control policies href: operations/inbox-appcontrol-policies.md -- name: WDAC AppId Tagging guide +- name: App Control AppId Tagging guide href: AppIdTagging/appcontrol-appid-tagging-guide.md items: - name: Creating AppId Tagging Policies diff --git a/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md b/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md index 1e2654111c..b73b5fd915 100644 --- a/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md +++ b/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md @@ -1,23 +1,22 @@ --- -title: WDAC and AppLocker Overview +title: App Control and AppLocker Overview description: Compare Windows application control technologies. ms.localizationpriority: medium ms.date: 01/03/2024 ms.topic: conceptual --- -# Windows Defender Application Control and AppLocker Overview +# App Control for Business and AppLocker Overview -> [!NOTE] -> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [WDAC feature availability](feature-availability.md). +[!INCLUDE [Feature availability note](includes/feature-availability-note.md)] -Windows 10 and Windows 11 include two technologies that can be used for application control, depending on your organization's specific scenarios and requirements: Windows Defender Application Control (WDAC) and AppLocker. +Windows 10 and Windows 11 include two technologies that can be used for application control, depending on your organization's specific scenarios and requirements: App Control for Business and AppLocker. -## Windows Defender Application Control +## App Control for Business -WDAC was introduced with Windows 10 and allows organizations to control which drivers and applications are allowed to run on their Windows clients. It was designed as a security feature under the [servicing criteria](https://www.microsoft.com/msrc/windows-security-servicing-criteria), defined by the Microsoft Security Response Center (MSRC). +App Control was introduced with Windows 10 and allows organizations to control which drivers and applications are allowed to run on their Windows clients. It was designed as a security feature under the [servicing criteria](https://www.microsoft.com/msrc/windows-security-servicing-criteria), defined by the Microsoft Security Response Center (MSRC). -WDAC policies apply to the managed computer as a whole and affects all users of the device. WDAC rules can be defined based on: +App Control policies apply to the managed computer as a whole and affects all users of the device. App Control rules can be defined based on: - Attributes of the codesigning certificate(s) used to sign an app and its binaries - Attributes of the app's binaries that come from the signed metadata for the files, such as Original Filename and version, or the hash of the file @@ -27,13 +26,13 @@ WDAC policies apply to the managed computer as a whole and affects all users of - The process that launched the app or binary > [!NOTE] -> WDAC was originally released as part of Device Guard and called configurable code integrity. Device Guard and configurable code integrity are no longer used except to find where to deploy WDAC policy via Group Policy. +> App Control was originally released as part of Device Guard and called configurable code integrity. Device Guard and configurable code integrity are no longer used except to find where to deploy App Control policy via Group Policy. -### WDAC System Requirements +### App Control System Requirements -WDAC policies can be created and applied on any client edition of Windows 10 or Windows 11, or on Windows Server 2016 and higher. WDAC policies can be deployed via a Mobile Device Management (MDM) solution, for example, Intune; a management interface such as Configuration Manager; or a script host such as PowerShell. Group Policy can also be used to deploy WDAC policies, but is limited to single-policy format policies that work on Windows Server 2016 and 2019. +App Control policies can be created and applied on any client edition of Windows 10 or Windows 11, or on Windows Server 2016 and higher. App Control policies can be deployed via a Mobile Device Management (MDM) solution, for example, Intune; a management interface such as Configuration Manager; or a script host such as PowerShell. Group Policy can also be used to deploy App Control policies, but is limited to single-policy format policies that work on Windows Server 2016 and 2019. -For more information on which individual WDAC features are available on specific WDAC builds, see [WDAC feature availability](feature-availability.md). +For more information on which individual App Control features are available on specific App Control builds, see [App Control feature availability](feature-availability.md). ## AppLocker @@ -45,16 +44,16 @@ AppLocker policies can apply to all users on a computer, or to individual users - Attributes of the app's binaries that come from the signed metadata for the files, such as Original Filename and version, or the hash of the file. - The path from which the app or file is launched. -AppLocker is also used by some features of WDAC, including [managed installer](/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer) and the [Intelligent Security Graph](/windows/security/application-security/application-control/windows-defender-application-control/design/use-wdac-with-intelligent-security-graph). +AppLocker is also used by some features of App Control, including [managed installer](design/configure-authorized-apps-deployed-with-a-managed-installer.md) and the [Intelligent Security Graph](design/use-appcontrol-with-intelligent-security-graph.md). ### AppLocker System Requirements AppLocker policies can only be configured on and applied to devices that are running on the supported versions and editions of the Windows operating system. For more info, see [Requirements to Use AppLocker](applocker/requirements-to-use-applocker.md). AppLocker policies can be deployed using Group Policy or MDM. -## Choose when to use WDAC or AppLocker +## Choose when to use App Control or AppLocker -Generally, customers who are able to implement application control using WDAC, rather than AppLocker, should do so. WDAC is undergoing continual improvements, and is getting added support from Microsoft management platforms. Although AppLocker continues to receive security fixes, it isn't getting new feature improvements. +Generally, customers who are able to implement application control using App Control, rather than AppLocker, should do so. App Control is undergoing continual improvements, and is getting added support from Microsoft management platforms. Although AppLocker continues to receive security fixes, it isn't getting new feature improvements. However, in some cases, AppLocker might be the more appropriate technology for your organization. AppLocker is best when: @@ -62,4 +61,4 @@ However, in some cases, AppLocker might be the more appropriate technology for y - You need to apply different policies for different users or groups on shared computers. - You don't want to enforce application control on application files such as DLLs or drivers. -AppLocker can also be deployed as a complement to WDAC to add user or group-specific rules for shared device scenarios, where it's important to prevent some users from running specific apps. As a best practice, you should enforce WDAC at the most restrictive level possible for your organization, and then you can use AppLocker to further fine-tune the restrictions. +AppLocker can also be deployed as a complement to App Control to add user or group-specific rules for shared device scenarios, where it's important to prevent some users from running specific apps. As a best practice, you should enforce App Control at the most restrictive level possible for your organization, and then you can use AppLocker to further fine-tune the restrictions. diff --git a/windows/security/application-security/application-control/app-control-for-business/appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/appcontrol.md index 88c99842d1..0a3335af15 100644 --- a/windows/security/application-security/application-control/app-control-for-business/appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/appcontrol.md @@ -10,8 +10,7 @@ ms.topic: overview # Application Control for Windows -> [!NOTE] -> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md). +[!INCLUDE [Feature availability note](includes/feature-availability-note.md)] With thousands of new malicious files created every day, using traditional methods like antivirus solutions-signature-based detection to fight against malware-provides an inadequate defense against new attacks. @@ -26,14 +25,14 @@ Application control is a crucial line of defense for protecting enterprises give Windows 10 and Windows 11 include two technologies that can be used for application control depending on your organization's specific scenarios and requirements: -- **Windows Defender Application Control (WDAC)**; and +- **App Control for Business**; and - **AppLocker** -## WDAC and Smart App Control +## App Control and Smart App Control -Starting in Windows 11 version 22H2, [Smart App Control](https://support.microsoft.com/topic/what-is-smart-app-control-285ea03d-fa88-4d56-882e-6698afdb7003) provides application control for consumers. Smart App Control is based on WDAC, allowing enterprise customers to create a policy that offers the same security and compatibility with the ability to customize it to run line-of-business (LOB) apps. To make it easier to implement this policy, an [example policy](design/example-appcontrol-base-policies.md) is provided. The example policy includes **Enabled:Conditional Windows Lockdown Policy** option that isn't supported for WDAC enterprise policies. This rule must be removed before you use the example policy. To use this example policy as a starting point for creating your own policy, see [Create a custom base policy using an example WDAC base policy](design/create-appcontrol-policy-for-lightly-managed-devices.md#create-a-custom-base-policy-using-an-example-wdac-base-policy). +Starting in Windows 11 version 22H2, [Smart App Control](https://support.microsoft.com/topic/what-is-smart-app-control-285ea03d-fa88-4d56-882e-6698afdb7003) provides application control for consumers. Smart App Control is based on App Control, allowing enterprise customers to create a policy that offers the same security and compatibility with the ability to customize it to run line-of-business (LOB) apps. To make it easier to implement this policy, an [example policy](design/example-appcontrol-base-policies.md) is provided. The example policy includes **Enabled:Conditional Windows Lockdown Policy** option that isn't supported for App Control enterprise policies. This rule must be removed before you use the example policy. To use this example policy as a starting point for creating your own policy, see [Create a custom base policy using an example App Control base policy](design/create-appcontrol-policy-for-lightly-managed-devices.md#create-a-custom-base-policy-using-an-example-app-control-base-policy). -Smart App Control is only available on clean installation of Windows 11 version 22H2 or later, and starts in evaluation mode. Smart App Control is automatically turned off for enterprise managed devices unless the user has turned it on first. To turn off Smart App Control across your organization's endpoints, you can set the **VerifiedAndReputablePolicyState** (DWORD) registry value under `HKLM\SYSTEM\CurrentControlSet\Control\CI\Policy` as shown in the following table. After you change the registry value, you must either restart the device or use [CiTool.exe -r](/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands#refresh-the-wdac-policies-on-the-system) for the change to take effect. +Smart App Control is only available on clean installation of Windows 11 version 22H2 or later, and starts in evaluation mode. Smart App Control is automatically turned off for enterprise managed devices unless the user has turned it on first. To turn off Smart App Control across your organization's endpoints, you can set the **VerifiedAndReputablePolicyState** (DWORD) registry value under `HKLM\SYSTEM\CurrentControlSet\Control\CI\Policy` as shown in the following table. After you change the registry value, you must either restart the device or use [CiTool.exe -r](operations/citool-commands.md#refresh-the-app-control-policies-on-the-system) for the change to take effect. | Value | Description | |-------|-------------| @@ -57,7 +56,7 @@ Smart App Control enforces the [Microsoft Recommended Driver Block rules](design ## Related articles -- [WDAC design guide](design/appcontrol-design-guide.md) -- [WDAC deployment guide](deployment/appcontrol-deployment-guide.md) -- [WDAC operational guide](operations/appcontrol-operational-guide.md) +- [App Control design guide](design/appcontrol-design-guide.md) +- [App Control deployment guide](deployment/appcontrol-deployment-guide.md) +- [App Control operational guide](operations/appcontrol-operational-guide.md) - [AppLocker overview](applocker/applocker-overview.md) diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md index 654b172dca..045b43bc8e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md @@ -11,13 +11,13 @@ ms.date: 01/03/2024 # AppLocker -This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies. AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers. AppLocker is also used by some features of Windows Defender Application Control. +This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies. AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers. AppLocker is also used by some features of App Control for Business. > [!NOTE] -> AppLocker is a defense-in-depth security feature and not considered a defensible Windows [security feature](https://www.microsoft.com/msrc/windows-security-servicing-criteria). [Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview) should be used when the goal is to provide robust protection against a threat and there are expected to be no by-design limitations that would prevent the security feature from achieving this goal. +> AppLocker is a defense-in-depth security feature and not considered a defensible Windows [security feature](https://www.microsoft.com/msrc/windows-security-servicing-criteria). [App Control for Business](../appcontrol-and-applocker-overview.md) should be used when the goal is to provide robust protection against a threat and there are expected to be no by-design limitations that would prevent the security feature from achieving this goal. > [!NOTE] -> By default, AppLocker policy only applies to code launched in a user's context. On Windows 10, Windows 11, and Windows Server 2016 or later, you can apply AppLocker policy to non-user processes, including those running as SYSTEM. For more information, see [AppLocker rule collection extensions](/windows/security/application-security/application-control/windows-defender-application-control/applocker/rule-collection-extensions#services-enforcement). +> By default, AppLocker policy only applies to code launched in a user's context. On Windows 10, Windows 11, and Windows Server 2016 or later, you can apply AppLocker policy to non-user processes, including those running as SYSTEM. For more information, see [AppLocker rule collection extensions](rule-collection-extensions.md#services-enforcement). AppLocker can help you: diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md index a948419849..50971f323d 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md @@ -12,7 +12,7 @@ This article for the IT professional introduces the design and planning steps re This guide provides important designing and planning information for deploying application control policies by using AppLocker. Through a sequential and iterative process, you can create an AppLocker policy deployment plan for your organization that addresses your specific application control requirements by department, organizational unit, or business group. -To understand if AppLocker is the correct application control solution for your organization, see [Windows Defender Application Control and AppLocker overview](/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview). +To understand if AppLocker is the correct application control solution for your organization, see [App Control for Business and AppLocker overview](../appcontrol-and-applocker-overview.md). ## In this section diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md index 81e26f0be3..15208b7d2a 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md @@ -8,8 +8,7 @@ ms.date: 12/23/2023 # AppLocker processes and interactions -> [!NOTE] -> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] This article for the IT professional describes the process dependencies and interactions when AppLocker evaluates and enforces rules. diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md index 2489e8b738..5dcf968359 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md @@ -10,7 +10,7 @@ ms.date: 12/22/2023 This article for IT professionals describes the steps to merge AppLocker policies by using Windows PowerShell. -The **Set-AppLockerPolicy** cmdlet sets the specified Group Policy Object (GPO) to contain the specified AppLocker policy. If no Lightweight Directory Access Protocol (LDAP) is specified, the local policy is used. When the Merge parameter is used, rules in the specified AppLocker policy are merged with the AppLocker rules in the target GPO specified in the LDAP path. Merging policies removes rules with duplicate rule IDs, and the enforcement mode setting is chosen as described in [Working with AppLocker rules](/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules#enforcement-modes). If the Merge parameter isn't specified, then the new policy overwrites the existing policy. +The **Set-AppLockerPolicy** cmdlet sets the specified Group Policy Object (GPO) to contain the specified AppLocker policy. If no Lightweight Directory Access Protocol (LDAP) is specified, the local policy is used. When the Merge parameter is used, rules in the specified AppLocker policy are merged with the AppLocker rules in the target GPO specified in the LDAP path. Merging policies removes rules with duplicate rule IDs, and the enforcement mode setting is chosen as described in [Working with AppLocker rules](working-with-applocker-rules.md#enforcement-modes). If the Merge parameter isn't specified, then the new policy overwrites the existing policy. For info about using **Set-AppLockerPolicy**, including syntax descriptions and parameters, see [Set-AppLockerPolicy](/powershell/module/applocker/set-applockerpolicy). diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md index a17f0dbc2f..36686c2fea 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md @@ -12,7 +12,7 @@ This article for IT professionals describes the steps to manually merge AppLocke If you need to merge multiple AppLocker policies into a single one, you can either manually merge the policies or use the Windows PowerShell cmdlets for AppLocker. You can't automatically merge policies by using the AppLocker console. For info about merging policies by using Windows PowerShell, see [Merge AppLocker policies by using Set-ApplockerPolicy](merge-applocker-policies-by-using-set-applockerpolicy.md). -The AppLocker policy is stored in XML format, and an exported policy can be edited with any text or XML editor. To export an AppLocker policy, see [Export an AppLocker policy to an XML file](/windows/security/application-security/application-control/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file). Before making changes to an AppLocker policy manually, review [Working with AppLocker rules](/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules). +The AppLocker policy is stored in XML format, and an exported policy can be edited with any text or XML editor. To export an AppLocker policy, see [Export an AppLocker policy to an XML file](export-an-applocker-policy-to-an-xml-file.md). Before making changes to an AppLocker policy manually, review [Working with AppLocker rules](working-with-applocker-rules.md). Membership in the local **Administrators** group, or equivalent, is the minimum required to complete this procedure. diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md index f8756d82ac..ca9f4ae325 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md @@ -29,7 +29,7 @@ This article describes the rule collection extensions added in Windows 10 and la ## Services enforcement -By default, AppLocker policy only applies to code running in a user's context. On Windows 10, Windows 11, and Windows Server 2016 or later, you can apply AppLocker policy to nonuser processes, including services running as SYSTEM. You must enable services enforcement when using AppLocker with Windows Defender Application Control's (WDAC) [managed installer](/windows/security/application-security/application-control/windows-defender-application-control/design/configure-authorized-apps-deployed-with-a-managed-installer) feature. +By default, AppLocker policy only applies to code running in a user's context. On Windows 10, Windows 11, and Windows Server 2016 or later, you can apply AppLocker policy to nonuser processes, including services running as SYSTEM. You must enable services enforcement when using AppLocker with App Control for Business's [managed installer](../design/configure-authorized-apps-deployed-with-a-managed-installer.md) feature. To apply AppLocker policy to nonuser processes, set ```` in the ```` section as shown in the preceding XML fragment. diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md index e2740a5bf6..86556f815e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md @@ -10,7 +10,7 @@ ms.date: 12/22/2023 This article for the IT professional describes how application control policies configured in AppLocker are applied through Group Policy. -Rule enforcement is applied only to collections of rules, not individual rules. For more info on rule collections, see [AppLocker rule collections](/windows/security/application-security/application-control/windows-defender-application-control/applocker/working-with-applocker-rules#rule-collections). +Rule enforcement is applied only to collections of rules, not individual rules. For more info on rule collections, see [AppLocker rule collections](working-with-applocker-rules.md#rule-collections). Group Policy merges AppLocker policy in two ways: diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md index 256c416dbf..24f7f1e8c2 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md @@ -10,7 +10,7 @@ ms.date: 12/23/2023 This article for the IT professional describes what AppLocker is. -Windows includes two technologies that can be used for application control, depending on your organization's specific scenarios and requirements: Windows Defender Application Control (WDAC) and AppLocker. For information to help you choose when to use WDAC or AppLocker, see [WDAC and AppLocker overview](/windows/security/application-security/application-control/windows-defender-application-control/wdac-and-applocker-overview). +Windows includes two technologies that can be used for application control, depending on your organization's specific scenarios and requirements: App Control for Business and AppLocker. For information to help you choose when to use App Control or AppLocker, see [App Control and AppLocker overview](../appcontrol-and-applocker-overview.md). AppLocker helps you create rules to allow or deny apps from running based on information about the apps' files. You can also use AppLocker to control which users or groups can run those apps. diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md index 688747f887..a893114a66 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md @@ -1,29 +1,28 @@ --- -title: Deploying Windows Defender Application Control (WDAC) policies -description: Learn how to plan and implement a WDAC deployment. +title: Deploying App Control for Business policies +description: Learn how to plan and implement a App Control deployment. ms.localizationpriority: medium ms.date: 01/23/2023 ms.topic: overview --- -# Deploying Windows Defender Application Control (WDAC) policies +# Deploying App Control for Business policies -> [!NOTE] -> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -You should now have one or more Windows Defender Application Control (WDAC) policies ready to deploy. If you haven't yet completed the steps described in the [WDAC Design Guide](../design/appcontrol-design-guide.md), do so now before proceeding. +You should now have one or more App Control for Business policies ready to deploy. If you haven't yet completed the steps described in the [App Control Design Guide](../design/appcontrol-design-guide.md), do so now before proceeding. -## Convert your WDAC policy XML to binary +## Convert your App Control policy XML to binary -Before you deploy your WDAC policies, you must first convert the XML to its binary form. You can do this using the following PowerShell example. You must set the $WDACPolicyXMLFile variable to point to your WDAC policy XML file. +Before you deploy your App Control policies, you must first convert the XML to its binary form. You can do this using the following PowerShell example. You must set the $AppControlPolicyXMLFile variable to point to your App Control policy XML file. ```powershell - ## Update the path to your WDAC policy XML - $WDACPolicyXMLFile = $env:USERPROFILE + "\Desktop\MyWDACPolicy.xml" - [xml]$WDACPolicy = Get-Content -Path $WDACPolicyXMLFile - if (($WDACPolicy.SiPolicy.PolicyID) -ne $null) ## Multiple policy format (For Windows builds 1903+ only, including Server 2022) + ## Update the path to your App Control policy XML + $AppControlPolicyXMLFile = $env:USERPROFILE + "\Desktop\MyAppControlPolicy.xml" + [xml]$AppControlPolicy = Get-Content -Path $AppControlPolicyXMLFile + if (($AppControlPolicy.SiPolicy.PolicyID) -ne $null) ## Multiple policy format (For Windows builds 1903+ only, including Server 2022) { - $PolicyID = $WDACPolicy.SiPolicy.PolicyID + $PolicyID = $AppControlPolicy.SiPolicy.PolicyID $PolicyBinary = $PolicyID+".cip" } else ## Single policy format (Windows Server 2016 and 2019, and Windows 10 1809 LTSC) @@ -32,23 +31,23 @@ Before you deploy your WDAC policies, you must first convert the XML to its bina } ## Binary file will be written to your desktop - ConvertFrom-CIPolicy -XmlFilePath $WDACPolicyXMLFile -BinaryFilePath $env:USERPROFILE\Desktop\$PolicyBinary + ConvertFrom-CIPolicy -XmlFilePath $AppControlPolicyXMLFile -BinaryFilePath $env:USERPROFILE\Desktop\$PolicyBinary ``` ## Plan your deployment -As with any significant change to your environment, implementing application control can have unintended consequences. To ensure the best chance for success, you should follow safe deployment practices and plan your deployment carefully. Identify the devices you'll manage with WDAC and split them into deployment rings. This way, you can control the speed and scale of the deployment and respond if anything goes wrong. Define the success criteria that will determine when it's safe to continue from one ring to the next. +As with any significant change to your environment, implementing application control can have unintended consequences. To ensure the best chance for success, you should follow safe deployment practices and plan your deployment carefully. Identify the devices you'll manage with App Control and split them into deployment rings. This way, you can control the speed and scale of the deployment and respond if anything goes wrong. Define the success criteria that will determine when it's safe to continue from one ring to the next. -All Windows Defender Application Control policy changes should be deployed in audit mode before proceeding to enforcement. Carefully monitor events from devices where the policy has been deployed to ensure the block events you observe match your expectation before broadening the deployment to other deployment rings. If your organization uses Microsoft Defender for Endpoint, you can use the Advanced Hunting feature to centrally monitor WDAC-related events. Otherwise, we recommend using an event log forwarding solution to collect relevant events from your managed endpoints. +All App Control for Business policy changes should be deployed in audit mode before proceeding to enforcement. Carefully monitor events from devices where the policy has been deployed to ensure the block events you observe match your expectation before broadening the deployment to other deployment rings. If your organization uses Microsoft Defender for Endpoint, you can use the Advanced Hunting feature to centrally monitor App Control-related events. Otherwise, we recommend using an event log forwarding solution to collect relevant events from your managed endpoints. -## Choose how to deploy WDAC policies +## Choose how to deploy App Control policies > [!IMPORTANT] -> Due to a known issue, you should always activate new **signed** WDAC Base policies with a reboot on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. We recommend [deploying via script](deploy-appcontrol-policies-with-script.md) in this case. +> Due to a known issue, you should always activate new **signed** App Control Base policies with a reboot on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. We recommend [deploying via script](deploy-appcontrol-policies-with-script.md) in this case. > > This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity. -There are several options to deploy Windows Defender Application Control policies to managed endpoints, including: +There are several options to deploy App Control for Business policies to managed endpoints, including: - [Deploy using a Mobile Device Management (MDM) solution](deploy-appcontrol-policies-using-intune.md), such as Microsoft Intune - [Deploy using Microsoft Configuration Manager](deploy-appcontrol-policies-with-memcm.md) diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md index 8e08b9a353..6c94229e73 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md @@ -1,35 +1,34 @@ --- -title: Use audit events to create WDAC policy rules -description: Audits allow admins to discover apps, binaries, and scripts that should be added to the WDAC policy. +title: Use audit events to create App Control policy rules +description: Audits allow admins to discover apps, binaries, and scripts that should be added to the App Control policy. ms.localizationpriority: medium ms.date: 05/03/2018 ms.topic: conceptual --- -# Use audit events to create WDAC policy rules +# Use audit events to create App Control policy rules ->[!NOTE] ->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -Running Application Control in audit mode lets you discover applications, binaries, and scripts that are missing from your WDAC policy but should be included. +Running Application Control in audit mode lets you discover applications, binaries, and scripts that are missing from your App Control policy but should be included. -While a WDAC policy is running in audit mode, any binary that runs but would have been denied is logged in the **Applications and Services Logs\\Microsoft\\Windows\\CodeIntegrity\\Operational** event log. Script and MSI are logged in the **Applications and Services Logs\\Microsoft\\Windows\\AppLocker\\MSI and Script** event log. These events can be used to generate a new WDAC policy that can be merged with the original Base policy or deployed as a separate Supplemental policy, if allowed. +While a App Control policy is running in audit mode, any binary that runs but would have been denied is logged in the **Applications and Services Logs\\Microsoft\\Windows\\CodeIntegrity\\Operational** event log. Script and MSI are logged in the **Applications and Services Logs\\Microsoft\\Windows\\AppLocker\\MSI and Script** event log. These events can be used to generate a new App Control policy that can be merged with the original Base policy or deployed as a separate Supplemental policy, if allowed. -## Overview of the process to create WDAC policy to allow apps using audit events +## Overview of the process to create App Control policy to allow apps using audit events > [!Note] -> You must have already deployed a WDAC audit mode policy to use this process. If you have not already done so, see [Deploying Windows Defender Application Control policies](appcontrol-deployment-guide.md). +> You must have already deployed a App Control audit mode policy to use this process. If you have not already done so, see [Deploying App Control for Business policies](appcontrol-deployment-guide.md). -To familiarize yourself with creating WDAC rules from audit events, follow these steps on a device with a WDAC audit mode policy. +To familiarize yourself with creating App Control rules from audit events, follow these steps on a device with a App Control audit mode policy. -1. Install and run an application not allowed by the WDAC policy but that you want to allow. +1. Install and run an application not allowed by the App Control policy but that you want to allow. 2. Review the **CodeIntegrity - Operational** and **AppLocker - MSI and Script** event logs to confirm events, like those shown in Figure 1, are generated related to the application. For information about the types of events you should see, refer to [Understanding Application Control events](../operations/event-id-explanations.md). - **Figure 1. Exceptions to the deployed WDAC policy** - ![Event showing exception to WDAC policy.](../images/dg-fig23-exceptionstocode.png) + **Figure 1. Exceptions to the deployed App Control policy** + ![Event showing exception to App Control policy.](../images/dg-fig23-exceptionstocode.png) -3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create a WDAC policy for fully managed devices](../design/create-appcontrol-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**. +3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create a App Control policy for fully managed devices](../design/create-appcontrol-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**. ```powershell $PolicyName= "Lamna_FullyManagedClients_Audit" @@ -38,24 +37,24 @@ To familiarize yourself with creating WDAC rules from audit events, follow these $EventsPolicyWarnings=$env:userprofile+"\Desktop\EventsPolicyWarnings.txt" ``` -4. Use [New-CIPolicy](/powershell/module/configci/new-cipolicy) to generate a new WDAC policy from logged audit events. This example uses a **FilePublisher** file rule level and a **Hash** fallback level. Warning messages are redirected to a text file **EventsPolicyWarnings.txt**. +4. Use [New-CIPolicy](/powershell/module/configci/new-cipolicy) to generate a new App Control policy from logged audit events. This example uses a **FilePublisher** file rule level and a **Hash** fallback level. Warning messages are redirected to a text file **EventsPolicyWarnings.txt**. ```powershell New-CIPolicy -FilePath $EventsPolicy -Audit -Level FilePublisher -Fallback SignedVersion,FilePublisher,Hash -UserPEs -MultiplePolicyFormat 3> $EventsPolicyWarnings ``` > [!NOTE] - > When you create policies from audit events, you should carefully consider the file rule level that you select to trust. The preceding example uses the **FilePublisher** rule level with a fallback level of **Hash**, which may be more specific than desired. You can re-run the above command using different **-Level** and **-Fallback** options to meet your needs. For more information about WDAC rule levels, see [Understand WDAC policy rules and file rules](../design/select-types-of-rules-to-create.md). + > When you create policies from audit events, you should carefully consider the file rule level that you select to trust. The preceding example uses the **FilePublisher** rule level with a fallback level of **Hash**, which may be more specific than desired. You can re-run the above command using different **-Level** and **-Fallback** options to meet your needs. For more information about App Control rule levels, see [Understand App Control policy rules and file rules](../design/select-types-of-rules-to-create.md). -5. Find and review the WDAC policy file **EventsPolicy.xml** that should be found on your desktop. Ensure that it only includes file and signer rules for applications, binaries, and scripts you wish to allow. You can remove rules by manually editing the policy XML or use the WDAC Policy Wizard tool (see [Editing existing base and supplemental WDAC policies with the Wizard](../design/appcontrol-wizard-editing-policy.md)). +5. Find and review the App Control policy file **EventsPolicy.xml** that should be found on your desktop. Ensure that it only includes file and signer rules for applications, binaries, and scripts you wish to allow. You can remove rules by manually editing the policy XML or use the App Control Policy Wizard tool (see [Editing existing base and supplemental App Control policies with the Wizard](../design/appcontrol-wizard-editing-policy.md)). -6. Find and review the text file **EventsPolicyWarnings.txt** that should be found on your desktop. This file will include a warning for any files that WDAC couldn't create a rule for at either the specified rule level or fallback rule level. +6. Find and review the text file **EventsPolicyWarnings.txt** that should be found on your desktop. This file will include a warning for any files that App Control couldn't create a rule for at either the specified rule level or fallback rule level. > [!NOTE] - > New-CIPolicy only creates rules for files that can still be found on disk. Files which are no longer present on the system will not have a rule created to allow them. However, the event log should have sufficient information to allow these files by manually editing the policy XML to add rules. You can use an existing rule as a template and verify your results against the WDAC policy schema definition found at **%windir%\schemas\CodeIntegrity\cipolicy.xsd**. + > New-CIPolicy only creates rules for files that can still be found on disk. Files which are no longer present on the system will not have a rule created to allow them. However, the event log should have sufficient information to allow these files by manually editing the policy XML to add rules. You can use an existing rule as a template and verify your results against the App Control policy schema definition found at **%windir%\schemas\CodeIntegrity\cipolicy.xsd**. 7. Merge **EventsPolicy.xml** with the Base policy **Lamna_FullyManagedClients_Audit.xml** or convert it to a supplemental policy. - For information on merging policies, refer to [Merge Windows Defender Application Control policies](merge-appcontrol-policies.md) and for information on supplemental policies see [Use multiple Windows Defender Application Control Policies](../design/deploy-multiple-appcontrol-policies.md). + For information on merging policies, refer to [Merge App Control for Business policies](merge-appcontrol-policies.md) and for information on supplemental policies see [Use multiple App Control for Business Policies](../design/deploy-multiple-appcontrol-policies.md). 8. Convert the Base or Supplemental policy to binary and deploy using your preferred method. diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md index aa98aebabb..e69da9c3d9 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md @@ -1,22 +1,21 @@ --- -title: Create a code signing cert for Windows Defender Application Control -description: Learn how to set up a publicly issued code signing certificate, so you can sign catalog files or WDAC policies internally. +title: Create a code signing cert for App Control for Business +description: Learn how to set up a publicly issued code signing certificate, so you can sign catalog files or App Control policies internally. ms.localizationpriority: medium ms.topic: conceptual ms.date: 12/01/2022 --- -# Optional: Create a code signing cert for Windows Defender Application Control +# Optional: Create a code signing cert for App Control for Business ->[!NOTE] ->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -As you deploy Windows Defender Application Control (WDAC), you might need to sign catalog files or WDAC policies internally. To do this signing, you'll either need to use [Microsoft's Trusted Signing service](/azure/trusted-signing/), a publicly issued code signing certificate or an internal CA. If you've purchased a code signing certificate, you can skip this article, and instead follow other articles listed in the [Windows Defender Application Control Deployment Guide](appcontrol-deployment-guide.md). +As you deploy App Control for Business, you might need to sign catalog files or App Control policies internally. To do this signing, you'll either need to use [Microsoft's Trusted Signing service](/azure/trusted-signing/), a publicly issued code signing certificate or an internal CA. If you've purchased a code signing certificate, you can skip this article, and instead follow other articles listed in the [App Control for Business Deployment Guide](appcontrol-deployment-guide.md). If you have an internal CA, complete these steps to create a code signing certificate. > [!WARNING] -> When creating signing certificates for WDAC policy signing, Boot failure (blue screen) may occur if your signing certificate does not follow these rules: +> When creating signing certificates for App Control policy signing, Boot failure (blue screen) may occur if your signing certificate does not follow these rules: > > - All policies, including base and supplemental, must be signed according to the [PKCS 7 Standard](https://datatracker.ietf.org/doc/html/rfc5652). > - Use RSA keys with 2K, 3K, or 4K key size only. ECDSA isn't supported. @@ -34,7 +33,7 @@ If you have an internal CA, complete these steps to create a code signing certif 4. On the **Compatibility** tab, clear the **Show resulting changes** check box. Select **Windows Server 2012** from the **Certification Authority** list, and then select **Windows 8 / Windows Server 2012** from the **Certificate recipient** list. -5. On the **General** tab, specify the **Template display name** and **Template name**. This example uses the name **WDAC Catalog Signing Certificate**. +5. On the **General** tab, specify the **Template display name** and **Template name**. This example uses the name **App Control Catalog Signing Certificate**. 6. On the **Request Handling** tab, select the **Allow private key to be exported** check box. @@ -64,7 +63,7 @@ When this certificate template has been created, you must publish it to the CA p A list of available templates to issue appears, including the template you created. -2. Select the WDAC Catalog signing certificate, and then select **OK**. +2. Select the App Control Catalog signing certificate, and then select **OK**. Now that the template is available to be issued, you must request one from the computer running Windows 10 or Windows 11 on which you create and sign catalog files. To begin, open the MMC, and then complete the following steps: @@ -95,6 +94,6 @@ This certificate must be installed in the user's personal store on the computer 3. Choose the default settings, and then select **Export all extended properties**. -4. Set a password, select an export path, and then select **WDACCatSigningCert.pfx** as the file name. +4. Set a password, select an export path, and then select **AppControlCatSigningCert.pfx** as the file name. When the certificate has been exported, import it into the personal store for the user who will be signing the catalog files or code integrity policies on the specific computer that will be signing them. diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md index 8b6c9f2da9..a0fcfe492a 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md @@ -1,38 +1,37 @@ --- -title: Deploy WDAC policies via Group Policy -description: Windows Defender Application Control (WDAC) policies can easily be deployed and managed with Group Policy. Learn how by following this step-by-step guide. +title: Deploy App Control policies via Group Policy +description: App Control for Business policies can easily be deployed and managed with Group Policy. Learn how by following this step-by-step guide. ms.localizationpriority: medium ms.date: 01/23/2023 ms.topic: how-to --- -# Deploy Windows Defender Application Control policies by using Group Policy +# Deploy App Control for Business policies by using Group Policy -> [!NOTE] -> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] > [!IMPORTANT] -> Due to a known issue, you should always activate new **signed** WDAC Base policies *with a reboot* on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Instead of Group Policy, deploy new signed WDAC Base policies [via script](/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script#deploying-signed-policies) and activate the policy with a system restart. +> Due to a known issue, you should always activate new **signed** App Control Base policies *with a reboot* on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Instead of Group Policy, deploy new signed App Control Base policies [via script](deploy-appcontrol-policies-with-script.md#deploying-signed-policies) and activate the policy with a system restart. > > This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity. -Single-policy format Windows Defender Application Control policies (pre-1903 policy schema) can be easily deployed and managed with Group Policy. +Single-policy format App Control for Business policies (pre-1903 policy schema) can be easily deployed and managed with Group Policy. > [!IMPORTANT] -> Group Policy-based deployment of Windows Defender Application Control policies only supports single-policy format WDAC policies. To use WDAC on devices running Windows 10 1903 and greater, or Windows 11, we recommend using an alternative method for policy deployment. +> Group Policy-based deployment of App Control for Business policies only supports single-policy format App Control policies. To use App Control on devices running Windows 10 1903 and greater, or Windows 11, we recommend using an alternative method for policy deployment. -You should now have a WDAC policy converted into binary form. If not, follow the steps described in [Deploying Windows Defender Application Control (WDAC) policies](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide). +You should now have a App Control policy converted into binary form. If not, follow the steps described in [Deploying App Control for Business policies](appcontrol-deployment-guide.md). -The following procedure walks you through how to deploy a WDAC policy called **SiPolicy.p7b** to a test OU called *WDAC Enabled PCs* by using a GPO called **Contoso GPO Test**. +The following procedure walks you through how to deploy a App Control policy called **SiPolicy.p7b** to a test OU called *App Control Enabled PCs* by using a GPO called **Contoso GPO Test**. -To deploy and manage a Windows Defender Application Control policy with Group Policy: +To deploy and manage a App Control for Business policy with Group Policy: 1. On a client computer on which RSAT is installed, open the GPMC by running **GPMC.MSC** 2. Create a new GPO: right-click an OU and then select **Create a GPO in this domain, and Link it here**. > [!NOTE] - > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining WDAC policies (or keeping them separate), as discussed in [Plan for Windows Defender Application Control lifecycle policy management](../design/plan-appcontrol-management.md). + > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining App Control policies (or keeping them separate), as discussed in [Plan for App Control for Business lifecycle policy management](../design/plan-appcontrol-management.md). ![Group Policy Management, create a GPO.](../images/dg-fig24-creategpo.png) @@ -40,20 +39,20 @@ To deploy and manage a Windows Defender Application Control policy with Group Po 4. Open the Group Policy Management Editor: right-click the new GPO, and then select **Edit**. -5. In the selected GPO, navigate to Computer Configuration\\Administrative Templates\\System\\Device Guard. Right-click **Deploy Windows Defender Application Control** and then select **Edit**. +5. In the selected GPO, navigate to Computer Configuration\\Administrative Templates\\System\\Device Guard. Right-click **Deploy App Control for Business** and then select **Edit**. - ![Edit the Group Policy for Windows Defender Application Control.](../images/appcontrol-edit-gp.png) + ![Edit the Group Policy for App Control for Business.](../images/appcontrol-edit-gp.png) -6. In the **Deploy Windows Defender Application Control** dialog box, select the **Enabled** option, and then specify the WDAC policy deployment path. +6. In the **Deploy App Control for Business** dialog box, select the **Enabled** option, and then specify the App Control policy deployment path. - In this policy setting, you specify either the local path where the policy will exist on each client computer or a Universal Naming Convention (UNC) path that the client computers will look to retrieve the latest version of the policy. For example, the path to SiPolicy.p7b using the steps described in [Deploying Windows Defender Application Control (WDAC) policies](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide) would be %USERPROFILE%\Desktop\SiPolicy.p7b. + In this policy setting, you specify either the local path where the policy will exist on each client computer or a Universal Naming Convention (UNC) path that the client computers will look to retrieve the latest version of the policy. For example, the path to SiPolicy.p7b using the steps described in [Deploying App Control for Business policies](appcontrol-deployment-guide.md) would be %USERPROFILE%\Desktop\SiPolicy.p7b. > [!NOTE] - > This policy file does not need to be copied to every computer. You can instead copy the WDAC policies to a file share to which all computer accounts have access. Any policy selected here is converted to SIPolicy.p7b when it is deployed to the individual client computers. + > This policy file does not need to be copied to every computer. You can instead copy the App Control policies to a file share to which all computer accounts have access. Any policy selected here is converted to SIPolicy.p7b when it is deployed to the individual client computers. - ![Group Policy called Deploy Windows Defender Application Control.](../images/dg-fig26-enablecode.png) + ![Group Policy called Deploy App Control for Business.](../images/dg-fig26-enablecode.png) > [!NOTE] - > You may have noticed that the GPO setting references a .p7b file, but the file extension and name of the policy binary do not matter. Regardless of what you name your policy binary, they are all converted to SIPolicy.p7b when applied to the client computers running Windows 10. If you are deploying different WDAC policies to different sets of devices, you may want to give each of your WDAC policies a friendly name and allow the system to convert the policy names for you to ensure that the policies are easily distinguishable when viewed in a share or any other central repository. + > You may have noticed that the GPO setting references a .p7b file, but the file extension and name of the policy binary do not matter. Regardless of what you name your policy binary, they are all converted to SIPolicy.p7b when applied to the client computers running Windows 10. If you are deploying different App Control policies to different sets of devices, you may want to give each of your App Control policies a friendly name and allow the system to convert the policy names for you to ensure that the policies are easily distinguishable when viewed in a share or any other central repository. -7. Close the Group Policy Management Editor, and then restart the Windows test computer. Restarting the computer updates the WDAC policy. +7. Close the Group Policy Management Editor, and then restart the Windows test computer. Restarting the computer updates the App Control policy. diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md index df6ad5fdc8..033199a9d7 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md @@ -1,26 +1,25 @@ --- -title: Deploy WDAC policies using Mobile Device Management (MDM) -description: You can use an MDM like Microsoft Intune to configure Windows Defender Application Control (WDAC). Learn how with this step-by-step guide. +title: Deploy App Control policies using Mobile Device Management (MDM) +description: You can use an MDM like Microsoft Intune to configure App Control for Business. Learn how with this step-by-step guide. ms.localizationpriority: medium ms.date: 08/30/2023 ms.topic: how-to --- -# Deploy WDAC policies using Mobile Device Management (MDM) +# Deploy App Control policies using Mobile Device Management (MDM) -> [!NOTE] -> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to configure Windows Defender Application Control (WDAC) on client machines. Intune includes native support for WDAC, which can be a helpful starting point, but customers may find the available circle-of-trust options too limiting. To deploy a custom policy through Intune and define your own circle of trust, you can configure a profile using Custom OMA-URI. If your organization uses another MDM solution, check with your solution provider for WDAC policy deployment steps. +You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to configure App Control for Business on client machines. Intune includes native support for App Control, which can be a helpful starting point, but customers may find the available circle-of-trust options too limiting. To deploy a custom policy through Intune and define your own circle of trust, you can configure a profile using Custom OMA-URI. If your organization uses another MDM solution, check with your solution provider for App Control policy deployment steps. > [!IMPORTANT] -> Due to a known issue, you should always activate new **signed** WDAC Base policies *with a reboot* on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Instead of Mobile Device Management (MDM), deploy new signed WDAC Base policies [via script](deploy-appcontrol-policies-with-script.md) and activate the policy with a system restart. +> Due to a known issue, you should always activate new **signed** App Control Base policies *with a reboot* on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Instead of Mobile Device Management (MDM), deploy new signed App Control Base policies [via script](deploy-appcontrol-policies-with-script.md) and activate the policy with a system restart. > > This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity. ## Use Intune's built-in policies -Intune's built-in Windows Defender Application Control support allows you to configure Windows client computers to only run: +Intune's built-in App Control for Business support allows you to configure Windows client computers to only run: - Windows components - Third-party hardware and software kernel drivers @@ -28,21 +27,21 @@ Intune's built-in Windows Defender Application Control support allows you to con - [Optional] Reputable apps as defined by the Intelligent Security Graph (ISG) > [!NOTE] -> Intune's built-in policies use the pre-1903 single-policy format version of the DefaultWindows policy. Use the [improved Intune WDAC experience](/mem/intune/protect/endpoint-security-app-control-policy), currently in public preview, to create and deploy multiple-policy format files. Or, you can use Intune's custom OMA-URI feature to deploy your own multiple-policy format WDAC policies and leverage features available on Windows 10 1903+ or Windows 11 as described later in this topic. +> Intune's built-in policies use the pre-1903 single-policy format version of the DefaultWindows policy. Use the [improved Intune App Control experience](/mem/intune/protect/endpoint-security-app-control-policy), currently in public preview, to create and deploy multiple-policy format files. Or, you can use Intune's custom OMA-URI feature to deploy your own multiple-policy format App Control policies and leverage features available on Windows 10 1903+ or Windows 11 as described later in this topic. > [!NOTE] -> Intune currently uses the AppLocker CSP to deploy its built-in policies. The AppLocker CSP always requests a device restart when it applies WDAC policies. Use the [improved Intune WDAC experience](/mem/intune/protect/endpoint-security-app-control-policy), currently in public preview, to deploy your own WDAC policies without a restart. Or, you can use Intune's custom OMA-URI feature with the ApplicationControl CSP. +> Intune currently uses the AppLocker CSP to deploy its built-in policies. The AppLocker CSP always requests a device restart when it applies App Control policies. Use the [improved Intune App Control experience](/mem/intune/protect/endpoint-security-app-control-policy), currently in public preview, to deploy your own App Control policies without a restart. Or, you can use Intune's custom OMA-URI feature with the ApplicationControl CSP. -To use Intune's built-in WDAC policies, configure [Endpoint Protection for Windows 10 (and later)](/mem/intune/protect/endpoint-protection-windows-10?toc=/intune/configuration/toc.json&bc=/intune/configuration/breadcrumb/toc.json). +To use Intune's built-in App Control policies, configure [Endpoint Protection for Windows 10 (and later)](/mem/intune/protect/endpoint-protection-windows-10?toc=/intune/configuration/toc.json&bc=/intune/configuration/breadcrumb/toc.json). -## Deploy WDAC policies with custom OMA-URI +## Deploy App Control policies with custom OMA-URI > [!NOTE] -> Policies deployed through Intune custom OMA-URI are subject to a 350,000 byte limit. Customers should create Windows Defender Application Control policies that use signature-based rules, the Intelligent Security Graph, and managed installers where practical. Customers whose devices are running 1903+ builds of Windows are also encouraged to use [multiple policies](../design/deploy-multiple-appcontrol-policies.md) which allow more granular policy. +> Policies deployed through Intune custom OMA-URI are subject to a 350,000 byte limit. Customers should create App Control for Business policies that use signature-based rules, the Intelligent Security Graph, and managed installers where practical. Customers whose devices are running 1903+ builds of Windows are also encouraged to use [multiple policies](../design/deploy-multiple-appcontrol-policies.md) which allow more granular policy. -You should now have one or more WDAC policies converted into binary form. If not, follow the steps described in [Deploying Windows Defender Application Control (WDAC) policies](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide). +You should now have one or more App Control policies converted into binary form. If not, follow the steps described in [Deploying App Control for Business policies](appcontrol-deployment-guide.md). -### Deploy custom WDAC policies on Windows 10 1903+ +### Deploy custom App Control policies on Windows 10 1903+ Beginning with Windows 10 1903, custom OMA-URI policy deployment can use the [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp), which has support for multiple policies and rebootless policies. @@ -58,20 +57,20 @@ The steps to use Intune's custom OMA-URI functionality are: - **Data type**: Base64 (file) - **Certificate file**: Upload your binary format policy file. To do this, change your {GUID}.cip file to {GUID}.bin. You don't need to upload a Base64 file, as Intune converts the uploaded .bin file to Base64 on your behalf. - :::image type="content" alt-text="Configure custom WDAC." source="../images/appcontrol-intune-custom-oma-uri.png" lightbox="../images/appcontrol-intune-custom-oma-uri.png"::: + :::image type="content" alt-text="Configure custom App Control." source="../images/appcontrol-intune-custom-oma-uri.png" lightbox="../images/appcontrol-intune-custom-oma-uri.png"::: > [!NOTE] > For the _Policy GUID_ value, do not include the curly brackets. -### Remove WDAC policies on Windows 10 1903+ +### Remove App Control policies on Windows 10 1903+ -Upon deletion, policies deployed through Intune via the ApplicationControl CSP are removed from the system but stay in effect until the next reboot. In order to disable Windows Defender Application Control enforcement, first replace the existing policy with a new version of the policy that will "Allow *", like the rules in the example policy at %windir%\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml. Once the updated policy is deployed, you can then delete the policy from the Intune portal. This deletion will prevent anything from being blocked and fully remove the WDAC policy on the next reboot. +Upon deletion, policies deployed through Intune via the ApplicationControl CSP are removed from the system but stay in effect until the next reboot. In order to disable App Control for Business enforcement, first replace the existing policy with a new version of the policy that will "Allow *", like the rules in the example policy at %windir%\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml. Once the updated policy is deployed, you can then delete the policy from the Intune portal. This deletion will prevent anything from being blocked and fully remove the App Control policy on the next reboot. ### For pre-1903 systems #### Deploying policies -The steps to use Intune's Custom OMA-URI functionality to apply the [AppLocker CSP](/windows/client-management/mdm/applocker-csp) and deploy a custom WDAC policy to pre-1903 systems are: +The steps to use Intune's Custom OMA-URI functionality to apply the [AppLocker CSP](/windows/client-management/mdm/applocker-csp) and deploy a custom App Control policy to pre-1903 systems are: 1. Convert the policy XML to binary format using the [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) cmdlet in order to be deployed. The binary policy may be signed or unsigned. @@ -87,4 +86,4 @@ The steps to use Intune's Custom OMA-URI functionality to apply the [AppLocker C #### Removing policies -Policies deployed through Intune via the AppLocker CSP can't be deleted through the Intune console. In order to disable Windows Defender Application Control policy enforcement, either deploy an audit-mode policy or use a script to delete the existing policy. +Policies deployed through Intune via the AppLocker CSP can't be deleted through the Intune console. In order to disable App Control for Business policy enforcement, either deploy an audit-mode policy or use a script to delete the existing policy. diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md index 1d1038cbee..99b78a8bdc 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md @@ -1,21 +1,20 @@ --- -title: Deploy Windows Defender Application Control policies with Configuration Manager -description: You can use Microsoft Configuration Manager to configure Windows Defender Application Control (WDAC). Learn how with this step-by-step guide. +title: Deploy App Control for Business policies with Configuration Manager +description: You can use Microsoft Configuration Manager to configure App Control for Business. Learn how with this step-by-step guide. ms.date: 06/27/2022 ms.topic: how-to ms.localizationpriority: medium --- -# Deploy WDAC policies by using Microsoft Configuration Manager +# Deploy App Control policies by using Microsoft Configuration Manager -> [!NOTE] -> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -You can use Microsoft Configuration Manager to configure Windows Defender Application Control (WDAC) on client machines. +You can use Microsoft Configuration Manager to configure App Control for Business on client machines. ## Use Configuration Manager's built-in policies -Configuration Manager includes native support for WDAC, which allows you to configure Windows 10 and Windows 11 client computers with a policy that will only allow: +Configuration Manager includes native support for App Control, which allows you to configure Windows 10 and Windows 11 client computers with a policy that will only allow: - Windows components - Microsoft Store apps @@ -23,24 +22,24 @@ Configuration Manager includes native support for WDAC, which allows you to conf - (Optional) Reputable apps as defined by the Intelligent Security Graph (ISG) - (Optional) Apps and executables already installed in admin-definable folder locations that Configuration Manager will allow through a one-time scan during policy creation on managed endpoints. -Configuration Manager doesn't remove policies once deployed. To stop enforcement, you should switch the policy to audit mode, which will produce the same effect. If you want to disable Windows Defender Application Control (WDAC) altogether (including audit mode), you can deploy a script to delete the policy file from disk, and either trigger a reboot or wait for the next reboot. +Configuration Manager doesn't remove policies once deployed. To stop enforcement, you should switch the policy to audit mode, which will produce the same effect. If you want to disable App Control for Business altogether (including audit mode), you can deploy a script to delete the policy file from disk, and either trigger a reboot or wait for the next reboot. -### Create a WDAC Policy in Configuration Manager +### Create a App Control Policy in Configuration Manager -1. Select **Asset and Compliance** > **Endpoint Protection** > **Windows Defender Application Control** > **Create Application Control Policy** +1. Select **Asset and Compliance** > **Endpoint Protection** > **App Control for Business** > **Create Application Control Policy** - ![Create a WDAC policy in Configuration Manager.](../images/memcm/memcm-create-appcontrol-policy.jpg) + ![Create a App Control policy in Configuration Manager.](../images/memcm/memcm-create-appcontrol-policy.jpg) 2. Enter the name of the policy > **Next** 3. Enable **Enforce a restart of devices so that this policy can be enforced for all processes** 4. Select the mode that you want the policy to run (Enforcement enabled / Audit Only) 5. Select **Next** - ![Create an enforced WDAC policy in Configuration Manager.](../images/memcm/memcm-create-appcontrol-policy-2.jpg) + ![Create an enforced App Control policy in Configuration Manager.](../images/memcm/memcm-create-appcontrol-policy-2.jpg) 6. Select **Add** to begin creating rules for trusted software - ![Create a WDAC path rule in Configuration Manager.](../images/memcm/memcm-create-appcontrol-rule.jpg) + ![Create a App Control path rule in Configuration Manager.](../images/memcm/memcm-create-appcontrol-rule.jpg) 7. Select **File** or **Folder** to create a path rule > **Browse** @@ -53,13 +52,13 @@ Configuration Manager doesn't remove policies once deployed. To stop enforcement 9. Select **OK** to add the rule to the table of trusted files or folder 10. Select **Next** to navigate to the summary page > **Close** - ![Confirm the WDAC path rule in Configuration Manager.](../images/memcm/memcm-confirm-appcontrol-rule.jpg) + ![Confirm the App Control path rule in Configuration Manager.](../images/memcm/memcm-confirm-appcontrol-rule.jpg) -### Deploy the WDAC policy in Configuration Manager +### Deploy the App Control policy in Configuration Manager 1. Right-click the newly created policy > **Deploy Application Control Policy** - ![Deploy WDAC via Configuration Manager.](../images/memcm/memcm-deploy-appcontrol.jpg) + ![Deploy App Control via Configuration Manager.](../images/memcm/memcm-deploy-appcontrol.jpg) 2. Select **Browse** @@ -71,12 +70,12 @@ Configuration Manager doesn't remove policies once deployed. To stop enforcement 4. Change the schedule > **OK** - ![Change the WDAC deployment schedule.](../images/memcm/memcm-deploy-appcontrol-4.jpg) + ![Change the App Control deployment schedule.](../images/memcm/memcm-deploy-appcontrol-4.jpg) -For more information on using Configuration Manager's native WDAC policies, see [Windows Defender Application Control management with Configuration Manager](/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager). +For more information on using Configuration Manager's native App Control policies, see [App Control for Business management with Configuration Manager](/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager). -Download the entire [WDAC in Configuration Manager lab paper](https://download.microsoft.com/download/c/f/d/cfd6227c-8ec4-442d-8c50-825550d412f6/WDAC-Deploy-WDAC-using-MEMCM.pdf). +Download the entire [App Control in Configuration Manager lab paper](https://download.microsoft.com/download/c/f/d/cfd6227c-8ec4-442d-8c50-825550d412f6/App Control-Deploy-App Control-using-MEMCM.pdf). -## Deploy custom WDAC policies using Packages/Programs or Task Sequences +## Deploy custom App Control policies using Packages/Programs or Task Sequences -Using Configuration Manager's built-in policies can be a helpful starting point, but customers may find the circle-of-trust options available in Configuration Manager too limiting. To define your own circle-of-trust, you can use Configuration Manager to deploy custom WDAC policies using [script-based deployment](deploy-appcontrol-policies-with-script.md) via Software Distribution Packages and Programs or Operating System Deployment Task Sequences. +Using Configuration Manager's built-in policies can be a helpful starting point, but customers may find the circle-of-trust options available in Configuration Manager too limiting. To define your own circle-of-trust, you can use Configuration Manager to deploy custom App Control policies using [script-based deployment](deploy-appcontrol-policies-with-script.md) via Software Distribution Packages and Programs or Operating System Deployment Task Sequences. diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md index 6910b03b04..af79b9bdae 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md @@ -1,29 +1,28 @@ --- -title: Deploy Windows Defender Application Control (WDAC) policies using script -description: Use scripts to deploy Windows Defender Application Control (WDAC) policies. Learn how with this step-by-step guide. +title: Deploy App Control for Business policies using script +description: Use scripts to deploy App Control for Business policies. Learn how with this step-by-step guide. ms.manager: jsuther ms.date: 01/23/2023 ms.topic: how-to ms.localizationpriority: medium --- -# Deploy WDAC policies using script +# Deploy App Control policies using script ->[!NOTE] ->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -This article describes how to deploy Windows Defender Application Control (WDAC) policies using script. The following instructions use PowerShell but can work with any scripting host. +This article describes how to deploy App Control for Business policies using script. The following instructions use PowerShell but can work with any scripting host. -You should now have one or more WDAC policies converted into binary form. If not, follow the steps described in [Deploying Windows Defender Application Control (WDAC) policies](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide). +You should now have one or more App Control policies converted into binary form. If not, follow the steps described in [Deploying App Control for Business policies](appcontrol-deployment-guide.md). > [!IMPORTANT] -> Due to a known issue, you should always activate new **signed** WDAC Base policies with a reboot on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Skip all steps below that use CiTool, RefreshPolicy.exe, or WMI to initiate a policy activation. Instead, copy the policy binary to the correct system32 and EFI locations and then activate the policy with a system restart. +> Due to a known issue, you should always activate new **signed** App Control Base policies with a reboot on systems with [**memory integrity**](../../../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md) enabled. Skip all steps below that use CiTool, RefreshPolicy.exe, or WMI to initiate a policy activation. Instead, copy the policy binary to the correct system32 and EFI locations and then activate the policy with a system restart. > > This issue does not affect updates to signed Base policies that are already active on the system, deployment of unsigned policies, or deployment of supplemental policies (signed or unsigned). It also does not affect deployments to systems that are not running memory integrity. ## Deploying policies for Windows 11 22H2 and above -You can use the inbox [CiTool](/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands) to apply policies on Windows 11 22H2 with the following commands. Be sure to replace **<Path to policy binary file to deploy>** in the following example with the actual path to your WDAC policy binary file. +You can use the inbox [CiTool](../operations/citool-commands.md) to apply policies on Windows 11 22H2 with the following commands. Be sure to replace **<Path to policy binary file to deploy>** in the following example with the actual path to your App Control policy binary file. ```powershell # Policy binary files should be named as {GUID}.cip for multiple policy format files (where {GUID} = from the Policy XML) @@ -33,7 +32,7 @@ CiTool --update-policy $PolicyBinary [-json] ## Deploying policies for Windows 11, Windows 10 version 1903 and above, and Windows Server 2022 and above -To use this procedure, download and distribute the [WDAC policy refresh tool](https://aka.ms/refreshpolicy) to all managed endpoints. Ensure your WDAC policies allow the WDAC policy refresh tool or use a managed installer to distribute the tool. +To use this procedure, download and distribute the [App Control policy refresh tool](https://aka.ms/refreshpolicy) to all managed endpoints. Ensure your App Control policies allow the App Control policy refresh tool or use a managed installer to distribute the tool. 1. Initialize the variables to be used by the script. @@ -44,14 +43,14 @@ To use this procedure, download and distribute the [WDAC policy refresh tool](ht $RefreshPolicyTool = "" ``` -2. Copy Windows Defender Application Control (WDAC) policy binary to the destination folder. +2. Copy App Control for Business policy binary to the destination folder. ```powershell Copy-Item -Path $PolicyBinary -Destination $DestinationFolder -Force ``` -3. Repeat steps 1-2 as appropriate to deploy more WDAC policies. -4. Run RefreshPolicy.exe to activate and refresh all WDAC policies on the managed endpoint. +3. Repeat steps 1-2 as appropriate to deploy more App Control policies. +4. Run RefreshPolicy.exe to activate and refresh all App Control policies on the managed endpoint. ```powershell & $RefreshPolicyTool @@ -69,13 +68,13 @@ Use WMI to apply policies on all other versions of Windows and Windows Server. $DestinationBinary = $env:windir+"\System32\CodeIntegrity\SiPolicy.p7b" ``` -2. Copy Windows Defender Application Control (WDAC) policy binary to the destination. +2. Copy App Control for Business policy binary to the destination. ```powershell Copy-Item -Path $PolicyBinary -Destination $DestinationBinary -Force ``` -3. Refresh and activate WDAC policy using WMI +3. Refresh and activate App Control policy using WMI ```powershell Invoke-CimMethod -Namespace root\Microsoft\Windows\CI -ClassName PS_UpdateAndCompareCIPolicy -MethodName Update -Arguments @{FilePath = $DestinationBinary} @@ -83,7 +82,7 @@ Use WMI to apply policies on all other versions of Windows and Windows Server. ## Deploying signed policies -If you're using [signed WDAC policies](/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering), the policies must be deployed into your device's EFI partition in addition to the locations outlined in the earlier sections. Unsigned WDAC policies don't need to be present in the EFI partition. +If you're using [signed App Control policies](use-signed-policies-to-protect-appcontrol-against-tampering.md), the policies must be deployed into your device's EFI partition in addition to the locations outlined in the earlier sections. Unsigned App Control policies don't need to be present in the EFI partition. 1. Mount the EFI volume and make the directory, if it doesn't exist, in an elevated PowerShell prompt: diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md index 056e35ce3f..dc52420573 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md @@ -1,21 +1,20 @@ --- -title: Deploy catalog files to support Windows Defender Application Control -description: Catalog files simplify running unsigned applications in the presence of a Windows Defender Application Control (WDAC) policy. +title: Deploy catalog files to support App Control for Business +description: Catalog files simplify running unsigned applications in the presence of a App Control for Business policy. ms.localizationpriority: medium ms.topic: how-to ms.date: 11/30/2022 --- -# Deploy catalog files to support Windows Defender Application Control +# Deploy catalog files to support App Control for Business -> [!NOTE] -> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. For more information, see [Windows Defender Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -*Catalog files* can be important in your deployment of Windows Defender Application Control (WDAC) if you have unsigned line-of-business (LOB) applications for which the process of signing is difficult. You can also use catalog files to add your own signature to apps you get from independent software vendors (ISV) when you don't want to trust all code signed by that ISV. In this way, catalog files provide a convenient way for you to "bless" apps for use in your WDAC-managed environment. And, you can create catalog files for existing apps without requiring access to the original source code or needing any expensive repackaging. +*Catalog files* can be important in your deployment of App Control for Business if you have unsigned line-of-business (LOB) applications for which the process of signing is difficult. You can also use catalog files to add your own signature to apps you get from independent software vendors (ISV) when you don't want to trust all code signed by that ISV. In this way, catalog files provide a convenient way for you to "bless" apps for use in your App Control-managed environment. And, you can create catalog files for existing apps without requiring access to the original source code or needing any expensive repackaging. You need to [obtain a code signing certificate for your own use](use-code-signing-for-better-control-and-protection.md#obtain-code-signing-certificates-for-your-own-use) and use it to sign the catalog file. Then, distribute the signed catalog file using your preferred content deployment mechanism. -Finally, add a signer rule to your WDAC policy for your signing certificate. Then, any apps covered by your signed catalog files are able to run, even if the apps were previously unsigned. With this foundation, you can more easily build a WDAC policy that blocks all unsigned code, because most malware is unsigned. +Finally, add a signer rule to your App Control policy for your signing certificate. Then, any apps covered by your signed catalog files are able to run, even if the apps were previously unsigned. With this foundation, you can more easily build a App Control policy that blocks all unsigned code, because most malware is unsigned. ## Create catalog files using Package Inspector @@ -34,7 +33,7 @@ To create a catalog file for an existing app, you can use a tool called **Packag $PolicyBinary = $env:USERPROFILE+"\Desktop\"+$PolicyId.substring(11)+".cip" ``` - Then apply the policy as described in [Deploy Windows Defender Application Control policies with script](deploy-appcontrol-policies-with-script.md). + Then apply the policy as described in [Deploy App Control for Business policies with script](deploy-appcontrol-policies-with-script.md). 2. Start Package Inspector to monitor file creation on a **local drive** where you install the app, for example, drive C: @@ -123,14 +122,14 @@ For testing purposes, you can manually copy signed catalog files to this folder. To simplify the management of catalog files, you can use group policy preferences to deploy catalog files to the appropriate computers in your organization. -The following process walks you through the deployment of a signed catalog file called **LOBApp-Contoso.cat** to a test OU called **WDAC Enabled PCs** with a GPO called **Contoso Catalog File GPO Test**. +The following process walks you through the deployment of a signed catalog file called **LOBApp-Contoso.cat** to a test OU called **App Control Enabled PCs** with a GPO called **Contoso Catalog File GPO Test**. 1. From either a domain controller or a client computer that has Remote Server Administration Tools installed, open the Group Policy Management Console by running **GPMC.MSC** or by searching for Group Policy Management. -2. Create a new GPO: right-click an OU, for example, the **WDAC Enabled PCs OU**, and then select **Create a GPO in this domain, and Link it here**, as shown in Figure 2. +2. Create a new GPO: right-click an OU, for example, the **App Control Enabled PCs OU**, and then select **Create a GPO in this domain, and Link it here**, as shown in Figure 2. > [!NOTE] - > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining WDAC policies. + > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining App Control policies. ![Group Policy Management, create a GPO.](../images/dg-fig13-createnewgpo.png) @@ -299,9 +298,9 @@ At the time of the next software inventory cycle, when the targeted clients rece > [!NOTE] > If nothing is displayed in this view, navigate to Software\\Last Software Scan in Resource Explorer to verify that the client has recently completed a software inventory scan. -## Allow apps signed by your catalog signing certificate in your WDAC policy +## Allow apps signed by your catalog signing certificate in your App Control policy -Now that you have your signed catalog file, you can add a signer rule to your policy that allows anything signed with that certificate. If you haven't yet created a WDAC policy, see the [Windows Defender Application Control design guide](../design/appcontrol-design-guide.md). +Now that you have your signed catalog file, you can add a signer rule to your policy that allows anything signed with that certificate. If you haven't yet created a App Control policy, see the [App Control for Business design guide](../design/appcontrol-design-guide.md). On a computer where the signed catalog file has been deployed, you can use [New-CiPolicyRule](/powershell/module/configci/new-cipolicyrule) to create a signer rule from any file included in that catalog. Then use [Merge-CiPolicy](/powershell/module/configci/merge-cipolicy) to add the rule to your policy XML. Be sure to replace the path values in the following sample: diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md index 839bf11d55..d49e753d03 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md @@ -1,24 +1,23 @@ --- -title: Remove Windows Defender Application Control policies -description: Learn how to disable both signed and unsigned Windows Defender Application Control policies, within Windows and within the BIOS. +title: Remove App Control for Business policies +description: Learn how to disable both signed and unsigned App Control for Business policies, within Windows and within the BIOS. ms.localizationpriority: medium ms.date: 11/04/2022 ms.topic: how-to --- -# Remove Windows Defender Application Control (WDAC) policies +# Remove App Control for Business policies ->[!NOTE] ->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](../feature-availability.md). +[!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -## Removing WDAC policies +## Removing App Control policies -There may come a time when you want to remove one or more WDAC policies, or remove all WDAC policies you've deployed. This article describes the various ways to remove WDAC policies. +There may come a time when you want to remove one or more App Control policies, or remove all App Control policies you've deployed. This article describes the various ways to remove App Control policies. > [!IMPORTANT] -> **Signed WDAC policy** +> **Signed App Control policy** > -> If the policy you are trying to remove is a signed WDAC policy, you must first deploy a signed replacement policy that includes option **6 Enabled:Unsigned System Integrity Policy**. +> If the policy you are trying to remove is a signed App Control policy, you must first deploy a signed replacement policy that includes option **6 Enabled:Unsigned System Integrity Policy**. > > The replacement policy must have the same PolicyId as the one it's replacing and a version that's equal to or greater than the existing policy. The replacement policy must also include \. > @@ -33,15 +32,15 @@ To make a policy effectively inactive before removing it, you can first replace 1. Replace the policy rules with "Allow *" rules; 2. Set option **3 Enabled:Audit Mode** to change the policy to audit mode only; 3. Set option **11 Disabled:Script Enforcement**; -4. Allow all COM objects. See [Allow COM object registration in a WDAC policy](/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy#examples); +4. Allow all COM objects. See [Allow COM object registration in a App Control policy](../design/allow-com-object-registration-in-appcontrol-policy.md#examples); 5. If applicable, remove option **0 Enabled:UMCI** to convert the policy to kernel mode only. > [!IMPORTANT] -> After you remove a policy, restart the computer for it to take effect. You can't remove WDAC policies without restarting the device. +> After you remove a policy, restart the computer for it to take effect. You can't remove App Control policies without restarting the device. -### Remove WDAC policies using CiTool.exe +### Remove App Control policies using CiTool.exe -Beginning with the Windows 11 2022 Update, you can remove WDAC policies using CiTool.exe. From an elevated command window, run the following command. Be sure to replace the text *PolicyId GUID* with the actual PolicyId of the WDAC policy you want to remove: +Beginning with the Windows 11 2022 Update, you can remove App Control policies using CiTool.exe. From an elevated command window, run the following command. Be sure to replace the text *PolicyId GUID* with the actual PolicyId of the App Control policy you want to remove: ```powershell CiTool.exe -rp "{PolicyId GUID}" -json @@ -49,13 +48,13 @@ Beginning with the Windows 11 2022 Update, you can remove WDAC policies using Ci Then restart the computer. -### Remove WDAC policies using MDM solutions like Intune +### Remove App Control policies using MDM solutions like Intune -You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to remove WDAC policies from client machines using the [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp). +You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to remove App Control policies from client machines using the [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-csp). -Windows Defender Application Control (WDAC) policies can be managed from an MDM server, or locally by using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies) (introduced in Windows 10, version 1903). It also provides support for policy deployment (introduced in Windows 10, version 1709) without reboot. Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently doesn't schedule a reboot. +App Control for Business policies can be managed from an MDM server, or locally by using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies) (introduced in Windows 10, version 1903). It also provides support for policy deployment (introduced in Windows 10, version 1709) without reboot. Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently doesn't schedule a reboot. -Existing Windows Defender Application Control (WDAC) policies deployed using the AppLocker CSP's CodeIntegrity node can now be deployed using the ApplicationControl CSP URI. Although WDAC policy deployment using the AppLocker CSP will continue to be supported, all new feature work will be done in the ApplicationControl CSP only. +Existing App Control for Business policies deployed using the AppLocker CSP's CodeIntegrity node can now be deployed using the ApplicationControl CSP URI. Although App Control policy deployment using the AppLocker CSP will continue to be supported, all new feature work will be done in the ApplicationControl CSP only. @@ -861,7 +861,7 @@ The following table provides the result of this policy based on different values ## Microsoft Intune Usage Guidance -For customers using Intune standalone or hybrid management with Configuration Manager to deploy custom policies via the ApplicationControl CSP, refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune). +For customers using Intune standalone or hybrid management with Configuration Manager to deploy custom policies via the ApplicationControl CSP, refer to [Deploy App Control for Business policies by using Microsoft Intune](/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-wdac-policies-using-intune). ## Generic MDM Server Usage Guidance @@ -1014,7 +1014,7 @@ The ApplicationControl CSP can also be managed locally from PowerShell or via Co ### Setup for using the WMI Bridge -1. Convert your WDAC policy to Base64. +1. Convert your App Control policy to Base64. 2. Open PowerShell in Local System context (through PSExec or something similar). 3. Use WMI Interface: diff --git a/windows/client-management/mdm/policy-csp-admx-deviceguard.md b/windows/client-management/mdm/policy-csp-admx-deviceguard.md index 94711a96ae..9ea0e21a78 100644 --- a/windows/client-management/mdm/policy-csp-admx-deviceguard.md +++ b/windows/client-management/mdm/policy-csp-admx-deviceguard.md @@ -14,7 +14,7 @@ ms.date: 08/06/2024 > [!WARNING] -> Group Policy-based deployment of Windows Defender Application Control policies only supports single-policy format WDAC policies. To use WDAC on devices running Windows 10 1903 and greater, or Windows 11, we recommend using an alternative method for [policy deployment](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide). +> Group Policy-based deployment of App Control for Business policies only supports single-policy format WDAC policies. To use WDAC on devices running Windows 10 1903 and greater, or Windows 11, we recommend using an alternative method for [policy deployment](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide). diff --git a/windows/deployment/windows-enterprise-e3-overview.md b/windows/deployment/windows-enterprise-e3-overview.md index f4532464b5..2805f5fc8a 100644 --- a/windows/deployment/windows-enterprise-e3-overview.md +++ b/windows/deployment/windows-enterprise-e3-overview.md @@ -126,7 +126,7 @@ Now that the devices have Windows Enterprise, Device Guard can be implemented on For more information about implementing Device Guard, see: -- [Windows Defender Application Control and virtualization-based protection of code integrity](/windows/security/application-security/application-control/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control) +- [App Control for Business and virtualization-based protection of code integrity](/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol) - [Device Guard deployment guide](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide) ### AppLocker management diff --git a/windows/security/application-security/application-control/app-control-for-business/index.yml b/windows/security/application-security/application-control/app-control-for-business/index.yml index dd89e15e9a..f90d303d42 100644 --- a/windows/security/application-security/application-control/app-control-for-business/index.yml +++ b/windows/security/application-security/application-control/app-control-for-business/index.yml @@ -20,12 +20,10 @@ landingContent: links: - text: What is Application Control? url: appcontrol.md - - text: What is App Control for Business? - url: appcontrol-and-applocker-overview.md - text: What is AppLocker? url: applocker\applocker-overview.md - - text: App Control and AppLocker feature availability - url: feature-availability.md + - text: App Control and AppLocker overview + url: appcontrol-and-applocker-overview.md # Card - title: Learn about Policy Design linkLists: diff --git a/windows/security/application-security/application-control/toc.yml b/windows/security/application-security/application-control/toc.yml index 938f5e5f8b..3a7a1fa706 100644 --- a/windows/security/application-security/application-control/toc.yml +++ b/windows/security/application-security/application-control/toc.yml @@ -1,9 +1,9 @@ items: - name: Smart App Control href: app-control-for-business/appcontrol.md -- name: Windows Defender Application Control +- name: App Control for Business href: app-control-for-business/appcontrol.md -- name: Windows Defender Application Control and virtualization-based protection of code integrity +- name: App Control for Business and virtualization-based protection of code integrity href: introduction-to-virtualization-based-security-and-appcontrol.md - name: User Account Control (UAC) items: diff --git a/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md index a5cd24d3c9..e6a95f4de8 100644 --- a/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md @@ -141,16 +141,16 @@ reg delete HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\Hyperviso reg add HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity /v "WasEnabledBy" /t REG_DWORD /d 2 /f ``` -### Enable memory integrity using Windows Defender Application Control (WDAC) +### Enable memory integrity using App Control for Business -You can use WDAC policy to turn on memory integrity using any of the following techniques: +You can use App Control policy to turn on memory integrity using any of the following techniques: -1. Use the [WDAC Wizard](https://aka.ms/wdacwizard) to create or edit your WDAC policy and select the option **Hypervisor-protected Code Integrity** on the **Policy Rules** page of the Wizard. +1. Use the [App Control Wizard](https://aka.ms/wdacwizard) to create or edit your App Control policy and select the option **Hypervisor-protected Code Integrity** on the **Policy Rules** page of the Wizard. 2. Use the [Set-HVCIOptions](/powershell/module/configci/set-hvcioptions) PowerShell cmdlet. -3. Edit your WDAC policy XML and modify the value set for the `` element. +3. Edit your App Control policy XML and modify the value set for the `` element. > [!NOTE] -> If your WDAC policy is set to turn memory integrity on, it will be turned on even if the policy is in audit mode. +> If your App Control policy is set to turn memory integrity on, it will be turned on even if the policy is in audit mode. ### Validate enabled VBS and memory integrity features diff --git a/windows/security/hardware-security/tpm/tpm-recommendations.md b/windows/security/hardware-security/tpm/tpm-recommendations.md index ae731d1f10..ff2f368320 100644 --- a/windows/security/hardware-security/tpm/tpm-recommendations.md +++ b/windows/security/hardware-security/tpm/tpm-recommendations.md @@ -87,7 +87,7 @@ The following table defines which Windows features require TPM support. | Measured Boot | Yes | Yes | Yes | Measured Boot requires TPM 1.2 or 2.0 and UEFI Secure Boot. TPM 2.0 is recommended since it supports newer cryptographic algorithms. TPM 1.2 only supports the SHA-1 algorithm, which is being deprecated. | | BitLocker | No | Yes | Yes | TPM 1.2 or 2.0 are supported but TPM 2.0 is recommended. [Device Encryption requires Modern Standby](../../operating-system-security/data-protection/bitlocker/index.md#device-encryption) including TPM 2.0 support | | Device Encryption | Yes | N/A | Yes | Device Encryption requires Modern Standby/Connected Standby certification, which requires TPM 2.0. | -| Windows Defender Application Control (Device Guard) | No | Yes | Yes | +| App Control for Business | No | Yes | Yes | | System Guard (DRTM) | Yes | No | Yes | TPM 2.0 and UEFI firmware is required. | | Credential Guard | No | Yes | Yes | Windows 10, version 1507 (End of Life as of May 2017) only supported TPM 2.0 for Credential Guard. Beginning with Windows 10, version 1511, TPM 1.2 and 2.0 are supported. Paired with System Guard, TPM 2.0 provides enhanced security for Credential Guard. Windows 11 requires TPM 2.0 by default to facilitate easier enablement of this enhanced security for customers. | | Device Health Attestation | Yes | Yes | Yes | TPM 2.0 is recommended since it supports newer cryptographic algorithms. TPM 1.2 only supports the SHA-1 algorithm, which is being deprecated. | diff --git a/windows/security/includes/sections/application.md b/windows/security/includes/sections/application.md index 8b6b510ef4..75e29b9470 100644 --- a/windows/security/includes/sections/application.md +++ b/windows/security/includes/sections/application.md @@ -9,8 +9,8 @@ ms.topic: include | Feature name | Description | |:---|:---| -| **[Smart App Control](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)** | Smart App Control prevents users from running malicious applications on Windows devices by blocking untrusted or unsigned applications. Smart App Control goes beyond previous built-in browser protections, by adding another layer of security that is woven directly into the core of the OS at the process level. Using AI, our new Smart App Control only allows processes to run that are predicted to be safe based on existing and new intelligence processed daily. Smart App Control builds on top of the same cloud-based AI used in Windows Defender Application Control (WDAC) to predict the safety of an application, so people can be confident they're using safe and reliable applications on their new Windows 11 devices, or Windows 11 devices that have been reset. | -| **[Windows Defender Application Control (WDAC)](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)** | Your organization is only as secure as the applications that run on your devices. With application control, apps must earn trust to run, in contrast to an application trust model where all code is assumed trustworthy. By helping prevent unwanted or malicious code from running, application control is an important part of an effective security strategy. Many organizations cite application control as one of the most effective means for addressing the threat of executable file-based malware.

          Windows 10 and above include Windows Defender Application Control (WDAC) and AppLocker. WDAC is the next generation app control solution for Windows and provides powerful control over what runs in your environment. Customers who were using AppLocker on previous versions of Windows can continue to use the feature as they consider whether to switch to WDAC for the stronger protection. | +| **[Smart App Control](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)** | Smart App Control prevents users from running malicious applications on Windows devices by blocking untrusted or unsigned applications. Smart App Control goes beyond previous built-in browser protections, by adding another layer of security that is woven directly into the core of the OS at the process level. Using AI, our new Smart App Control only allows processes to run that are predicted to be safe based on existing and new intelligence processed daily. Smart App Control builds on top of the same cloud-based AI used in App Control for Business to predict the safety of an application, so people can be confident they're using safe and reliable applications on their new Windows 11 devices, or Windows 11 devices that have been reset. | +| **[App Control for Business](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)** | Your organization is only as secure as the applications that run on your devices. With application control, apps must earn trust to run, in contrast to an application trust model where all code is assumed trustworthy. By helping prevent unwanted or malicious code from running, application control is an important part of an effective security strategy. Many organizations cite application control as one of the most effective means for addressing the threat of executable file-based malware.

          Windows 10 and above include App Control for Business and AppLocker. App Control is the next generation app control solution for Windows and provides powerful control over what runs in your environment. Customers who were using AppLocker on previous versions of Windows can continue to use the feature as they consider whether to switch to App Control for the stronger protection. | | **[AppLocker](/windows/security/application-security/application-control/windows-defender-application-control/applocker/applocker-overview)** | | | **[User Account Control (UAC)](/windows/security/application-security/application-control/user-account-control/)** | User Account Control (UAC) helps prevent malware from damaging a device. With UAC, apps and tasks always run in the security context of a non-administrator account, unless an administrator authorizes administrator-level access to the system. UAC can block the automatic installation of unauthorized apps and prevents inadvertent changes to system settings. Enabling UAC helps to prevent malware from altering device settings and potentially gaining access to networks and sensitive data. UAC can also block the automatic installation of unauthorized apps and prevent inadvertent changes to system settings. | | **[Microsoft vulnerable driver blocklist](/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules)** | The Windows kernel is the most privileged software and is therefore a compelling target for malware authors. Since Windows has strict requirements for code running in the kernel, cybercriminals commonly exploit vulnerabilities in kernel drivers to get access. Microsoft works with the ecosystem partners to constantly identify and respond to potentially vulnerable kernel drivers.

          Prior to Windows 11, version 22H2, the operating system enforced a block policy when HVCI is enabled to prevent vulnerable versions of drivers from running. Starting in Windows 11, version 22H2, the block policy is enabled by default for all new Windows devices, and users can opt-in to enforce the policy from the Windows Security app. | diff --git a/windows/security/includes/sections/security-foundations.md b/windows/security/includes/sections/security-foundations.md index 7a85af0543..905fb63998 100644 --- a/windows/security/includes/sections/security-foundations.md +++ b/windows/security/includes/sections/security-foundations.md @@ -25,5 +25,5 @@ ms.topic: include | Feature name | Description | |:---|:---| | **Software Bill of Materials (SBOM)** | SBOMs are leveraged to provide the transparency and provenance of the content as it moves through various stages of the Windows supply chain. This enables trust between each supply chain segment, ensures that tampering has not taken place during ingestion and along the way, and provides a provable chain of custody for the product that we ship to customers. | -| **[Azure Code Signing](/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection)** | Windows Defender Application Control (WDAC) enables customers to define policies for controlling what is allowed to run on their devices. WDAC policies can be remotely applied to devices using an MDM solution like Microsoft Intune.

          To simplify WDAC enablement, organizations can take advantage of Azure Code Signing, a secure and fully managed service for signing WDAC policies and apps.

          Azure Code Signing minimizes the complexity of code signing with a turnkey service backed by a Microsoft managed certificate authority, eliminating the need to procure and self-manage any signing certificates. The service is managed just as any other Azure resource and integrates easily with the leading development and CI/CD toolsets. | +| **[Azure Code Signing](/windows/security/application-security/application-control/windows-defender-application-control/deployment/use-code-signing-for-better-control-and-protection)** | App Control for Business enables customers to define policies for controlling what is allowed to run on their devices. App Control policies can be remotely applied to devices using an MDM solution like Microsoft Intune.

          To simplify App Control enablement, organizations can take advantage of Azure Code Signing, a secure and fully managed service for signing App Control policies and apps.

          Azure Code Signing minimizes the complexity of code signing with a turnkey service backed by a Microsoft managed certificate authority, eliminating the need to procure and self-manage any signing certificates. The service is managed just as any other Azure resource and integrates easily with the leading development and CI/CD toolsets. | | **[Windows application software development kit (SDK)](https://developer.microsoft.com/windows/downloads/windows-sdk/)** | Developers have an opportunity to design highly secure applications that benefit from the latest Windows safeguards. The Windows App SDK provides a unified set of APIs and tools for developing secure desktop apps for Windows. To help create apps that are up-to-date and protected, the SDK follows the same security standards, protocols, and compliance as the core Windows operating system. | diff --git a/windows/security/index.yml b/windows/security/index.yml index 9553388f93..9738ace595 100644 --- a/windows/security/index.yml +++ b/windows/security/index.yml @@ -101,7 +101,7 @@ landingContent: linkLists: - linkListType: overview links: - - text: Windows Defender Application Control (WDAC) + - text: App Control for Business url: /windows/security/application-security/application-control/windows-defender-application-control/ - text: User Account Control (UAC) url: /windows/security/application-security/application-control/user-account-control diff --git a/windows/security/operating-system-security/network-security/windows-firewall/rules.md b/windows/security/operating-system-security/network-security/windows-firewall/rules.md index d668a98028..aa8c40c267 100644 --- a/windows/security/operating-system-security/network-security/windows-firewall/rules.md +++ b/windows/security/operating-system-security/network-security/windows-firewall/rules.md @@ -46,11 +46,11 @@ In either of these scenarios, once the rules are added, they must be deleted to > [!NOTE] > The firewall's default settings are designed for security. Allowing all inbound connections by default introduces the network to various threats. Therefore, creating exceptions for inbound connections from non-Microsoft software should be determined by trusted app developers, the user, or the admin on behalf of the user. -### WDAC tagging policies +### App Control tagging policies -Windows Firewall supports the use of Windows Defender Application Control (WDAC) Application ID (AppID) tags in firewall rules. With this capability, Windows Firewall rules can be scoped to an application or a group of applications by referencing process tags, without using absolute path or sacrificing security. There are two steps for this configuration: +Windows Firewall supports the use of App Control for Business Application ID (AppID) tags in firewall rules. With this capability, Windows Firewall rules can be scoped to an application or a group of applications by referencing process tags, without using absolute path or sacrificing security. There are two steps for this configuration: -1. Deploy *WDAC AppId tagging policies*: a Windows Defender Application Control policy must be deployed, which specifies individual applications or groups of applications to apply a *PolicyAppId tag* to the process token(s). Then, the admin can define firewall rules that are scoped to all processes tagged with the matching *PolicyAppId*. For more information, see the [WDAC AppId tagging guide](../../../application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md) to create, deploy, and test an AppID policy to tag applications. +1. Deploy *App Control AppId tagging policies*: a App Control for Business policy must be deployed, which specifies individual applications or groups of applications to apply a *PolicyAppId tag* to the process token(s). Then, the admin can define firewall rules that are scoped to all processes tagged with the matching *PolicyAppId*. For more information, see the [App Control AppId tagging guide](../../../application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md) to create, deploy, and test an AppID policy to tag applications. 1. Configure firewall rules using *PolicyAppId tags* using one of the two methods: - Using the [PolicyAppId node of the Firewall CSP](/windows/client-management/mdm/firewall-csp#mdmstorefirewallrulesfirewallrulenamepolicyappid) with an MDM solution like Microsoft Intune. If you use Microsoft Intune, you can deploy the rules from Microsoft Intune Admin center, under the path **Endpoint security** > **Firewall** > **Create policy** > **Windows 10, Windows 11, and Windows Server** > **Windows Firewall Rules**. When creating the rules, provide the *AppId tag* in the **Policy App ID** setting - Create local firewall rules with PowerShell: use the [`New-NetFirewallRule`](/powershell/module/netsecurity/new-netfirewallrule) cmdlet and specify the `-PolicyAppId` parameter. You can specify one tag at a time while creating firewall rules. Multiple User Ids are supported diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md index dd250485d8..5b5fb3e06e 100644 --- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md +++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md @@ -386,7 +386,7 @@ Examples: Set-ProcessMitigation -Name notepad.exe -Enable SEHOP -Disable MandatoryASLR,DEPATL ``` -- **Convert Attack surface reduction (ASR) settings to a Code Integrity policy file**: If the input file contains any settings for EMET's Attack surface reduction (ASR) mitigation, the converter will also create a Code Integrity policy file. In this case, you can complete the merging, auditing, and deployment process for the Code Integrity policy. For more information, see [Deploying Windows Defender Application Control (WDAC) policies](../application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md). This completion will enable protections on Windows 10 equivalent to EMET's ASR protections. +- **Convert Attack surface reduction (ASR) settings to a Code Integrity policy file**: If the input file contains any settings for EMET's Attack surface reduction (ASR) mitigation, the converter will also create a Code Integrity policy file. In this case, you can complete the merging, auditing, and deployment process for the Code Integrity policy. For more information, see [Deploying App Control for Business policies](../application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md). This completion will enable protections on Windows 10 equivalent to EMET's ASR protections. - **Convert Certificate Trust settings to enterprise certificate pinning rules**: If you have an EMET "Certificate Trust" XML file (pinning rules file), you can also use ConvertTo-ProcessMitigationPolicy to convert the pinning rules file into an enterprise certificate pinning rules file. Then you can finish enabling that file as described in [Enterprise Certificate Pinning](/windows/access-protection/enterprise-certificate-pinning). For example: From 1c3b2da0419008298553b1387efd208eb144b976 Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Wed, 11 Sep 2024 14:00:18 -0600 Subject: [PATCH 09/23] Update wording in App Control for Business deployment guide --- .../client-management/mdm/applicationcontrol-csp.md | 4 ++-- .../app-control-for-business/TOC.yml | 10 +++++----- .../deployment/appcontrol-deployment-guide.md | 2 +- .../deployment/audit-appcontrol-policies.md | 8 ++++---- .../deploy-appcontrol-policies-using-group-policy.md | 6 +++--- .../deploy-appcontrol-policies-with-memcm.md | 6 +++--- .../deploy-catalog-files-to-support-appcontrol.md | 6 +++--- .../deployment/disable-appcontrol-policies.md | 6 +++--- .../deployment/enforce-appcontrol-policies.md | 2 +- ...e-code-signing-for-better-control-and-protection.md | 2 +- ...policies-to-protect-appcontrol-against-tampering.md | 2 +- ...low-com-object-registration-in-appcontrol-policy.md | 6 +++--- .../design/appcontrol-and-dotnet.md | 2 +- .../design/appcontrol-wizard-create-base-policy.md | 2 +- .../appcontrol-wizard-create-supplemental-policy.md | 2 +- .../design/appcontrol-wizard-parsing-event-logs.md | 6 +++--- .../design/common-appcontrol-use-cases.md | 2 +- ...uthorized-apps-deployed-with-a-managed-installer.md | 4 ++-- ...eate-appcontrol-policy-for-fully-managed-devices.md | 8 ++++---- ...te-appcontrol-policy-for-lightly-managed-devices.md | 8 ++++---- ...reate-appcontrol-policy-using-reference-computer.md | 8 ++++---- .../design/example-appcontrol-base-policies.md | 2 +- .../design/manage-packaged-apps-with-appcontrol.md | 2 +- .../design/microsoft-recommended-driver-block-rules.md | 2 +- .../design/script-enforcement.md | 4 ++-- .../design/select-types-of-rules-to-create.md | 6 +++--- .../design/understanding-appcontrol-policy-settings.md | 6 +++--- ...to-control-specific-plug-ins-add-ins-and-modules.md | 8 ++++---- .../use-appcontrol-with-intelligent-security-graph.md | 2 +- .../app-control-for-business/index.yml | 8 ++++---- .../appcontrol-debugging-and-troubleshooting.md | 4 ++-- .../operations/citool-commands.md | 2 +- .../operations/event-id-explanations.md | 4 ++-- ...-control-events-centrally-using-advanced-hunting.md | 2 +- .../network-security/windows-firewall/rules.md | 2 +- 35 files changed, 78 insertions(+), 78 deletions(-) diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md index ed0e0f2f94..5f26f04b42 100644 --- a/windows/client-management/mdm/applicationcontrol-csp.md +++ b/windows/client-management/mdm/applicationcontrol-csp.md @@ -11,7 +11,7 @@ ms.date: 01/31/2024 -App Control for Business policies can be managed from an MDM server, or locally by using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies) (introduced in Windows 10, version 1903). It also provides support for policy deployment (introduced in Windows 10, version 1709) without reboot. Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently doesn't schedule a reboot. +App Control for Business policies can be managed from an MDM server, or locally by using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md) (introduced in Windows 10, version 1903). It also provides support for policy deployment (introduced in Windows 10, version 1709) without reboot. Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently doesn't schedule a reboot. Existing App Control for Business policies deployed using the AppLocker CSP's CodeIntegrity node can now be deployed using the ApplicationControl CSP URI. Although App Control policy deployment using the AppLocker CSP will continue to be supported, all new feature work will be done in the ApplicationControl CSP only. @@ -861,7 +861,7 @@ The following table provides the result of this policy based on different values ## Microsoft Intune Usage Guidance -For customers using Intune standalone or hybrid management with Configuration Manager to deploy custom policies via the ApplicationControl CSP, refer to [Deploy App Control for Business policies by using Microsoft Intune](/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-wdac-policies-using-intune). +For customers using Intune standalone or hybrid management with Configuration Manager to deploy custom policies via the ApplicationControl CSP, refer to [Deploy App Control for Business policies by using Microsoft Intune](/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune). ## Generic MDM Server Usage Guidance diff --git a/windows/security/application-security/application-control/app-control-for-business/TOC.yml b/windows/security/application-security/application-control/app-control-for-business/TOC.yml index d7bad29ee6..281cda06cd 100644 --- a/windows/security/application-security/application-control/app-control-for-business/TOC.yml +++ b/windows/security/application-security/application-control/app-control-for-business/TOC.yml @@ -47,13 +47,13 @@ - name: Policy creation for common App Control usage scenarios href: design/common-appcontrol-use-cases.md items: - - name: Create a App Control policy for lightly managed devices + - name: Create an App Control policy for lightly managed devices href: design/create-appcontrol-policy-for-lightly-managed-devices.md - - name: Create a App Control policy for fully managed devices + - name: Create an App Control policy for fully managed devices href: design/create-appcontrol-policy-for-fully-managed-devices.md - - name: Create a App Control policy for fixed-workload devices + - name: Create an App Control policy for fixed-workload devices href: design/create-appcontrol-policy-using-reference-computer.md - - name: Create a App Control deny list policy + - name: Create an App Control deny list policy href: design/create-appcontrol-deny-policy.md - name: Applications that can bypass App Control and how to block them href: design/applications-that-can-bypass-appcontrol.md @@ -66,7 +66,7 @@ href: design/appcontrol-wizard-create-base-policy.md - name: Create a supplemental App Control policy with the Wizard href: design/appcontrol-wizard-create-supplemental-policy.md - - name: Editing a App Control policy with the Wizard + - name: Editing an App Control policy with the Wizard href: design/appcontrol-wizard-editing-policy.md - name: Creating App Control Policy Rules from App Control Events href: design/appcontrol-wizard-parsing-event-logs.md diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md index a893114a66..51bff6035e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md @@ -1,6 +1,6 @@ --- title: Deploying App Control for Business policies -description: Learn how to plan and implement a App Control deployment. +description: Learn how to plan and implement an App Control deployment. ms.localizationpriority: medium ms.date: 01/23/2023 ms.topic: overview diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md index 6c94229e73..ab70616836 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md @@ -12,14 +12,14 @@ ms.topic: conceptual Running Application Control in audit mode lets you discover applications, binaries, and scripts that are missing from your App Control policy but should be included. -While a App Control policy is running in audit mode, any binary that runs but would have been denied is logged in the **Applications and Services Logs\\Microsoft\\Windows\\CodeIntegrity\\Operational** event log. Script and MSI are logged in the **Applications and Services Logs\\Microsoft\\Windows\\AppLocker\\MSI and Script** event log. These events can be used to generate a new App Control policy that can be merged with the original Base policy or deployed as a separate Supplemental policy, if allowed. +While an App Control policy is running in audit mode, any binary that runs but would have been denied is logged in the **Applications and Services Logs\\Microsoft\\Windows\\CodeIntegrity\\Operational** event log. Script and MSI are logged in the **Applications and Services Logs\\Microsoft\\Windows\\AppLocker\\MSI and Script** event log. These events can be used to generate a new App Control policy that can be merged with the original Base policy or deployed as a separate Supplemental policy, if allowed. ## Overview of the process to create App Control policy to allow apps using audit events > [!Note] -> You must have already deployed a App Control audit mode policy to use this process. If you have not already done so, see [Deploying App Control for Business policies](appcontrol-deployment-guide.md). +> You must have already deployed an App Control audit mode policy to use this process. If you have not already done so, see [Deploying App Control for Business policies](appcontrol-deployment-guide.md). -To familiarize yourself with creating App Control rules from audit events, follow these steps on a device with a App Control audit mode policy. +To familiarize yourself with creating App Control rules from audit events, follow these steps on a device with an App Control audit mode policy. 1. Install and run an application not allowed by the App Control policy but that you want to allow. @@ -28,7 +28,7 @@ To familiarize yourself with creating App Control rules from audit events, follo **Figure 1. Exceptions to the deployed App Control policy** ![Event showing exception to App Control policy.](../images/dg-fig23-exceptionstocode.png) -3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create a App Control policy for fully managed devices](../design/create-appcontrol-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**. +3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create an App Control policy for fully managed devices](../design/create-appcontrol-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**. ```powershell $PolicyName= "Lamna_FullyManagedClients_Audit" diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md index a0fcfe492a..5da05ac029 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md @@ -20,11 +20,11 @@ Single-policy format App Control for Business policies (pre-1903 policy schema) > [!IMPORTANT] > Group Policy-based deployment of App Control for Business policies only supports single-policy format App Control policies. To use App Control on devices running Windows 10 1903 and greater, or Windows 11, we recommend using an alternative method for policy deployment. -You should now have a App Control policy converted into binary form. If not, follow the steps described in [Deploying App Control for Business policies](appcontrol-deployment-guide.md). +You should now have an App Control policy converted into binary form. If not, follow the steps described in [Deploying App Control for Business policies](appcontrol-deployment-guide.md). -The following procedure walks you through how to deploy a App Control policy called **SiPolicy.p7b** to a test OU called *App Control Enabled PCs* by using a GPO called **Contoso GPO Test**. +The following procedure walks you through how to deploy an App Control policy called **SiPolicy.p7b** to a test OU called *App Control Enabled PCs* by using a GPO called **Contoso GPO Test**. -To deploy and manage a App Control for Business policy with Group Policy: +To deploy and manage an App Control for Business policy with Group Policy: 1. On a client computer on which RSAT is installed, open the GPMC by running **GPMC.MSC** diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md index b4db86498e..9f0690159b 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md @@ -24,11 +24,11 @@ Configuration Manager includes native support for App Control, which allows you Configuration Manager doesn't remove policies once deployed. To stop enforcement, you should switch the policy to audit mode, which will produce the same effect. If you want to disable App Control for Business altogether (including audit mode), you can deploy a script to delete the policy file from disk, and either trigger a reboot or wait for the next reboot. -### Create a App Control Policy in Configuration Manager +### Create an App Control Policy in Configuration Manager 1. Select **Asset and Compliance** > **Endpoint Protection** > **App Control for Business** > **Create Application Control Policy** - ![Create a App Control policy in Configuration Manager.](../images/memcm/memcm-create-appcontrol-policy.jpg) + ![Create an App Control policy in Configuration Manager.](../images/memcm/memcm-create-appcontrol-policy.jpg) 2. Enter the name of the policy > **Next** 3. Enable **Enforce a restart of devices so that this policy can be enforced for all processes** @@ -39,7 +39,7 @@ Configuration Manager doesn't remove policies once deployed. To stop enforcement 6. Select **Add** to begin creating rules for trusted software - ![Create a App Control path rule in Configuration Manager.](../images/memcm/memcm-create-appcontrol-rule.jpg) + ![Create an App Control path rule in Configuration Manager.](../images/memcm/memcm-create-appcontrol-rule.jpg) 7. Select **File** or **Folder** to create a path rule > **Browse** diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md index dc52420573..720bd02496 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md @@ -1,6 +1,6 @@ --- title: Deploy catalog files to support App Control for Business -description: Catalog files simplify running unsigned applications in the presence of a App Control for Business policy. +description: Catalog files simplify running unsigned applications in the presence of an App Control for Business policy. ms.localizationpriority: medium ms.topic: how-to ms.date: 11/30/2022 @@ -14,7 +14,7 @@ ms.date: 11/30/2022 You need to [obtain a code signing certificate for your own use](use-code-signing-for-better-control-and-protection.md#obtain-code-signing-certificates-for-your-own-use) and use it to sign the catalog file. Then, distribute the signed catalog file using your preferred content deployment mechanism. -Finally, add a signer rule to your App Control policy for your signing certificate. Then, any apps covered by your signed catalog files are able to run, even if the apps were previously unsigned. With this foundation, you can more easily build a App Control policy that blocks all unsigned code, because most malware is unsigned. +Finally, add a signer rule to your App Control policy for your signing certificate. Then, any apps covered by your signed catalog files are able to run, even if the apps were previously unsigned. With this foundation, you can more easily build an App Control policy that blocks all unsigned code, because most malware is unsigned. ## Create catalog files using Package Inspector @@ -300,7 +300,7 @@ At the time of the next software inventory cycle, when the targeted clients rece ## Allow apps signed by your catalog signing certificate in your App Control policy -Now that you have your signed catalog file, you can add a signer rule to your policy that allows anything signed with that certificate. If you haven't yet created a App Control policy, see the [App Control for Business design guide](../design/appcontrol-design-guide.md). +Now that you have your signed catalog file, you can add a signer rule to your policy that allows anything signed with that certificate. If you haven't yet created an App Control policy, see the [App Control for Business design guide](../design/appcontrol-design-guide.md). On a computer where the signed catalog file has been deployed, you can use [New-CiPolicyRule](/powershell/module/configci/new-cipolicyrule) to create a signer rule from any file included in that catalog. Then use [Merge-CiPolicy](/powershell/module/configci/merge-cipolicy) to add the rule to your policy XML. Be sure to replace the path values in the following sample: diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md index d49e753d03..f1854c5256 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md @@ -32,7 +32,7 @@ To make a policy effectively inactive before removing it, you can first replace 1. Replace the policy rules with "Allow *" rules; 2. Set option **3 Enabled:Audit Mode** to change the policy to audit mode only; 3. Set option **11 Disabled:Script Enforcement**; -4. Allow all COM objects. See [Allow COM object registration in a App Control policy](../design/allow-com-object-registration-in-appcontrol-policy.md#examples); +4. Allow all COM objects. See [Allow COM object registration in an App Control policy](../design/allow-com-object-registration-in-appcontrol-policy.md#examples); 5. If applicable, remove option **0 Enabled:UMCI** to convert the policy to kernel mode only. > [!IMPORTANT] @@ -54,7 +54,7 @@ You can use a Mobile Device Management (MDM) solution, like Microsoft Intune, to -App Control for Business policies can be managed from an MDM server, or locally by using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md) (introduced in Windows 10, version 1903). It also provides support for policy deployment (introduced in Windows 10, version 1709) without reboot. Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently doesn't schedule a reboot. +App Control for Business policies can be managed from an MDM server, or locally by using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies) (introduced in Windows 10, version 1903). It also provides support for policy deployment (introduced in Windows 10, version 1709) without reboot. Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently doesn't schedule a reboot. Existing App Control for Business policies deployed using the AppLocker CSP's CodeIntegrity node can now be deployed using the ApplicationControl CSP URI. Although App Control policy deployment using the AppLocker CSP will continue to be supported, all new feature work will be done in the ApplicationControl CSP only. diff --git a/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md b/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md index 86be3d519b..ce8d6225a0 100644 --- a/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md +++ b/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md @@ -1,5 +1,5 @@ --- -title: App Control for Businessand virtualization-based code integrity +title: App Control for Business and virtualization-based code integrity description: Hardware and software system integrity-hardening capabilities that can be deployed separately or in combination with App Control for Business. ms.localizationpriority: medium author: vinaypamnani-msft @@ -15,7 +15,7 @@ appliesto: - ✅ Windows Server 2016 --- -# App Control for Businessand virtualization-based protection of code integrity +# App Control and virtualization-based protection of code integrity Windows includes a set of hardware and OS technologies that, when configured together, allow enterprises to "lock down" Windows systems so they behave more like kiosk devices. In this configuration, [**App Control for Business**](app-control-for-business/appcontrol.md) is used to restrict devices to run only approved apps, while the OS is hardened against kernel memory attacks using [**memory integrity**](../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md). From f9d16c6b2ab04977aa72359624f5c7d957367a31 Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Wed, 11 Sep 2024 14:51:13 -0600 Subject: [PATCH 11/23] Update dates in App Control for Business documentation --- .../AppIdTagging/appcontrol-appid-tagging-guide.md | 2 +- .../debugging-operational-guide-appid-tagging-policies.md | 2 +- .../AppIdTagging/deploy-appid-tagging-policies.md | 2 +- .../AppIdTagging/design-create-appid-tagging-policies.md | 2 +- .../appcontrol-and-applocker-overview.md | 2 +- .../app-control-for-business/appcontrol.md | 2 +- ...es-for-packaged-apps-to-existing-applocker-rule-set.md | 2 +- .../applocker/administer-applocker.md | 2 +- .../applocker/applocker-architecture-and-components.md | 2 +- .../applocker/applocker-functions.md | 2 +- .../applocker/applocker-overview.md | 2 +- .../applocker/applocker-policies-deployment-guide.md | 2 +- .../applocker/applocker-policies-design-guide.md | 2 +- .../applocker/applocker-policy-use-scenarios.md | 2 +- .../applocker/applocker-processes-and-interactions.md | 2 +- .../applocker/applocker-technical-reference.md | 2 +- .../configure-an-applocker-policy-for-audit-only.md | 2 +- .../configure-an-applocker-policy-for-enforce-rules.md | 2 +- .../configure-exceptions-for-an-applocker-rule.md | 2 +- .../applocker/configure-the-appLocker-reference-device.md | 2 +- .../configure-the-application-identity-service.md | 2 +- .../applocker/create-a-rule-for-packaged-apps.md | 2 +- .../create-a-rule-that-uses-a-file-hash-condition.md | 2 +- .../applocker/create-a-rule-that-uses-a-path-condition.md | 2 +- .../create-a-rule-that-uses-a-publisher-condition.md | 2 +- .../applocker/create-applocker-default-rules.md | 2 +- ...ist-of-applications-deployed-to-each-business-group.md | 2 +- .../applocker/create-your-applocker-policies.md | 2 +- .../applocker/create-your-applocker-rules.md | 2 +- .../applocker/delete-an-applocker-rule.md | 2 +- ...plocker-policies-by-using-the-enforce-rules-setting.md | 2 +- .../deploy-the-applocker-policy-into-production.md | 2 +- ...termine-group-policy-structure-and-rule-enforcement.md | 2 +- ...ations-are-digitally-signed-on-a-reference-computer.md | 2 +- ...message-when-users-try-to-run-a-blocked-application.md | 2 +- .../applocker/dll-rules-in-applocker.md | 2 +- ...oup-policy-structure-and-applocker-rule-enforcement.md | 2 +- .../applocker/document-your-application-list.md | 4 ++-- .../applocker/document-your-applocker-rules.md | 2 +- .../applocker/edit-an-applocker-policy.md | 2 +- .../applocker/edit-applocker-rules.md | 2 +- .../applocker/enable-the-dll-rule-collection.md | 2 +- .../applocker/enforce-applocker-rules.md | 2 +- .../applocker/executable-rules-in-applocker.md | 2 +- .../applocker/export-an-applocker-policy-from-a-gpo.md | 2 +- .../export-an-applocker-policy-to-an-xml-file.md | 2 +- .../applocker/how-applocker-works-techref.md | 2 +- .../import-an-applocker-policy-from-another-computer.md | 2 +- .../applocker/import-an-applocker-policy-into-a-gpo.md | 2 +- .../applocker/maintain-applocker-policies.md | 2 +- .../applocker/manage-packaged-apps-with-applocker.md | 2 +- ...rge-applocker-policies-by-using-set-applockerpolicy.md | 2 +- .../applocker/merge-applocker-policies-manually.md | 2 +- .../applocker/monitor-application-usage-with-applocker.md | 2 +- .../applocker/optimize-applocker-performance.md | 2 +- ...-apps-and-packaged-app-installer-rules-in-applocker.md | 2 +- .../applocker/plan-for-applocker-policy-management.md | 2 +- .../applocker/refresh-an-applocker-policy.md | 2 +- .../requirements-for-deploying-applocker-policies.md | 2 +- .../applocker/requirements-to-use-applocker.md | 2 +- .../applocker/rule-collection-extensions.md | 2 +- .../run-the-automatically-generate-rules-wizard.md | 2 +- .../applocker/script-rules-in-applocker.md | 2 +- .../applocker/security-considerations-for-applocker.md | 2 +- .../applocker/select-types-of-rules-to-create.md | 2 +- ...t-an-applocker-policy-by-using-test-applockerpolicy.md | 2 +- .../applocker/test-and-update-an-applocker-policy.md | 2 +- .../applocker/tools-to-use-with-applocker.md | 2 +- .../understand-applocker-policy-design-decisions.md | 2 +- ...and-enforcement-setting-inheritance-in-group-policy.md | 2 +- .../understand-the-applocker-policy-deployment-process.md | 2 +- ...rstanding-applocker-allow-and-deny-actions-on-rules.md | 2 +- .../applocker/understanding-applocker-default-rules.md | 8 ++++---- .../applocker/understanding-applocker-rule-behavior.md | 2 +- .../applocker/understanding-applocker-rule-collections.md | 2 +- .../understanding-applocker-rule-condition-types.md | 2 +- .../applocker/understanding-applocker-rule-exceptions.md | 6 +++--- ...rstanding-the-file-hash-rule-condition-in-applocker.md | 2 +- .../understanding-the-path-rule-condition-in-applocker.md | 2 +- ...rstanding-the-publisher-rule-condition-in-applocker.md | 2 +- ...-computer-to-create-and-maintain-applocker-policies.md | 2 +- .../use-the-applocker-windows-powershell-cmdlets.md | 2 +- .../applocker/using-event-viewer-with-applocker.md | 2 +- .../applocker/what-is-applocker.md | 2 +- .../applocker/windows-installer-rules-in-applocker.md | 2 +- .../applocker/working-with-applocker-policies.md | 2 +- .../applocker/working-with-applocker-rules.md | 2 +- .../deployment/appcontrol-deployment-guide.md | 2 +- .../deployment/audit-appcontrol-policies.md | 2 +- .../deployment/create-code-signing-cert-for-appcontrol.md | 2 +- .../deploy-appcontrol-policies-using-group-policy.md | 2 +- .../deployment/deploy-appcontrol-policies-using-intune.md | 2 +- .../deployment/deploy-appcontrol-policies-with-memcm.md | 2 +- .../deployment/deploy-appcontrol-policies-with-script.md | 2 +- .../deploy-catalog-files-to-support-appcontrol.md | 2 +- .../deployment/disable-appcontrol-policies.md | 2 +- .../deployment/enforce-appcontrol-policies.md | 2 +- .../deployment/merge-appcontrol-policies.md | 2 +- .../use-code-signing-for-better-control-and-protection.md | 2 +- ...ed-policies-to-protect-appcontrol-against-tampering.md | 2 +- .../allow-com-object-registration-in-appcontrol-policy.md | 2 +- .../design/appcontrol-and-dotnet.md | 2 +- .../design/appcontrol-design-guide.md | 2 +- .../design/appcontrol-wizard-create-base-policy.md | 2 +- .../appcontrol-wizard-create-supplemental-policy.md | 2 +- .../design/appcontrol-wizard-editing-policy.md | 2 +- .../design/appcontrol-wizard-merging-policies.md | 2 +- .../design/appcontrol-wizard-parsing-event-logs.md | 2 +- .../app-control-for-business/design/appcontrol-wizard.md | 2 +- .../design/applications-that-can-bypass-appcontrol.md | 2 +- .../design/common-appcontrol-use-cases.md | 2 +- ...e-authorized-apps-deployed-with-a-managed-installer.md | 2 +- .../design/create-appcontrol-deny-policy.md | 2 +- .../create-appcontrol-policy-for-fully-managed-devices.md | 2 +- ...reate-appcontrol-policy-for-lightly-managed-devices.md | 2 +- .../create-appcontrol-policy-using-reference-computer.md | 2 +- .../design/deploy-multiple-appcontrol-policies.md | 2 +- .../design/example-appcontrol-base-policies.md | 2 +- .../design/manage-packaged-apps-with-appcontrol.md | 2 +- .../design/microsoft-recommended-driver-block-rules.md | 2 +- .../design/plan-appcontrol-management.md | 2 +- .../app-control-for-business/design/script-enforcement.md | 2 +- .../design/select-types-of-rules-to-create.md | 2 +- .../understand-appcontrol-policy-design-decisions.md | 2 +- .../design/understanding-appcontrol-policy-settings.md | 2 +- ...cy-to-control-specific-plug-ins-add-ins-and-modules.md | 2 +- .../use-appcontrol-with-intelligent-security-graph.md | 2 +- .../app-control-for-business/feature-availability.md | 2 +- .../app-control-for-business/index.yml | 2 +- .../appcontrol-debugging-and-troubleshooting.md | 2 +- .../operations/appcontrol-operational-guide.md | 2 +- .../operations/citool-commands.md | 2 +- .../operations/configure-appcontrol-managed-installer.md | 2 +- .../operations/event-id-explanations.md | 2 +- .../operations/event-tag-explanations.md | 2 +- .../operations/inbox-appcontrol-policies.md | 2 +- .../app-control-for-business/operations/known-issues.md | 2 +- ...ion-control-events-centrally-using-advanced-hunting.md | 2 +- 138 files changed, 144 insertions(+), 144 deletions(-) diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md index c43cf2dd90..8ea04f6820 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/appcontrol-appid-tagging-guide.md @@ -2,7 +2,7 @@ title: Designing, creating, managing, and troubleshooting App Control for Business AppId Tagging policies description: How to design, create, manage, and troubleshoot your App Control AppId Tagging policies ms.localizationpriority: medium -ms.date: 04/27/2022 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md index 454998fcc3..e62a226d9b 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/debugging-operational-guide-appid-tagging-policies.md @@ -2,7 +2,7 @@ title: Testing and Debugging AppId Tagging Policies description: Testing and Debugging AppId Tagging Policies to ensure your policies are deployed successfully. ms.localizationpriority: medium -ms.date: 04/29/2022 +ms.date: 09/11/2024 ms.topic: troubleshooting --- diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md index 0c63966c1e..82fbcd6156 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/deploy-appid-tagging-policies.md @@ -2,7 +2,7 @@ title: Deploying App Control for Business AppId tagging policies description: How to deploy your App Control AppId tagging policies locally and globally within your managed environment. ms.localizationpriority: medium -ms.date: 04/29/2022 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md index 6de85994c9..714c740613 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md @@ -2,7 +2,7 @@ title: Create your App Control for Business AppId Tagging Policies description: Create your App Control for Business AppId tagging policies for Windows devices. ms.localizationpriority: medium -ms.date: 04/29/2022 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md b/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md index b73b5fd915..5520d9161c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md +++ b/windows/security/application-security/application-control/app-control-for-business/appcontrol-and-applocker-overview.md @@ -2,7 +2,7 @@ title: App Control and AppLocker Overview description: Compare Windows application control technologies. ms.localizationpriority: medium -ms.date: 01/03/2024 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/appcontrol.md index 0a3335af15..561da483b6 100644 --- a/windows/security/application-security/application-control/app-control-for-business/appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/appcontrol.md @@ -4,7 +4,7 @@ description: Application Control restricts which applications users are allowed ms.localizationpriority: medium ms.collection: - tier3 -ms.date: 08/30/2023 +ms.date: 09/11/2024 ms.topic: overview --- diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md b/windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md index 76569e20e6..64ec3acfbf 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md @@ -3,7 +3,7 @@ title: Add rules for packaged apps to existing AppLocker rule-set description: This article for IT professionals describes how to update your existing AppLocker policies for packaged apps using the Remote Server Administration Toolkit (RSAT). ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Add rules for packaged apps to existing AppLocker rule-set diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md index a095fd7246..bf972f7779 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md @@ -3,7 +3,7 @@ title: Administer AppLocker description: This article for IT professionals provides links to specific procedures to use when administering AppLocker policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 01/03/2024 +ms.date: 09/11/2024 --- # Administer AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components.md index 763fd8e86d..7314cce2f9 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-architecture-and-components.md @@ -3,7 +3,7 @@ title: AppLocker architecture and components description: This article for IT professional describes AppLocker’s basic architecture and its major components. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # AppLocker architecture and components diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions.md index 8ab68a0205..2ce3ad5532 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-functions.md @@ -3,7 +3,7 @@ title: AppLocker functions description: This article for the IT professional lists the functions and security levels for AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # AppLocker functions diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md index 045b43bc8e..0786cd7b73 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md @@ -6,7 +6,7 @@ ms.collection: - must-keep ms.topic: conceptual ms.localizationpriority: medium -ms.date: 01/03/2024 +ms.date: 09/11/2024 --- # AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide.md index cb437f92b7..8520621d36 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-deployment-guide.md @@ -3,7 +3,7 @@ title: AppLocker deployment guide description: This article for IT professionals introduces the concepts and describes the steps required to deploy AppLocker policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # AppLocker deployment guide diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md index 50971f323d..174ed4907c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policies-design-guide.md @@ -3,7 +3,7 @@ title: AppLocker design guide description: This article for the IT professional introduces the design and planning steps required to deploy application control policies by using AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # AppLocker design guide diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios.md index a2776beaac..0d11e182ca 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-policy-use-scenarios.md @@ -3,7 +3,7 @@ title: AppLocker policy use scenarios description: This article for the IT professional lists the various application control scenarios in which AppLocker policies can be effectively implemented. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # AppLocker policy use scenarios diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md index 15208b7d2a..4bc0bd0949 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-processes-and-interactions.md @@ -3,7 +3,7 @@ title: AppLocker processes and interactions description: This article for the IT professional describes the process dependencies and interactions when AppLocker evaluates and enforces rules. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # AppLocker processes and interactions diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference.md index 0952a3d433..5dd3820526 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-technical-reference.md @@ -3,7 +3,7 @@ title: AppLocker technical reference description: This overview article for IT professionals provides links to the articles in the technical reference. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # AppLocker technical reference diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only.md index b6654f9688..422f3a9acd 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-audit-only.md @@ -3,7 +3,7 @@ title: Configure an AppLocker policy for audit only description: This article for IT professionals describes how to set AppLocker policies to Audit only within your IT environment by using AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Configure an AppLocker policy for audit only diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules.md index 5762b9c128..07c51af5bb 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-an-applocker-policy-for-enforce-rules.md @@ -3,7 +3,7 @@ title: Configure an AppLocker policy for enforce rules description: This article for IT professionals describes the steps to enable the AppLocker policy enforcement setting. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Configure an AppLocker policy for enforce rules diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule.md index 3e1a1dcca4..11900e02c0 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-exceptions-for-an-applocker-rule.md @@ -3,7 +3,7 @@ title: Add exceptions for an AppLocker rule description: This article for IT professionals describes the steps to specify which apps can or can't run as exceptions to an AppLocker rule. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Add exceptions for an AppLocker rule diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device.md index 9ad52b4cd3..f6acca16ba 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-appLocker-reference-device.md @@ -3,7 +3,7 @@ title: Configure the AppLocker reference device description: This article for the IT professional describes the steps to create an AppLocker policy platform structure on a reference computer. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Configure the AppLocker reference device diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service.md b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service.md index b31f8f059d..c4156e9b57 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/configure-the-application-identity-service.md @@ -3,7 +3,7 @@ title: Configure the Application Identity service description: This article for IT professionals shows how to configure the Application Identity service to start automatically or manually. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Configure the Application Identity service diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps.md index 6f06404070..07fd6f2866 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-for-packaged-apps.md @@ -3,7 +3,7 @@ title: Create a rule for packaged apps description: This article for IT professionals shows how to create an AppLocker rule for packaged apps with a publisher condition. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Create a rule for packaged apps diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition.md index a486b03055..b764bb0493 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-file-hash-condition.md @@ -3,7 +3,7 @@ title: Create a rule that uses a file hash condition description: This article for IT professionals shows how to create an AppLocker rule with a file hash condition. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Create a rule that uses a file hash condition diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition.md index c90bf8fe32..fe26c1ee6a 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-path-condition.md @@ -3,7 +3,7 @@ title: Create a rule that uses a path condition description: This article for IT professionals shows how to create an AppLocker rule with a path condition. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Create a rule that uses a path condition diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition.md index 8da8f1de23..9b07438ec7 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-a-rule-that-uses-a-publisher-condition.md @@ -3,7 +3,7 @@ title: Create a rule that uses a publisher condition description: This article for IT professionals shows how to create an AppLocker rule with a publisher condition. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Create a rule that uses a publisher condition diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules.md index b6ddfb364e..fd2aa8e292 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-applocker-default-rules.md @@ -3,7 +3,7 @@ title: Create AppLocker default rules description: This article for IT professionals describes the steps to create a standard set of AppLocker rules that allow Windows system files to run. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Create AppLocker default rules diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group.md index f1965e03ea..f015e79882 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-list-of-applications-deployed-to-each-business-group.md @@ -3,7 +3,7 @@ title: Create a list of apps deployed to each business group description: This article describes the process of gathering app usage requirements from each business group to implement application control policies by using AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Gathering app usage requirements diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies.md index 27273e567d..69119137f4 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-policies.md @@ -3,7 +3,7 @@ title: Create Your AppLocker policies description: This overview article for the IT professional describes the steps to create an AppLocker policy and prepare it for deployment. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Create Your AppLocker policies diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules.md index e04367462f..415e9582f8 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/create-your-applocker-rules.md @@ -3,7 +3,7 @@ title: Create Your AppLocker rules description: This article for the IT professional describes what you need to know about AppLocker rules and the methods that you can to create rules. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Create Your AppLocker rules diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule.md b/windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule.md index 0c7ba5799c..95836e5b28 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/delete-an-applocker-rule.md @@ -3,7 +3,7 @@ title: Delete an AppLocker rule description: This article for IT professionals describes the steps to delete an AppLocker rule. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Delete an AppLocker rule diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md index 8e4845601c..83e603b364 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md @@ -3,7 +3,7 @@ title: Deploy AppLocker policies by using the enforce rules setting description: This article for IT professionals describes the steps to deploy AppLocker policies by using the enforcement setting method. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 01/03/2024 +ms.date: 09/11/2024 --- # Deploy AppLocker policies by using the enforce rules setting diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production.md b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production.md index d2ef52adad..941a047e99 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/deploy-the-applocker-policy-into-production.md @@ -3,7 +3,7 @@ title: Deploy the AppLocker policy into production description: This article for the IT professional describes the tasks that should be completed before you deploy AppLocker application control settings. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Deploy the AppLocker policy into production diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement.md b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement.md index 54e63c866d..29380fe1e1 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-group-policy-structure-and-rule-enforcement.md @@ -3,7 +3,7 @@ title: Determine the Group Policy structure and rule enforcement description: This overview article describes the process to follow when you're planning to deploy AppLocker rules. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Determine the Group Policy structure and rule enforcement diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md index 56fef83f74..e1c6c88c0a 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md @@ -3,7 +3,7 @@ title: Find digitally signed apps on a reference device description: This article for the IT professional describes how to use AppLocker logs and tools to determine which applications are digitally signed. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Determine which apps are digitally signed on a reference device diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md b/windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md index 64307b01ba..bf1a962a76 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md @@ -3,7 +3,7 @@ title: Display a custom URL message when users try to run a blocked app description: This article for IT professionals describes the steps for displaying a customized message to users when an AppLocker policy blocks an app. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Display a custom URL message when users try to run a blocked app diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker.md index 36da65e276..054c18fb61 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/dll-rules-in-applocker.md @@ -3,7 +3,7 @@ title: DLL rules in AppLocker description: This article describes the file formats and available default rules for the DLL rule collection. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # DLL rules in AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md b/windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md index b89000e34f..b440a69b68 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md @@ -3,7 +3,7 @@ title: Document Group Policy structure & AppLocker rule enforcement description: This planning article describes what you need to include in your plan when you use AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Document the Group Policy structure and AppLocker rule enforcement diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list.md b/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list.md index f42d12d410..00e357875d 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-application-list.md @@ -3,7 +3,7 @@ title: Document your app list description: This planning article describes the app information that you should document when you create a list of apps for AppLocker policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Document your app list @@ -14,7 +14,7 @@ This planning article describes the app information that you should document whe ### Apps -Record the name of the app, its publisher information (if digitally signed), and its importance to the business. +Record the name of the app, its publisher information (if digitally signed), and its importance to the business. ### Installation path diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules.md index 1d5ff7d78e..efd0c0211f 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/document-your-applocker-rules.md @@ -3,7 +3,7 @@ title: Document your AppLocker rules description: Learn how to document your AppLocker rules and associate rule conditions with files, permissions, rule source, and implementation. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Document your AppLocker rules diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy.md index fe3ac2062b..3ebf404dc6 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/edit-an-applocker-policy.md @@ -3,7 +3,7 @@ title: Edit an AppLocker policy description: This article for IT professionals describes the steps required to modify an AppLocker policy. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 01/03/2024 +ms.date: 09/11/2024 --- # Edit an AppLocker policy diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules.md index 111678d496..7ae6e91083 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/edit-applocker-rules.md @@ -3,7 +3,7 @@ title: Edit AppLocker rules description: This article for IT professionals describes the steps to edit a publisher rule, path rule, and file hash rule in AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Edit AppLocker rules diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection.md b/windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection.md index d48deeaad8..c2569a0918 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/enable-the-dll-rule-collection.md @@ -3,7 +3,7 @@ title: Enable the DLL rule collection description: This article for IT professionals describes the steps to enable the DLL rule collection feature for AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Enable the DLL rule collection diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules.md index 757d76eb6c..2abb621ddc 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/enforce-applocker-rules.md @@ -3,7 +3,7 @@ title: Enforce AppLocker rules description: This article for IT professionals describes how to enforce application control rules by using AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Enforce AppLocker rules diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker.md index e90dc2b98e..99ffe04a6d 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/executable-rules-in-applocker.md @@ -3,7 +3,7 @@ title: Executable rules in AppLocker description: This article describes the file formats and available default rules for the executable rule collection. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Executable rules in AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo.md b/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo.md index b4150f2544..c9fe560838 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-from-a-gpo.md @@ -3,7 +3,7 @@ title: Export an AppLocker policy from a GPO description: This article for IT professionals describes the steps to export an AppLocker policy from a Group Policy Object (GPO) so that it can be modified. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Export an AppLocker policy from a GPO diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file.md b/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file.md index 9612096a6e..106a4d836e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/export-an-applocker-policy-to-an-xml-file.md @@ -3,7 +3,7 @@ title: Export an AppLocker policy to an XML file description: This article for IT professionals describes the steps to export an AppLocker policy to an XML file for review or testing. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Export an AppLocker policy to an XML file diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref.md b/windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref.md index b2f3e10097..c704a9e977 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/how-applocker-works-techref.md @@ -3,7 +3,7 @@ title: How AppLocker works description: This article for the IT professional provides links to articles about AppLocker architecture and components, processes and interactions, rules and policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # How AppLocker works diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer.md b/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer.md index 6998942c9b..2472b7892c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-from-another-computer.md @@ -3,7 +3,7 @@ title: Import an AppLocker policy from another computer description: This article for IT professionals describes how to import an AppLocker policy. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Import an AppLocker policy from another computer diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo.md b/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo.md index cf00b805b3..039d978649 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/import-an-applocker-policy-into-a-gpo.md @@ -3,7 +3,7 @@ title: Import an AppLocker policy into a GPO description: This article for IT professionals describes the steps to import an AppLocker policy into a Group Policy Object (GPO). ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Import an AppLocker policy into a GPO diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies.md index 75f6df943a..a4926c5f73 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/maintain-applocker-policies.md @@ -3,7 +3,7 @@ title: Maintain AppLocker policies description: Learn how to maintain rules within AppLocker policies. View common AppLocker maintenance scenarios and see the methods to use to maintain AppLocker policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 01/03/2024 +ms.date: 09/11/2024 --- # Maintain AppLocker policies diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker.md index f190ea35b7..b3e041a0f1 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/manage-packaged-apps-with-applocker.md @@ -3,7 +3,7 @@ title: Manage packaged apps with AppLocker description: Learn concepts and lists procedures to help you manage packaged apps with AppLocker as part of your overall application control strategy. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/20/2023 +ms.date: 09/11/2024 --- # Manage packaged apps with AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md index 5dcf968359..4df24222a0 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md @@ -3,7 +3,7 @@ title: Merge AppLocker policies by using Set-ApplockerPolicy description: This article for IT professionals describes the steps to merge AppLocker policies by using Windows PowerShell. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Merge AppLocker policies by using Set-ApplockerPolicy diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md index 36686c2fea..324bef3248 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/merge-applocker-policies-manually.md @@ -3,7 +3,7 @@ title: Merge AppLocker policies manually description: This article for IT professionals describes the steps to manually merge AppLocker policies to update the Group Policy Object (GPO). ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Merge AppLocker policies manually diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker.md index 984bdf95d2..14b704afe3 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/monitor-application-usage-with-applocker.md @@ -3,7 +3,7 @@ title: Monitor app usage with AppLocker description: This article for IT professionals describes how to monitor app usage when AppLocker policies are applied. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/19/2023 +ms.date: 09/11/2024 --- # Monitor app usage with AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance.md b/windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance.md index 63277272b1..f160bda367 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/optimize-applocker-performance.md @@ -3,7 +3,7 @@ title: Optimize AppLocker performance description: This article for IT professionals describes how to optimize AppLocker policy enforcement. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 01/03/2024 +ms.date: 09/11/2024 --- # Optimize AppLocker performance diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md index d084a76681..7085567383 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md @@ -3,7 +3,7 @@ title: Packaged apps and packaged app installer rules in AppLocker description: This article explains the AppLocker rule collection for packaged app installers and packaged apps. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Packaged apps and packaged app installer rules in AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management.md b/windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management.md index 71910f46d2..51f30ea841 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/plan-for-applocker-policy-management.md @@ -3,7 +3,7 @@ title: Plan for AppLocker policy management description: This article describes the decisions you need to make to establish the processes for managing and maintaining AppLocker policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Plan for AppLocker policy management diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy.md index 4dcd7f89ab..5d2df1f250 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/refresh-an-applocker-policy.md @@ -3,7 +3,7 @@ title: Refresh an AppLocker policy description: This article for IT professionals describes the steps to force an update for an AppLocker policy. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Refresh an AppLocker policy diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies.md index eb55e89166..2caf917483 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-for-deploying-applocker-policies.md @@ -3,7 +3,7 @@ title: Requirements for deploying AppLocker policies description: This deployment article for the IT professional lists the requirements that you need to consider before you deploy AppLocker policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Requirements for deploying AppLocker policies diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker.md index 3d5dcd1008..7bb94f1197 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/requirements-to-use-applocker.md @@ -3,7 +3,7 @@ title: Requirements to use AppLocker description: This article for the IT professional lists software requirements to use AppLocker on the supported Windows operating systems. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Requirements to use AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md index ca9f4ae325..e4481ab2c7 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/rule-collection-extensions.md @@ -6,7 +6,7 @@ ms.collection: - must-keep ms.topic: conceptual ms.localizationpriority: medium -ms.date: 06/07/2024 +ms.date: 09/11/2024 --- # AppLocker rule collection extensions diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard.md b/windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard.md index d4d62202c4..3108458c0f 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/run-the-automatically-generate-rules-wizard.md @@ -3,7 +3,7 @@ title: Run the Automatically Generate Rules wizard description: This article for IT professionals describes steps to run the wizard to create AppLocker rules on a reference device. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Run the Automatically Generate Rules wizard diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker.md index 0343d4d644..bc342eba8b 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/script-rules-in-applocker.md @@ -3,7 +3,7 @@ title: Script rules in AppLocker description: This article describes the file formats and available default rules for the script rule collection. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Script rules in AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker.md index 0422c26a4d..6a11796ca7 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/security-considerations-for-applocker.md @@ -3,7 +3,7 @@ title: Security considerations for AppLocker description: This article for the IT professional describes the security considerations you need to address when implementing AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Security considerations for AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create.md b/windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create.md index 6c5dde6cc8..8000ce41d4 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/select-types-of-rules-to-create.md @@ -3,7 +3,7 @@ title: Select the types of rules to create description: This article lists resources you can use when selecting your application control policy rules by using AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Select the types of rules to create diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md index 180145ef77..c7042db13e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md @@ -3,7 +3,7 @@ title: Test an AppLocker policy by using Test-AppLockerPolicy description: This article for IT professionals describes the steps to test an AppLocker policy prior to importing it into a Group Policy Object (GPO) or another computer. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Test an AppLocker policy by using Test-AppLockerPolicy diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy.md index e47477a31a..00e03f5081 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/test-and-update-an-applocker-policy.md @@ -3,7 +3,7 @@ title: Test and update an AppLocker policy description: This article discusses the steps required to test an AppLocker policy prior to deployment. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 01/03/2024 +ms.date: 09/11/2024 --- # Test and update an AppLocker policy diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker.md index 38354ddb98..5b1ed0083d 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/tools-to-use-with-applocker.md @@ -3,7 +3,7 @@ title: Tools to use with AppLocker description: This article for the IT professional describes the tools available to create and administer AppLocker policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Tools to use with AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions.md index 898b41da58..3cc00fdf6e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-policy-design-decisions.md @@ -3,7 +3,7 @@ title: Understand AppLocker policy design decisions description: Review some common considerations while you're planning to use AppLocker to deploy application control policies within a Windows environment. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Understand AppLocker policy design decisions diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md index 86556f815e..89f62e0cb9 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md @@ -3,7 +3,7 @@ title: Understand AppLocker rules and enforcement setting inheritance in Group P description: This article for the IT professional describes how application control policies configured in AppLocker are applied through Group Policy. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Understand AppLocker rules and enforcement setting inheritance in Group Policy diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process.md index 3340e10f44..43e63220e5 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understand-the-applocker-policy-deployment-process.md @@ -3,7 +3,7 @@ title: Understand the AppLocker policy deployment process description: This planning and deployment article for the IT professional describes the process for using AppLocker when deploying application control policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Understand the AppLocker policy deployment process diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md index bd84599f4e..86c795601f 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md @@ -3,7 +3,7 @@ title: Understanding AppLocker allow and deny actions on rules description: This article explains the differences between allow and deny actions on AppLocker rules. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Understanding AppLocker allow and deny actions on rules diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules.md index b70374af0f..67b52608e3 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-default-rules.md @@ -3,7 +3,7 @@ title: Understanding AppLocker default rules description: This article for IT professional describes the set of rules that can be used to ensure that required Windows system files continue to run when the policy is applied. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Understanding AppLocker default rules @@ -29,9 +29,9 @@ These permissions settings are applied to this folder for app compatibility. How | --- | --- | | [Executable rules in AppLocker](executable-rules-in-applocker.md) | This article describes the file formats and available default rules for the executable rule collection. | | [Windows Installer rules in AppLocker](windows-installer-rules-in-applocker.md) | This article describes the file formats and available default rules for the Windows Installer rule collection.| -| [Script rules in AppLocker](script-rules-in-applocker.md) | This article describes the file formats and available default rules for the script rule collection.| -| [DLL rules in AppLocker](dll-rules-in-applocker.md) | This article describes the file formats and available default rules for the DLL rule collection.| -| [Packaged apps and packaged app installer rules in AppLocker](packaged-apps-and-packaged-app-installer-rules-in-applocker.md) | This article explains the AppLocker rule collection for packaged app installers and packaged apps.| +| [Script rules in AppLocker](script-rules-in-applocker.md) | This article describes the file formats and available default rules for the script rule collection.| +| [DLL rules in AppLocker](dll-rules-in-applocker.md) | This article describes the file formats and available default rules for the DLL rule collection.| +| [Packaged apps and packaged app installer rules in AppLocker](packaged-apps-and-packaged-app-installer-rules-in-applocker.md) | This article explains the AppLocker rule collection for packaged app installers and packaged apps.| ## Related articles diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior.md index e97d2e0962..0d9b08e51c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-behavior.md @@ -3,7 +3,7 @@ title: Understanding AppLocker rule behavior description: This article describes how AppLocker rules are enforced by using the allow and deny options in AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Understanding AppLocker rule behavior diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections.md index bd418d4ce7..8ee9ed92d5 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-collections.md @@ -3,7 +3,7 @@ title: Understanding AppLocker rule collections description: This article explains the five different types of AppLocker rule collections used to enforce AppLocker policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Understanding AppLocker rule collections diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types.md index 2c4967a466..1bbbc6329c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-condition-types.md @@ -3,7 +3,7 @@ title: Understanding AppLocker rule condition types description: This article for the IT professional describes the three types of AppLocker rule conditions. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Understanding AppLocker rule condition types diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions.md index 2df99102d0..b95fadae6e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-applocker-rule-exceptions.md @@ -3,7 +3,7 @@ title: Understanding AppLocker rule exceptions description: This article describes the result of applying AppLocker rule exceptions to rule collections. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Understanding AppLocker rule exceptions @@ -14,8 +14,8 @@ This article describes the result of applying AppLocker rule exceptions to rule You can apply AppLocker rules to individual users or a group of users. If you apply a rule to a group of users, the rule affects all users in that group. If you need to allow a subset of a user group to use an app, you can create a special rule for that subset. -For example, the rule "Allow Everyone to run Windows except Registry Editor" allows Everyone to run Windows binaries, but doesn't allow anyone to run Registry Editor (by adding %WINDIR%\regedit.exe as a Path Exception for the rule). -The effect of this rule would prevent users such as Helpdesk personnel from running the Registry Editor, a program that is necessary for their support tasks. +For example, the rule "Allow Everyone to run Windows except Registry Editor" allows Everyone to run Windows binaries, but doesn't allow anyone to run Registry Editor (by adding %WINDIR%\regedit.exe as a Path Exception for the rule). +The effect of this rule would prevent users such as Helpdesk personnel from running the Registry Editor, a program that is necessary for their support tasks. To resolve this problem, create a second rule that applies to the Helpdesk user group: "Allow Helpdesk to run Registry Editor" and add %WINDIR%\regedit.exe as an allowed path. If you create a deny rule that blocks Registry Editor for all users, the deny rule overrides the second rule that allows the Helpdesk user group to run Registry Editor. ## Related articles diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker.md index 9937009a5e..b9460ff54a 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-file-hash-rule-condition-in-applocker.md @@ -3,7 +3,7 @@ title: Understanding the file hash rule condition in AppLocker description: This article explains how to use the AppLocker file hash rule condition and its advantages and disadvantages. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Understanding the file hash rule condition in AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker.md index 2d1d4b9cae..4175eba0ef 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-path-rule-condition-in-applocker.md @@ -3,7 +3,7 @@ title: Understanding the path rule condition in AppLocker description: This article explains how to apply the AppLocker path rule condition and its advantages and disadvantages. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Understanding the path rule condition in AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker.md index 171ef6e3f1..be3c3767d4 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker.md @@ -3,7 +3,7 @@ title: Understanding the publisher rule condition in AppLocker description: This article explains how to apply the AppLocker publisher rule condition and what controls are available. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # Understanding the publisher rule condition in AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md index 47b1b1388d..8bc76ea93a 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md @@ -3,7 +3,7 @@ title: Use a reference device to create and maintain AppLocker policies description: This article for the IT professional describes the steps to create and maintain AppLocker policies by using a reference computer. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/22/2023 +ms.date: 09/11/2024 --- # Use a reference device to create and maintain AppLocker policies diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets.md b/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets.md index 0678fb60b9..574c33a03b 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/use-the-applocker-windows-powershell-cmdlets.md @@ -3,7 +3,7 @@ title: Use the AppLocker Windows PowerShell cmdlets description: This article for IT professionals describes how each AppLocker Windows PowerShell cmdlet can help you administer your AppLocker application control policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 01/03/2024 +ms.date: 09/11/2024 --- # Use the AppLocker Windows PowerShell cmdlets diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker.md index 19b2256345..65fa1be015 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/using-event-viewer-with-applocker.md @@ -3,7 +3,7 @@ title: Using Event Viewer with AppLocker description: This article lists AppLocker events and describes how to use Event Viewer with AppLocker. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md index 24f7f1e8c2..9fa362969d 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/what-is-applocker.md @@ -3,7 +3,7 @@ title: What Is AppLocker description: This article for the IT professional describes what AppLocker is. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/23/2023 +ms.date: 09/11/2024 --- # What Is AppLocker? diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker.md index e64e6e97ff..cfc1ce02c6 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/windows-installer-rules-in-applocker.md @@ -3,7 +3,7 @@ title: Windows Installer rules in AppLocker description: This article describes the file formats and available default rules for the Windows Installer rule collection. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/24/2023 +ms.date: 09/11/2024 --- # Windows Installer rules in AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies.md b/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies.md index 189d8f1654..2a7f5153ec 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-policies.md @@ -3,7 +3,7 @@ title: Working with AppLocker policies description: This article for IT professionals provides links to procedural articles about creating, maintaining, and testing AppLocker policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/21/2023 +ms.date: 09/11/2024 --- # Working with AppLocker policies diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules.md b/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules.md index e06ef57ede..c827358a61 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/working-with-applocker-rules.md @@ -3,7 +3,7 @@ title: Working with AppLocker rules description: This article for IT professionals describes AppLocker rule types and how to work with them for your application control policies. ms.localizationpriority: medium msauthor: jsuther -ms.date: 12/21/2023 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md index 51bff6035e..ef04dc6447 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md @@ -2,7 +2,7 @@ title: Deploying App Control for Business policies description: Learn how to plan and implement an App Control deployment. ms.localizationpriority: medium -ms.date: 01/23/2023 +ms.date: 09/11/2024 ms.topic: overview --- diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md index ab70616836..d6a2075e5c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md @@ -2,7 +2,7 @@ title: Use audit events to create App Control policy rules description: Audits allow admins to discover apps, binaries, and scripts that should be added to the App Control policy. ms.localizationpriority: medium -ms.date: 05/03/2018 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md index e69da9c3d9..6da9a96b92 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md @@ -3,7 +3,7 @@ title: Create a code signing cert for App Control for Business description: Learn how to set up a publicly issued code signing certificate, so you can sign catalog files or App Control policies internally. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 12/01/2022 +ms.date: 09/11/2024 --- # Optional: Create a code signing cert for App Control for Business diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md index 5da05ac029..885c8d0203 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md @@ -2,7 +2,7 @@ title: Deploy App Control policies via Group Policy description: App Control for Business policies can easily be deployed and managed with Group Policy. Learn how by following this step-by-step guide. ms.localizationpriority: medium -ms.date: 01/23/2023 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md index 033199a9d7..472b039866 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-intune.md @@ -2,7 +2,7 @@ title: Deploy App Control policies using Mobile Device Management (MDM) description: You can use an MDM like Microsoft Intune to configure App Control for Business. Learn how with this step-by-step guide. ms.localizationpriority: medium -ms.date: 08/30/2023 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md index 9f0690159b..ae36e1b394 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md @@ -1,7 +1,7 @@ --- title: Deploy App Control for Business policies with Configuration Manager description: You can use Microsoft Configuration Manager to configure App Control for Business. Learn how with this step-by-step guide. -ms.date: 06/27/2022 +ms.date: 09/11/2024 ms.topic: how-to ms.localizationpriority: medium --- diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md index af79b9bdae..369252b993 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-script.md @@ -2,7 +2,7 @@ title: Deploy App Control for Business policies using script description: Use scripts to deploy App Control for Business policies. Learn how with this step-by-step guide. ms.manager: jsuther -ms.date: 01/23/2023 +ms.date: 09/11/2024 ms.topic: how-to ms.localizationpriority: medium --- diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md index 720bd02496..2c21e89039 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md @@ -3,7 +3,7 @@ title: Deploy catalog files to support App Control for Business description: Catalog files simplify running unsigned applications in the presence of an App Control for Business policy. ms.localizationpriority: medium ms.topic: how-to -ms.date: 11/30/2022 +ms.date: 09/11/2024 --- # Deploy catalog files to support App Control for Business diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md index f1854c5256..a3add21030 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md @@ -2,7 +2,7 @@ title: Remove App Control for Business policies description: Learn how to disable both signed and unsigned App Control for Business policies, within Windows and within the BIOS. ms.localizationpriority: medium -ms.date: 11/04/2022 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md index 366e667360..2cdc475a62 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md @@ -2,7 +2,7 @@ title: Enforce App Control for Business policies description: Learn how to switch an App Control policy from audit to enforced mode. ms.manager: jsuther -ms.date: 04/22/2021 +ms.date: 09/11/2024 ms.topic: how-to ms.localizationpriority: medium --- diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies.md index 9b5a212b93..e17a4dfdd6 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/merge-appcontrol-policies.md @@ -2,7 +2,7 @@ title: Merge App Control for Business policies (App Control) description: Learn how to merge App Control policies as part of your policy lifecycle management. ms.manager: jsuther -ms.date: 04/22/2021 +ms.date: 09/11/2024 ms.topic: how-to ms.localizationpriority: medium --- diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection.md b/windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection.md index 3ecb62b9ab..69735b11bd 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/use-code-signing-for-better-control-and-protection.md @@ -3,7 +3,7 @@ title: Use code signing for added control and protection with App Control description: Code signing can be used to better control Win32 app authorization and add protection for your App Control for Business policies. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 11/29/2022 +ms.date: 09/11/2024 --- # Use code signing for added control and protection with App Control for Business diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md b/windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md index 2efbc6006f..6aa667b28a 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/use-signed-policies-to-protect-appcontrol-against-tampering.md @@ -3,7 +3,7 @@ title: Use signed policies to protect App Control for Business against tampering description: Signed App Control for Business policies give organizations the highest level of malware protection available in Windows 10 and Windows 11. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 11/04/2022 +ms.date: 09/11/2024 --- # Use signed policies to protect App Control for Business against tampering diff --git a/windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy.md index 5486c2f261..7968a8fb46 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/allow-com-object-registration-in-appcontrol-policy.md @@ -2,7 +2,7 @@ title: Allow COM object registration in an App Control policy description: You can allow COM object registration in an App Control for Business policy. ms.localizationpriority: medium -ms.date: 04/05/2023 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md index 09dddfe111..e1c1d02183 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md @@ -2,7 +2,7 @@ title: App Control for Business and .NET description: Understand how App Control and .NET work together and use Dynamic Code Security to verify code loaded by .NET at runtime. ms.localizationpriority: medium -ms.date: 11/22/2023 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md index 3df4fc4c5e..c0f8a3ac86 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md @@ -3,7 +3,7 @@ title: App Control for Business design guide description: Microsoft App Control for Business allows organizations to control what apps and drivers will run on their managed Windows devices. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 02/20/2018 +ms.date: 09/11/2024 --- # App Control for Business design guide diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md index 4af4a5ead2..047765f59e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md @@ -3,7 +3,7 @@ title: App Control for Business Wizard Base Policy Creation description: Creating new base application control policies with the Microsoft Windows Defender Application (App Control) Wizard. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 06/07/2023 +ms.date: 09/11/2024 --- # Creating a new Base Policy with the Wizard diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md index a69d5828bc..c9c5d9e5dd 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md @@ -3,7 +3,7 @@ title: App Control for Business Wizard Supplemental Policy Creation description: Creating supplemental application control policies with the App Control Wizard. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 06/07/2023 +ms.date: 09/11/2024 --- # Creating a new Supplemental Policy with the Wizard diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md index 3888dad4ef..0386faab8c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md @@ -3,7 +3,7 @@ title: Editing App Control for Business Policies with the Wizard description: Editing existing base and supplemental policies with the Microsoft App Control Wizard. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 10/14/2020 +ms.date: 09/11/2024 --- # Editing existing base and supplemental App Control policies with the Wizard diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md index 2c281f890c..552575d966 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md @@ -3,7 +3,7 @@ title: App Control for Business Wizard Policy Merging Operation description: Merging multiple policies into a single application control policy with the Microsoft App Control Wizard. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 10/14/2020 +ms.date: 09/11/2024 --- # Merging existing policies with the App Control Wizard diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md index 9c845bb9be..c2cfced0cc 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md @@ -3,7 +3,7 @@ title: App Control for Business Wizard App Control Event Parsing description: Creating App Control policy rules from the App Control event logs and the MDE Advanced Hunting App Control events. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 01/24/2024 +ms.date: 09/11/2024 --- # Creating App Control Policy Rules from App Control Events in the Wizard diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md index 9ec3be4ab8..98e2dce79c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md @@ -3,7 +3,7 @@ title: App Control for Business Wizard description: The App Control for Business policy wizard tool allows you to create, edit, and merge application control policies in a simple to use Windows application. ms.localizationpriority: medium ms.topic: conceptual -ms.date: 05/24/2022 +ms.date: 09/11/2024 --- # App Control for Business Wizard diff --git a/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md index c90ba96a33..4c1fa978de 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md @@ -2,7 +2,7 @@ title: Applications that can bypass App Control and how to block them description: View a list of recommended block rules, based on knowledge shared between Microsoft and the wider security community. ms.localizationpriority: medium -ms.date: 06/14/2023 +ms.date: 09/11/2024 ms.topic: reference --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md b/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md index 5e3b54177c..47518989bc 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md @@ -2,7 +2,7 @@ title: Policy creation for common App Control usage scenarios description: Develop a plan for deploying App Control for Business in your organization based on these common scenarios. ms.localizationpriority: medium -ms.date: 04/05/2023 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md index 6bd9d7af32..481ca558a2 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md @@ -2,7 +2,7 @@ title: Allow apps deployed with an App Control managed installer description: Explains how to configure a custom Managed Installer. ms.localizationpriority: medium -ms.date: 02/02/2023 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy.md index 7c79a41b6f..0e52f30f3d 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-deny-policy.md @@ -2,7 +2,7 @@ title: Create App Control Deny Policy description: Explains how to create App Control deny policies ms.localizationpriority: medium -ms.date: 12/31/2017 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md index a84c66065c..7d072cd15c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md @@ -3,7 +3,7 @@ title: Create an App Control policy for fully managed devices description: App Control for Business restricts which applications users are allowed to run and the code that runs in system core. ms.topic: conceptual ms.localizationpriority: medium -ms.date: 11/07/2022 +ms.date: 09/11/2024 --- # Create an App Control policy for fully managed devices diff --git a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md index 6b2cfab15e..462985011f 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md @@ -3,7 +3,7 @@ title: Create an App Control policy for lightly managed devices description: App Control for Business restricts which applications users are allowed to run and the code that runs in the system core. ms.topic: conceptual ms.localizationpriority: medium -ms.date: 11/07/2022 +ms.date: 09/11/2024 --- # Create an App Control policy for lightly managed devices diff --git a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md index 3815ec47a9..aabf7e392f 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md @@ -2,7 +2,7 @@ title: Create an App Control policy using a reference computer description: To create an App Control for Business policy that allows all code installed on a reference computer within your organization, follow this guide. ms.localizationpriority: medium -ms.date: 08/08/2022 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md index c1b95fc42b..add9351935 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md @@ -2,7 +2,7 @@ title: Use multiple App Control for Business Policies description: App Control for Business supports multiple code integrity policies for one device. ms.localizationpriority: medium -ms.date: 04/15/2024 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md index 03de231471..02073ebcb4 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md @@ -3,7 +3,7 @@ title: Example App Control for Business base policies description: When creating an App Control for Business policy for an organization, start from one of the many available example base policies. ms.topic: reference ms.localizationpriority: medium -ms.date: 03/31/2023 +ms.date: 09/11/2024 --- # App Control for Business example base policies diff --git a/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md index 593f045ea8..c9bf48a7fe 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md @@ -2,7 +2,7 @@ title: Manage packaged apps with App Control description: Packaged apps, also known as Universal Windows apps, allow you to control the entire app by using a single App Control for Business rule. ms.localizationpriority: medium -ms.date: 03/01/2023 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules.md b/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules.md index 1c8766bfd6..3ce08b2022 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules.md @@ -5,7 +5,7 @@ ms.localizationpriority: medium ms.collection: - tier3 - must-keep -ms.date: 01/24/2024 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md b/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md index cf4398b09c..80d643ea68 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md @@ -2,7 +2,7 @@ title: Plan for App Control policy management description: Learn about the decisions you need to make to establish the processes for managing and maintaining App Control for Business policies. ms.localizationpriority: medium -ms.date: 11/22/2023 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md b/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md index 3dd1c5baa0..69698bb2b3 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md @@ -2,7 +2,7 @@ title: Understand App Control script enforcement description: App Control script enforcement ms.manager: jsuther -ms.date: 05/26/2023 +ms.date: 09/11/2024 ms.topic: conceptual ms.localizationpriority: medium --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create.md b/windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create.md index 035315a1ce..8cdfe418ba 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/select-types-of-rules-to-create.md @@ -2,7 +2,7 @@ title: Understand App Control for Business policy rules and file rules description: Learn how App Control policy rules and file rules can control your Windows 10 and Windows 11 computers. ms.localizationpriority: medium -ms.date: 11/22/2023 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md b/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md index 78f52e5bb8..823efa79de 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md @@ -2,7 +2,7 @@ title: Understand App Control for Business policy design decisions description: Understand App Control for Business policy design decisions. ms.localizationpriority: medium -ms.date: 02/08/2018 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings.md b/windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings.md index 7bed54d0b5..995deda446 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/understanding-appcontrol-policy-settings.md @@ -2,7 +2,7 @@ title: Understanding App Control for Business secure settings description: Learn about secure settings in App Control for Business. ms.localizationpriority: medium -ms.date: 04/05/2023 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md index fe19d14ddd..d6fdc8e670 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-policy-to-control-specific-plug-ins-add-ins-and-modules.md @@ -2,7 +2,7 @@ title: Use an App Control for Business policy to control specific plug-ins, add-ins, and modules description: App Control policies can be used not only to control applications, but also to control whether specific plug-ins, add-ins, and modules can run from specific apps. ms.localizationpriority: medium -ms.date: 11/02/2022 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md index c45e0e913c..a7acc2735e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md @@ -2,7 +2,7 @@ title: Authorize reputable apps with the Intelligent Security Graph (ISG) description: Automatically authorize applications that Microsoft's ISG recognizes as having known good reputation. ms.localizationpriority: medium -ms.date: 12/31/2017 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/feature-availability.md b/windows/security/application-security/application-control/app-control-for-business/feature-availability.md index 08ac47628e..378c52a9d2 100644 --- a/windows/security/application-security/application-control/app-control-for-business/feature-availability.md +++ b/windows/security/application-security/application-control/app-control-for-business/feature-availability.md @@ -2,7 +2,7 @@ title: App Control for Business feature availability description: Compare App Control for Business and AppLocker feature availability. ms.localizationpriority: medium -ms.date: 12/21/2023 +ms.date: 09/11/2024 ms.topic: overview --- diff --git a/windows/security/application-security/application-control/app-control-for-business/index.yml b/windows/security/application-security/application-control/app-control-for-business/index.yml index 2d6724de01..c9c90173d3 100644 --- a/windows/security/application-security/application-control/app-control-for-business/index.yml +++ b/windows/security/application-security/application-control/app-control-for-business/index.yml @@ -8,7 +8,7 @@ metadata: author: vinaypamnani-msft ms.author: vinpa manager: aaroncz - ms.date: 08/14/2024 + ms.date: 09/11/2024 # linkListType: overview | how-to-guide | tutorial | video landingContent: # Cards and links should be based on top customer tasks or top subjects diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md index 9ae6380b95..d83c66d961 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-debugging-and-troubleshooting.md @@ -2,7 +2,7 @@ title: App Control debugging and troubleshooting guide description: Learn how to debug and troubleshoot app and script failures when using App Control ms.topic: how-to -ms.date: 04/06/2023 +ms.date: 09/11/2024 --- # App Control debugging and troubleshooting diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md index 66174cd4c2..15621fd0ff 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md @@ -2,7 +2,7 @@ title: Managing and troubleshooting App Control for Business policies description: Gather information about how your deployed App Control for Business policies are behaving. ms.localizationpriority: medium -ms.date: 03/30/2023 +ms.date: 09/11/2024 ms.topic: how-to --- diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md b/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md index 745b3775b8..d5dba038d4 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md @@ -2,7 +2,7 @@ title: Managing CI policies and tokens with CiTool description: Learn how to use policy commands, token commands, and miscellaneous commands in CiTool ms.topic: reference -ms.date: 10/02/2023 +ms.date: 09/11/2024 appliesto: - ✅ Windows 11 --- diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md b/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md index 617f88803b..05c8f6b852 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md @@ -2,7 +2,7 @@ title: Managed installer and ISG technical reference and troubleshooting guide description: A technical reference and troubleshooting guide for managed installer and Intelligent Security Graph (ISG). ms.localizationpriority: medium -ms.date: 11/11/2022 +ms.date: 09/11/2024 ms.topic: troubleshooting --- diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md b/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md index adc243adbd..862bf39d1a 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md @@ -2,7 +2,7 @@ title: Understanding Application Control event IDs description: Learn what different App Control for Business event IDs signify. ms.localizationpriority: medium -ms.date: 03/24/2023 +ms.date: 09/11/2024 ms.topic: reference --- diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md b/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md index 53f32d71c1..42552c1b23 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md @@ -2,7 +2,7 @@ title: Understanding Application Control event tags description: Learn what different App Control for Business event tags signify. ms.localizationpriority: medium -ms.date: 05/09/2023 +ms.date: 09/11/2024 ms.topic: conceptual --- diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md index b1d1e72d45..b1a415cde3 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md @@ -2,7 +2,7 @@ title: Inbox App Control policies description: This article describes the inbox App Control policies that may be active on a device. ms.manager: jsuther -ms.date: 03/10/2023 +ms.date: 09/11/2024 ms.topic: conceptual ms.localizationpriority: medium --- diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md b/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md index fc5418764b..5288f40a3e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md @@ -2,7 +2,7 @@ title: App Control Admin Tips & Known Issues description: App Control Known Issues ms.manager: jsuther -ms.date: 04/15/2024 +ms.date: 09/11/2024 ms.topic: troubleshooting ms.localizationpriority: medium --- diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md b/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md index a04cd4595e..a60c584ba9 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md @@ -2,7 +2,7 @@ title: Query Application Control events with Advanced Hunting description: Learn how to query App Control for Business events across your entire organization by using Advanced Hunting. ms.localizationpriority: medium -ms.date: 03/01/2022 +ms.date: 09/11/2024 ms.topic: troubleshooting --- From eeb9b16719121e5ca6303953172c7eeb794c7c21 Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Mon, 23 Sep 2024 10:18:06 -0600 Subject: [PATCH 12/23] Update include file --- .../licensing/windows-defender-application-control-wdac.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/includes/licensing/windows-defender-application-control-wdac.md b/includes/licensing/windows-defender-application-control-wdac.md index 52264205ff..87446bab24 100644 --- a/includes/licensing/windows-defender-application-control-wdac.md +++ b/includes/licensing/windows-defender-application-control-wdac.md @@ -1,19 +1,19 @@ --- author: paolomatarazzo ms.author: paoloma -ms.date: 09/18/2023 +ms.date: 09/23/2024 ms.topic: include --- ## Windows edition and licensing requirements -The following table lists the Windows editions that support Windows Defender Application Control (WDAC): +The following table lists the Windows editions that support App Control for Business: |Windows Pro|Windows Enterprise|Windows Pro Education/SE|Windows Education| |:---:|:---:|:---:|:---:| |Yes|Yes|Yes|Yes| -Windows Defender Application Control (WDAC) license entitlements are granted by the following licenses: +App Control license entitlements are granted by the following licenses: |Windows Pro/Pro Education/SE|Windows Enterprise E3|Windows Enterprise E5|Windows Education A3|Windows Education A5| |:---:|:---:|:---:|:---:|:---:| From 891705f269845eafb97aea968e94c6b8d7e225ea Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Mon, 23 Sep 2024 11:08:16 -0600 Subject: [PATCH 13/23] Minor TOC updates --- .../application-control/app-control-for-business/TOC.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/application-security/application-control/app-control-for-business/TOC.yml b/windows/security/application-security/application-control/app-control-for-business/TOC.yml index 281cda06cd..f2cf8c651c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/TOC.yml +++ b/windows/security/application-security/application-control/app-control-for-business/TOC.yml @@ -10,7 +10,7 @@ href: feature-availability.md - name: Virtualization-based protection of code integrity href: ../introduction-to-virtualization-based-security-and-appcontrol.md -- name: App Control design guide +- name: Design guide href: design/appcontrol-design-guide.md items: - name: Plan for App Control policy lifecycle management @@ -72,7 +72,7 @@ href: design/appcontrol-wizard-parsing-event-logs.md - name: Merging multiple App Control policies with the Wizard href: design/appcontrol-wizard-merging-policies.md -- name: App Control deployment guide +- name: Deployment guide href: deployment/appcontrol-deployment-guide.md items: - name: Deploy App Control policies with MDM @@ -100,7 +100,7 @@ href: deployment/create-code-signing-cert-for-appcontrol.md - name: Disable App Control policies href: deployment/disable-appcontrol-policies.md -- name: App Control operational guide +- name: Operational guide href: operations/appcontrol-operational-guide.md items: - name: App Control debugging and troubleshooting @@ -119,7 +119,7 @@ href: operations/citool-commands.md - name: Inbox App Control policies href: operations/inbox-appcontrol-policies.md -- name: App Control AppId Tagging guide +- name: AppId Tagging guide href: AppIdTagging/appcontrol-appid-tagging-guide.md items: - name: Creating AppId Tagging Policies From da01c21eae246241598ee78166db9de629419e0d Mon Sep 17 00:00:00 2001 From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com> Date: Mon, 23 Sep 2024 12:48:34 -0600 Subject: [PATCH 14/23] Update windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md Co-authored-by: Jordan Geurten --- .../app-control-for-business/design/appcontrol-and-dotnet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md index e1c1d02183..6e31a5e523 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md @@ -25,7 +25,7 @@ To mitigate any performance impact caused when the App Control EA isn't valid or Security researchers found that some .NET capabilities that allow apps to load libraries from external sources or generate new code at runtime can be used to circumvent App Control controls. To address this potential vulnerability, App Control includes an option called *Dynamic Code Security* that works with .NET to verify code loaded at runtime. -When the Dynamic Code Security option is enabled, Application Control policy is applied to libraries that .NET loads from external sources. For example, any remote sources, such as the internet or a network share. +When the Dynamic Code Security option is enabled, the App Control policy is applied to libraries that .NET loads from external sources. For example, any remote sources, such as the internet or a network share. > [!IMPORTANT] > .Net dynamic code security hardening is *turned on and enforced* if any App Control policy with UMCI enabled has set option **19 Enabled:Dynamic Code Security**. There is no audit mode for this feature. You should test your apps with this option set before turning it on across large numbers of devices. From f1d87391beaa1719b1994ad1475321f0a81cb4e5 Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Mon, 23 Sep 2024 13:32:52 -0600 Subject: [PATCH 15/23] More changes --- .../design-create-appid-tagging-policies.md | 4 +- .../app-control-for-business/TOC.yml | 4 +- .../applocker/administer-applocker.md | 4 +- .../applocker/applocker-overview.md | 4 +- .../deployment/appcontrol-deployment-guide.md | 2 +- .../deployment/audit-appcontrol-policies.md | 4 +- .../deployment/enforce-appcontrol-policies.md | 2 +- .../design/appcontrol-design-guide.md | 12 +-- .../appcontrol-wizard-create-base-policy.md | 8 +- ...ntrol-wizard-create-supplemental-policy.md | 6 +- .../appcontrol-wizard-merging-policies.md | 2 +- .../design/appcontrol-wizard.md | 8 +- ...applications-that-can-bypass-appcontrol.md | 2 +- .../design/common-appcontrol-use-cases.md | 2 +- ...-apps-deployed-with-a-managed-installer.md | 4 +- ...ontrol-policy-for-fully-managed-devices.md | 2 +- ...trol-policy-for-lightly-managed-devices.md | 6 +- ...control-policy-using-reference-computer.md | 2 +- .../manage-packaged-apps-with-appcontrol.md | 4 +- .../design/plan-appcontrol-management.md | 6 +- .../design/script-enforcement.md | 2 +- ...tand-appcontrol-policy-design-decisions.md | 14 +-- ...control-with-intelligent-security-graph.md | 6 +- .../app-control-for-business/index.yml | 2 +- .../appcontrol-operational-guide.md | 4 +- .../configure-appcontrol-managed-installer.md | 2 +- .../operations/event-id-explanations.md | 94 +++++++++---------- .../operations/event-tag-explanations.md | 6 +- ...events-centrally-using-advanced-hunting.md | 12 +-- 29 files changed, 115 insertions(+), 115 deletions(-) diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md index 714c740613..26940bd0e3 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md @@ -2,7 +2,7 @@ title: Create your App Control for Business AppId Tagging Policies description: Create your App Control for Business AppId tagging policies for Windows devices. ms.localizationpriority: medium -ms.date: 09/11/2024 +ms.date: 09/23/2024 ms.topic: conceptual --- @@ -12,7 +12,7 @@ ms.topic: conceptual ## Create the policy using the App Control Wizard -You can use the App Control for Business Wizard and the PowerShell commands to create an application control policy and convert it to an AppIdTagging policy. The App Control Wizard is available for download at the [App Control Wizard Installer site](https://aka.ms/wdacwizard). These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](appcontrol-appid-tagging-guide.md). +You can use the App Control for Business Wizard and the PowerShell commands to create an App Control policy and convert it to an AppIdTagging policy. The App Control Wizard is available for download at the [App Control Wizard Installer site](https://aka.ms/wdacwizard). These PowerShell commands are only available on the supported platforms listed in [AppId Tagging Guide](appcontrol-appid-tagging-guide.md). 1. Create a new base policy using the templates: diff --git a/windows/security/application-security/application-control/app-control-for-business/TOC.yml b/windows/security/application-security/application-control/app-control-for-business/TOC.yml index f2cf8c651c..b5ff7c1588 100644 --- a/windows/security/application-security/application-control/app-control-for-business/TOC.yml +++ b/windows/security/application-security/application-control/app-control-for-business/TOC.yml @@ -105,9 +105,9 @@ items: - name: App Control debugging and troubleshooting href: operations/appcontrol-debugging-and-troubleshooting.md - - name: Understanding Application Control event IDs + - name: Understanding App Control event IDs href: operations/event-id-explanations.md - - name: Understanding Application Control event tags + - name: Understanding App Control event tags href: operations/event-tag-explanations.md - name: Query App Control events with Advanced hunting href: operations/querying-application-control-events-centrally-using-advanced-hunting.md diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md b/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md index bf972f7779..d2e0c1da1e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/administer-applocker.md @@ -27,11 +27,11 @@ AppLocker helps administrators control how users can access and use files, such | [Edit an AppLocker policy](edit-an-applocker-policy.md) | This article for IT professionals describes the steps required to modify an AppLocker policy. | | [Test and update an AppLocker policy](test-and-update-an-applocker-policy.md) | This article discusses the steps required to test an AppLocker policy prior to deployment. | | [Deploy AppLocker policies by using the enforce rules setting](deploy-applocker-policies-by-using-the-enforce-rules-setting.md) | This article for IT professionals describes the steps to deploy AppLocker policies by using the enforcement setting method. | -| [Use the AppLocker Windows PowerShell cmdlets](use-the-applocker-windows-powershell-cmdlets.md) | This article for IT professionals describes how each AppLocker Windows PowerShell cmdlet can help you administer your AppLocker application control policies. | +| [Use the AppLocker Windows PowerShell cmdlets](use-the-applocker-windows-powershell-cmdlets.md) | This article for IT professionals describes how each AppLocker Windows PowerShell cmdlet can help you administer your AppLocker policies. | | [Optimize AppLocker performance](optimize-applocker-performance.md) | This article for IT professionals describes how to optimize AppLocker policy enforcement. | | [Monitor app usage with AppLocker](monitor-application-usage-with-applocker.md) | This article for IT professionals describes how to monitor app usage when AppLocker policies are applied. | | [Manage packaged apps with AppLocker](manage-packaged-apps-with-applocker.md) | This article for IT professionals describes concepts and lists procedures to help you manage Packaged apps with AppLocker as part of your overall application control strategy. | -| [Working with AppLocker rules](working-with-applocker-rules.md) | This article for IT professionals describes AppLocker rule types and how to work with them for your application control policies. | +| [Working with AppLocker rules](working-with-applocker-rules.md) | This article for IT professionals describes AppLocker rule types and how to work with them for your policies. | | [Working with AppLocker policies](working-with-applocker-policies.md) | This article for IT professionals provides links to procedural articles about creating, maintaining, and testing AppLocker policies. | ## Using the MMC snap-ins to administer AppLocker diff --git a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md index 0786cd7b73..1af7a371bb 100644 --- a/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md +++ b/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview.md @@ -1,6 +1,6 @@ --- title: AppLocker -description: This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies. +description: This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker policies. ms.collection: - tier3 - must-keep @@ -11,7 +11,7 @@ ms.date: 09/11/2024 # AppLocker -This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies. AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers. AppLocker is also used by some features of App Control for Business. +This article provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker policies. AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers. AppLocker is also used by some features of App Control for Business. > [!NOTE] > AppLocker is a defense-in-depth security feature and not considered a defensible Windows [security feature](https://www.microsoft.com/msrc/windows-security-servicing-criteria). [App Control for Business](../appcontrol-and-applocker-overview.md) should be used when the goal is to provide robust protection against a threat and there are expected to be no by-design limitations that would prevent the security feature from achieving this goal. diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md index ef04dc6447..b3ba7121e7 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md @@ -36,7 +36,7 @@ Before you deploy your App Control policies, you must first convert the XML to i ## Plan your deployment -As with any significant change to your environment, implementing application control can have unintended consequences. To ensure the best chance for success, you should follow safe deployment practices and plan your deployment carefully. Identify the devices you'll manage with App Control and split them into deployment rings. This way, you can control the speed and scale of the deployment and respond if anything goes wrong. Define the success criteria that will determine when it's safe to continue from one ring to the next. +As with any significant change to your environment, implementing App Control can have unintended consequences. To ensure the best chance for success, you should follow safe deployment practices and plan your deployment carefully. Identify the devices you'll manage with App Control and split them into deployment rings. This way, you can control the speed and scale of the deployment and respond if anything goes wrong. Define the success criteria that will determine when it's safe to continue from one ring to the next. All App Control for Business policy changes should be deployed in audit mode before proceeding to enforcement. Carefully monitor events from devices where the policy has been deployed to ensure the block events you observe match your expectation before broadening the deployment to other deployment rings. If your organization uses Microsoft Defender for Endpoint, you can use the Advanced Hunting feature to centrally monitor App Control-related events. Otherwise, we recommend using an event log forwarding solution to collect relevant events from your managed endpoints. diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md index d6a2075e5c..59a910aa0f 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md @@ -10,7 +10,7 @@ ms.topic: conceptual [!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -Running Application Control in audit mode lets you discover applications, binaries, and scripts that are missing from your App Control policy but should be included. +Running App Control in audit mode lets you discover applications, binaries, and scripts that are missing from your App Control policy but should be included. While an App Control policy is running in audit mode, any binary that runs but would have been denied is logged in the **Applications and Services Logs\\Microsoft\\Windows\\CodeIntegrity\\Operational** event log. Script and MSI are logged in the **Applications and Services Logs\\Microsoft\\Windows\\AppLocker\\MSI and Script** event log. These events can be used to generate a new App Control policy that can be merged with the original Base policy or deployed as a separate Supplemental policy, if allowed. @@ -23,7 +23,7 @@ To familiarize yourself with creating App Control rules from audit events, follo 1. Install and run an application not allowed by the App Control policy but that you want to allow. -2. Review the **CodeIntegrity - Operational** and **AppLocker - MSI and Script** event logs to confirm events, like those shown in Figure 1, are generated related to the application. For information about the types of events you should see, refer to [Understanding Application Control events](../operations/event-id-explanations.md). +2. Review the **CodeIntegrity - Operational** and **AppLocker - MSI and Script** event logs to confirm events, like those shown in Figure 1, are generated related to the application. For information about the types of events you should see, refer to [Understanding App Control events](../operations/event-id-explanations.md). **Figure 1. Exceptions to the deployed App Control policy** ![Event showing exception to App Control policy.](../images/dg-fig23-exceptionstocode.png) diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md index 2cdc475a62..41a77beb33 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/enforce-appcontrol-policies.md @@ -18,7 +18,7 @@ You should now have one or more App Control for Business policies broadly deploy ## Convert App Control **base** policy from audit to enforced -As described in [common App Control for Business deployment scenarios](../design/common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. +As described in [common App Control for Business deployment scenarios](../design/common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of App Control to prevent unwanted or unauthorized applications from running on their managed devices. **Alice Pena** is the IT team lead responsible for Lamna's App Control rollout. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md index c0f8a3ac86..73bbde562c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-design-guide.md @@ -10,16 +10,16 @@ ms.date: 09/11/2024 [!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -This guide covers design and planning for App Control for Business. It's intended to help security architects, security administrators, and system administrators create a plan that addresses specific application control requirements for different departments or business groups within an organization. +This guide covers design and planning for App Control for Business. It's intended to help security architects, security administrators, and system administrators create a plan that addresses specific App Control requirements for different departments or business groups within an organization. ## Plan for success -A common refrain you may hear about application control is that it is "too hard." While it's true that application control isn't as simple as flipping a switch, organizations can be successful, if they're methodical when carefully planning their approach. In reality, the issues that lead to failure with application control often arise from business issues rather than technology challenges. Organizations that have successfully deployed application control have ensured the following before starting their planning: +A common refrain you may hear about App Control is that it is "too hard." While it's true that App Control isn't as simple as flipping a switch, organizations can be successful, if they're methodical when carefully planning their approach. In reality, the issues that lead to failure with App Control often arise from business issues rather than technology challenges. Organizations that have successfully deployed App Control have ensured the following before starting their planning: - Executive sponsorship and organizational buy-in is in place. -- There's a clear **business** objective for using application control, and it's not being planned as a purely technical problem from IT. +- There's a clear **business** objective for using App Control, and it's not being planned as a purely technical problem from IT. - The organization has a plan to handle potential helpdesk support requests for users who are blocked from running some apps. -- The organization has considered where application control can be most useful (for example, securing sensitive workloads or business functions) and also where it may be difficult to achieve (for example, developer workstations). +- The organization has considered where App Control can be most useful (for example, securing sensitive workloads or business functions) and also where it may be difficult to achieve (for example, developer workstations). Once these business factors are in place, you're ready to begin planning your App Control for Business deployment. The following topics can help guide you through your planning process. @@ -28,8 +28,8 @@ Once these business factors are in place, you're ready to begin planning your Ap | Topic | Description | | - | - | | [Plan for App Control policy management](plan-appcontrol-management.md) | This topic describes the decisions you need to make to establish the processes for managing and maintaining App Control policies. | -| [Understand App Control policy design decisions](understand-appcontrol-policy-design-decisions.md) | This topic lists the design questions, possible answers, and ramifications of the decisions, when you plan a deployment of application control policies. | -| [Understand App Control policy rules and file rules](select-types-of-rules-to-create.md) | This topic lists resources you can use when selecting your application control policy rules by using App Control. | +| [Understand App Control policy design decisions](understand-appcontrol-policy-design-decisions.md) | This topic lists the design questions, possible answers, and ramifications of the decisions, when you plan a deployment of App Control policies. | +| [Understand App Control policy rules and file rules](select-types-of-rules-to-create.md) | This topic lists resources you can use when selecting your policy rules by using App Control. | | [Policy creation for common App Control usage scenarios](common-appcontrol-use-cases.md) | This set of topics outlines common use case scenarios, and helps you begin to develop a plan for deploying App Control in your organization. | | [Policy creation using the App Control Wizard tool](appcontrol-wizard.md) | This set of topics describes how to use the App Control Wizard desktop app to easily create, edit, and merge App Control policies. | diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md index 047765f59e..5de28ef21c 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-base-policy.md @@ -1,6 +1,6 @@ --- title: App Control for Business Wizard Base Policy Creation -description: Creating new base application control policies with the Microsoft Windows Defender Application (App Control) Wizard. +description: Creating new base App Control policies with the App Control Wizard. ms.localizationpriority: medium ms.topic: conceptual ms.date: 09/11/2024 @@ -10,7 +10,7 @@ ms.date: 09/11/2024 [!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -When creating policies for use with App Control for Business, it's recommended to start with a template policy, and then add or remove rules to suit your application control scenario. For this reason, the App Control Wizard offers three template policies to start from and customize during the base policy creation workflow. Prerequisite information about application control can be accessed through the [App Control design guide](appcontrol-design-guide.md). This page outlines the steps to create a new application control policy from a template, configure the policy options, and the signer and file rules. +When creating policies for use with App Control for Business, it's recommended to start with a template policy, and then add or remove rules to suit your App Control scenario. For this reason, the App Control Wizard offers three template policies to start from and customize during the base policy creation workflow. Prerequisite information about App Control can be accessed through the [App Control design guide](appcontrol-design-guide.md). This page outlines the steps to create a new App Control policy from a template, configure the policy options, and the signer and file rules. ## Template Base Policies @@ -28,7 +28,7 @@ More information about the Default Windows Mode and Allow Microsoft Mode policie ![Selecting a base template for the policy.](../images/appcontrol-wizard-template-selection.png) -Once the base template is selected, give the policy a name and choose where to save the application control policy on disk. +Once the base template is selected, give the policy a name and choose where to save the App Control policy on disk. ## Configuring Policy Rules @@ -74,7 +74,7 @@ Selecting the **+ Advanced Options** label shows another column of policy rules, ## Creating custom file rules -[File rules](select-types-of-rules-to-create.md#app-control-for-business-file-rule-levels) in an application control policy specify the level at which applications are identified and trusted. File rules are the main mechanism for defining trust in the application control policy. Selecting **+ Custom Rules** opens the custom file rule conditions panel to create custom file rules for your policy. The Wizard supports four types of file rules: +[File rules](select-types-of-rules-to-create.md#app-control-for-business-file-rule-levels) in an App Control policy specify the level at which applications are identified and trusted. File rules are the main mechanism for defining trust in the App Control policy. Selecting **+ Custom Rules** opens the custom file rule conditions panel to create custom file rules for your policy. The Wizard supports four types of file rules: ### Publisher Rules diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md index c9c5d9e5dd..03c7231e74 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md @@ -1,6 +1,6 @@ --- title: App Control for Business Wizard Supplemental Policy Creation -description: Creating supplemental application control policies with the App Control Wizard. +description: Creating supplemental App Control policies with the App Control Wizard. ms.localizationpriority: medium ms.topic: conceptual ms.date: 09/11/2024 @@ -12,7 +12,7 @@ ms.date: 09/11/2024 Beginning in Windows 10 version 1903, App Control for Business supports the creation of multiple active policies on a device. One or more supplemental policies allow customers to expand a [App Control base policy](appcontrol-wizard-create-base-policy.md) to increase the circle of trust of the policy. A supplemental policy can expand only one base policy, but multiple supplementals can expand the same base policy. When supplemental policies are used, applications allowed by the base or any of its supplemental policies are allowed to run. -Prerequisite information about application control can be accessed through the [App Control design guide](appcontrol-design-guide.md). This page outlines the steps to create a supplemental application control policy, configure the policy options, and the signer and file rules. +Prerequisite information about App Control can be accessed through the [App Control design guide](appcontrol-design-guide.md). This page outlines the steps to create a supplemental App Control policy, configure the policy options, and the signer and file rules. ## Expanding a Base Policy @@ -48,7 +48,7 @@ Supplemental policies can only configure three policy rules. The following table ## Creating custom file rules -File rules in an application control policy specify the level at which applications are identified and trusted. File rules are the main mechanism for defining trust in the application control policy. Selecting **+ Custom Rules** opens the custom file rule conditions panel to create and customize targeted file rules for your policy. The Wizard supports four types of file rules: +File rules in an App Control policy specify the level at which applications are identified and trusted. File rules are the main mechanism for defining trust in the App Control policy. Selecting **+ Custom Rules** opens the custom file rule conditions panel to create and customize targeted file rules for your policy. The Wizard supports four types of file rules: ### Publisher Rules diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md index 552575d966..a7099a7c32 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md @@ -1,6 +1,6 @@ --- title: App Control for Business Wizard Policy Merging Operation -description: Merging multiple policies into a single application control policy with the Microsoft App Control Wizard. +description: Merging multiple policies into a single App Control policy with the App Control Wizard. ms.localizationpriority: medium ms.topic: conceptual ms.date: 09/11/2024 diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md index 98e2dce79c..823095e953 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard.md @@ -1,6 +1,6 @@ --- title: App Control for Business Wizard -description: The App Control for Business policy wizard tool allows you to create, edit, and merge application control policies in a simple to use Windows application. +description: The App Control for Business policy wizard tool allows you to create, edit, and merge App Control policies in a simple to use Windows application. ms.localizationpriority: medium ms.topic: conceptual ms.date: 09/11/2024 @@ -10,7 +10,7 @@ ms.date: 09/11/2024 [!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -The App Control for Business policy wizard is an open-source Windows desktop application written in C# and bundled as an MSIX package. It was built to provide security architects with security, and system administrators with a more user-friendly means to create, edit, and merge Application Control policies. This tool uses the [ConfigCI PowerShell cmdlets](/powershell/module/configci) in the backend so the output policy of the tool and PowerShell cmdlets is identical. +The App Control for Business policy wizard is an open-source Windows desktop application written in C# and bundled as an MSIX package. It was built to provide security architects with security, and system administrators with a more user-friendly means to create, edit, and merge App Control policies. This tool uses the [ConfigCI PowerShell cmdlets](/powershell/module/configci) in the backend so the output policy of the tool and PowerShell cmdlets is identical. ## Downloading the application @@ -18,7 +18,7 @@ Download the tool from the official [App Control for Business Policy Wizard webs ### Supported clients -As the tool uses the cmdlets in the background, it's functional on clients only where the cmdlets are supported. For more information, see [Application Control feature availability](../feature-availability.md). Specifically, the tool verifies that the client meets one of the following requirements: +As the tool uses the cmdlets in the background, it's functional on clients only where the cmdlets are supported. For more information, see [App Control feature availability](../feature-availability.md). Specifically, the tool verifies that the client meets one of the following requirements: - Windows 10, version 1909 or later - For pre-1909 builds, the Enterprise SKU of Windows is installed @@ -32,4 +32,4 @@ If neither requirement is satisfied, it throws an error as the cmdlets aren't av | [Creating a new base policy](appcontrol-wizard-create-base-policy.md) | This article describes how to create a new base policy using one of the supplied policy templates. | | [Creating a new supplemental policy](appcontrol-wizard-create-supplemental-policy.md) | This article describes the steps necessary to create a supplemental policy, from one of the supplied templates, for an existing base policy. | | [Editing a base or supplemental policy](appcontrol-wizard-editing-policy.md) | This article demonstrates how to modify an existing policy and the tool's editing capabilities. | -| [Merging policies](appcontrol-wizard-merging-policies.md) | This article describes how to merge policies into a single application control policy. | +| [Merging policies](appcontrol-wizard-merging-policies.md) | This article describes how to merge policies into a single App Control policy. | diff --git a/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md index 4c1fa978de..23d40c8440 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md @@ -87,7 +87,7 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you > [!NOTE] > This application list will be updated with the latest vendor information as application vulnerabilities are resolved and new issues are discovered. -Certain software applications may allow other code to run by design. Unless these applications are business critical, you should block them in your App Control policy. In addition, when an application version is upgraded to fix a security vulnerability or potential App Control bypass, add *deny* rules to your application control policies for that application's previous, less secure versions. +Certain software applications may allow other code to run by design. Unless these applications are business critical, you should block them in your App Control policy. In addition, when an application version is upgraded to fix a security vulnerability or potential App Control bypass, add *deny* rules to your App Control policies for that application's previous, less secure versions. Microsoft recommends that you install the latest security updates. For example, updates help resolve several issues in PowerShell modules that allowed an attacker to bypass App Control. These modules can be blocked by their corresponding hashes. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md b/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md index 47518989bc..4ba40200b3 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/common-appcontrol-use-cases.md @@ -29,7 +29,7 @@ Lamna Healthcare Company (Lamna) is a large healthcare provider operating in the Lamna uses [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) in hybrid mode with both Configuration Manager and Intune. Although they use Microsoft Intune to deploy many applications, Lamna has always had relaxed application usage practices: individual teams and employees have been able to install and use any applications they deem necessary for their role on their own workstations. Lamna also recently started to use [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) for better endpoint detection and response. -Recently, Lamna experienced a ransomware event that required an expensive recovery process and may have included data exfiltration by the unknown attacker. Part of the attack included installing and running malicious binaries that evaded detection by Lamna's antivirus solution but would have been blocked by an application control policy. In response, Lamna's executive board has authorized many new security IT responses, including tightening policies for application use and introducing application control. +Recently, Lamna experienced a ransomware event that required an expensive recovery process and may have included data exfiltration by the unknown attacker. Part of the attack included installing and running malicious binaries that evaded detection by Lamna's antivirus solution but would have been blocked by an App Control policy. In response, Lamna's executive board has authorized many new security IT responses, including tightening policies for application use and introducing App Control. ## Up next diff --git a/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md index 481ca558a2..4e7dac4f2e 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/configure-authorized-apps-deployed-with-a-managed-installer.md @@ -10,7 +10,7 @@ ms.topic: how-to [!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -App Control for Business includes an option called **managed installer** that helps balance security and manageability when enforcing application control policies. This option lets you automatically allow applications installed by a designated software distribution solution, such as Microsoft Configuration Manager (MEMCM) or Microsoft Intune. +App Control for Business includes an option called **managed installer** that helps balance security and manageability when enforcing App Control policies. This option lets you automatically allow applications installed by a designated software distribution solution, such as Microsoft Configuration Manager (MEMCM) or Microsoft Intune. ## How does a managed installer work? @@ -30,7 +30,7 @@ Some application installers may automatically run the application at the end of ## Known limitations with managed installer -- Application control, based on managed installer, doesn't support applications that self-update. If an application that was deployed by a managed installer later updates itself, the updated application files won't include the origin information from the managed installer, and they might not be able to run. When you rely on managed installers, you must deploy and install all application updates by using a managed installer, or include rules to authorize the app in the App Control policy. In some cases, it may be possible to also designate an application binary that performs self-updates as a managed installer. Proper review for functionality and security should be performed for the application before using this method. +- App Control, based on managed installer, doesn't support applications that self-update. If an application that was deployed by a managed installer later updates itself, the updated application files won't include the origin information from the managed installer, and they might not be able to run. When you rely on managed installers, you must deploy and install all application updates by using a managed installer, or include rules to authorize the app in the App Control policy. In some cases, it may be possible to also designate an application binary that performs self-updates as a managed installer. Proper review for functionality and security should be performed for the application before using this method. - Some applications or installers may extract, download, or generate binaries and immediately attempt to run them. Files run by such a process may not be allowed by the managed installer heuristic. In some cases, it may be possible to also designate an application binary that performs such an operation as a managed installer. Proper review for functionality and security should be performed for the application before using this method. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md index 7d072cd15c..978a986c90 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md @@ -15,7 +15,7 @@ This section outlines the process to create an App Control for Business policy f > [!NOTE] > Some of the App Control for Business options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's App Control policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs. -As described in [common App Control for Business deployment scenarios](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. +As described in [common App Control for Business deployment scenarios](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of App Control to prevent unwanted or unauthorized applications from running on their managed devices. **Alice Pena** is the IT team lead tasked with the rollout of App Control. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md index 462985011f..b7c6837954 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-lightly-managed-devices.md @@ -10,14 +10,14 @@ ms.date: 09/11/2024 [!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -This section outlines the process to create an App Control for Business policy for **lightly managed devices** within an organization. Typically, organizations that are new to application control will be most successful if they start with a permissive policy like the one described in this article. Organizations can choose to harden the policy over time to achieve a stronger overall security posture on their App Control-managed devices as described in later articles. +This section outlines the process to create an App Control for Business policy for **lightly managed devices** within an organization. Typically, organizations that are new to App Control will be most successful if they start with a permissive policy like the one described in this article. Organizations can choose to harden the policy over time to achieve a stronger overall security posture on their App Control-managed devices as described in later articles. > [!NOTE] > Some of the App Control for Business options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's App Control policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs. -As in [App Control for Business deployment in different scenarios: types of devices](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. +As in [App Control for Business deployment in different scenarios: types of devices](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of App Control to prevent unwanted or unauthorized applications from running on their managed devices. -**Alice Pena** is the IT team lead tasked with the rollout of App Control. Lamna currently has loose application usage policies and a culture of maximum app flexibility for users. So, Alice knows she'll need to take an incremental approach to application control and use different policies for different workloads. +**Alice Pena** is the IT team lead tasked with the rollout of App Control. Lamna currently has loose application usage policies and a culture of maximum app flexibility for users. So, Alice knows she'll need to take an incremental approach to App Control and use different policies for different workloads. For most users and devices, Alice wants to create an initial policy that is as relaxed as possible in order to minimize user productivity impact, while still providing security value. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md index aabf7e392f..0b066ce364 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-using-reference-computer.md @@ -15,7 +15,7 @@ This section outlines the process to create an App Control for Business policy * > [!NOTE] > Some of the App Control for Business options described in this topic are only available on Windows 10 version 1903 and above, or Windows 11. When using this topic to plan your own organization's App Control policies, consider whether your managed clients can use all or some of these features and assess the impact for any features that may be unavailable on your clients. You may need to adapt this guidance to meet your specific organization's needs. -As described in [common App Control for Business deployment scenarios](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of application control to prevent unwanted or unauthorized applications from running on their managed devices. +As described in [common App Control for Business deployment scenarios](common-appcontrol-use-cases.md), we'll use the example of **Lamna Healthcare Company (Lamna)** to illustrate this scenario. Lamna is attempting to adopt stronger application policies, including the use of App Control to prevent unwanted or unauthorized applications from running on their managed devices. **Alice Pena** is the IT team lead tasked with the rollout of App Control. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md index c9bf48a7fe..ce393a2e65 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/manage-packaged-apps-with-appcontrol.md @@ -10,11 +10,11 @@ ms.topic: how-to [!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -This article for IT professionals describes concepts and lists procedures to help you manage packaged apps with App Control for Business as part of your overall application control strategy. +This article for IT professionals describes concepts and lists procedures to help you manage packaged apps with App Control for Business as part of your overall App Control strategy. ## Comparing classic Windows Apps and Packaged Apps -The biggest challenge in adopting application control is the lack of a strong app identity for classic Windows apps, also known as win32 apps. A typical win32 app consists of multiple components, including the installer that is used to install the app, and one or more exes, dlls, or scripts. An app can consist of hundreds or even thousands of individual binaries that work together to deliver the functionality that your users understand as the app. Some of that code may be signed by the software publisher, some may be signed by other companies, and some of it may not be signed at all. Much of the code may be written to disk by a common set of installers, but some may already be installed and some downloaded on demand. Some of the binaries have common resource header metadata, such as product name and product version, but other files won't share that information. So while you want to be able to express rules like "allow app Foo", that isn't something Windows inherently understands for classic Windows apps. Instead, you may have to create many App Control rules to allow all the files that comprise the app. +The biggest challenge in adopting App Control is the lack of a strong app identity for classic Windows apps, also known as win32 apps. A typical win32 app consists of multiple components, including the installer that is used to install the app, and one or more exes, dlls, or scripts. An app can consist of hundreds or even thousands of individual binaries that work together to deliver the functionality that your users understand as the app. Some of that code may be signed by the software publisher, some may be signed by other companies, and some of it may not be signed at all. Much of the code may be written to disk by a common set of installers, but some may already be installed and some downloaded on demand. Some of the binaries have common resource header metadata, such as product name and product version, but other files won't share that information. So while you want to be able to express rules like "allow app Foo", that isn't something Windows inherently understands for classic Windows apps. Instead, you may have to create many App Control rules to allow all the files that comprise the app. Packaged apps on the other hand, also known as [MSIX](/windows/msix/overview), ensure that all the files that make up an app share the same identity and have a common signature. Therefore, with packaged apps, it's possible to control the entire app with a single App Control rule. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md b/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md index 80d643ea68..ff41a98da8 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/plan-appcontrol-management.md @@ -14,7 +14,7 @@ This article describes the decisions you need to make to establish the processes ## Policy XML lifecycle management -The first step in implementing application control is to consider how your policies will be managed and maintained over time. Developing a process for managing App Control for Business policies helps ensure that App Control continues to effectively control how applications are allowed to run in your organization. +The first step in implementing App Control is to consider how your policies will be managed and maintained over time. Developing a process for managing App Control for Business policies helps ensure that App Control continues to effectively control how applications are allowed to run in your organization. Most App Control for Business policies will evolve over time and proceed through a set of identifiable phases during their lifetime. Typically, these phases include: @@ -68,9 +68,9 @@ Considerations include: If your organization has an established help desk support department in place, consider the following points when deploying App Control for Business policies: - What documentation does your support department require for new policy deployments? -- What are the critical processes in each business group both in work flow and timing that will be affected by application control policies and how could they affect your support department's workload? +- What are the critical processes in each business group both in work flow and timing that will be affected by App Control policies and how could they affect your support department's workload? - Who are the contacts in the support department? -- How will the support department resolve application control issues between the end user and those resources who maintain the App Control for Business rules? +- How will the support department resolve App Control issues between the end user and those resources who maintain the App Control for Business rules? ### End-user support diff --git a/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md b/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md index 69698bb2b3..16b4739600 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/script-enforcement.md @@ -20,7 +20,7 @@ By default, script enforcement is enabled for all App Control policies unless th Validation for signed scripts is done using the [WinVerifyTrust API](/windows/win32/api/wintrust/nf-wintrust-winverifytrust). To pass validation, the signature root must be present in the trusted root store on the device and your App Control policy must allow it. This behavior is different from App Control validation for executable files, which doesn't require installation of the root certificate. -App Control shares the *AppLocker - MSI and Script* event log for all script enforcement events. Whenever a script host asks App Control if a script should be allowed, an event is logged with the answer App Control returned to the script host. For more information on App Control script enforcement events, see [Understanding Application Control events](../operations/event-id-explanations.md#app-control-block-events-for-packaged-apps-msi-installers-scripts-and-com-objects). +App Control shares the *AppLocker - MSI and Script* event log for all script enforcement events. Whenever a script host asks App Control if a script should be allowed, an event is logged with the answer App Control returned to the script host. For more information on App Control script enforcement events, see [Understanding App Control events](../operations/event-id-explanations.md#app-control-block-events-for-packaged-apps-msi-installers-scripts-and-com-objects). > [!NOTE] > When a script runs that is not allowed by policy, App Control raises an event indicating that the script was "blocked." However, the actual script enforcement behavior is handled by the script host and may not actually completely block the file from running. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md b/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md index 823efa79de..f808763724 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/understand-appcontrol-policy-design-decisions.md @@ -10,11 +10,11 @@ ms.topic: conceptual [!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -This article is for the IT professional. It lists the design questions, possible answers, and ramifications for decisions made, when planning application control policies deployment using App Control for Business, within a Windows operating system environment. +This article is for the IT professional. It lists the design questions, possible answers, and ramifications for decisions made, when planning App Control policies deployment using App Control for Business, within a Windows operating system environment. -When you begin the design and planning process, you should consider the ramifications of your design choices. The resulting decisions will affect your policy deployment scheme and subsequent application control policy maintenance. +When you begin the design and planning process, you should consider the ramifications of your design choices. The resulting decisions will affect your policy deployment scheme and subsequent App Control policy maintenance. -You should consider using App Control for Business as part of your organization's application control policies if the following are true: +You should consider using App Control for Business as part of your organization's App Control policies if the following are true: - You have deployed or plan to deploy the supported versions of Windows in your organization. - You need improved control over the access to your organization's applications and the data your users access. @@ -43,7 +43,7 @@ Organizations with well-defined, centrally managed app management and deployment | Possible answers | Design considerations| | - | - | -| All apps are centrally managed and deployed using endpoint management tools like [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager). | Organizations that centrally manage all apps are best-suited for application control. App Control for Business options like [managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) can make it easy to authorize apps that are deployed by the organization's app distribution management solution. | +| All apps are centrally managed and deployed using endpoint management tools like [Microsoft Intune](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager). | Organizations that centrally manage all apps are best-suited for App Control. App Control for Business options like [managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md) can make it easy to authorize apps that are deployed by the organization's app distribution management solution. | | Some apps are centrally managed and deployed, but teams can install other apps for their members. | [Supplemental policies](deploy-multiple-appcontrol-policies.md) can be used to allow team-specific exceptions to your core organization-wide App Control for Business policy. Alternatively, teams can use managed installers to install their team-specific apps, or admin-only file path rules can be used to allow apps installed by admin users. | | Users and teams are free to download and install apps but the organization wants to restrict that right to prevalent and reputable apps only. | App Control for Business can integrate with Microsoft's [Intelligent Security Graph](use-appcontrol-with-intelligent-security-graph.md) (the same source of intelligence that powers Microsoft Defender Antivirus and Windows Defender SmartScreen) to allow only apps and binaries that have positive reputation. | | Users and teams are free to download and install apps without restriction. | App Control for Business policies can be deployed in audit mode to gain insight into the apps and binaries running in your organization without impacting user and team productivity.| @@ -57,9 +57,9 @@ Traditional Win32 apps on Windows can run without being digitally signed. This p | All apps used in your organization must be signed. | Organizations that enforce [codesigning](../deployment/use-code-signing-for-better-control-and-protection.md) for all executable code are best-positioned to protect their Windows computers from malicious code execution. App Control for Business rules can be created to authorize apps and binaries from the organization's internal development teams and from trusted independent software vendors (ISV). | | Apps used in your organization don't need to meet any codesigning requirements. | Organizations can [use built-in Windows tools](../deployment/deploy-catalog-files-to-support-appcontrol.md) to add organization-specific App Catalog signatures to existing apps as a part of the app deployment process, which can be used to authorize code execution. Solutions like Microsoft Intune offer multiple ways to distribute signed App Catalogs. | -### Are there specific groups in your organization that need customized application control policies? +### Are there specific groups in your organization that need customized App Control policies? -Most business teams or departments have specific security requirements that pertain to data access and the applications used to access that data. Consider the scope of the project for each group and the group's priorities before you deploy application control policies for the entire organization. There's overhead in managing policies that might lead you to choose between broad, organization-wide policies and multiple team-specific policies. +Most business teams or departments have specific security requirements that pertain to data access and the applications used to access that data. Consider the scope of the project for each group and the group's priorities before you deploy App Control policies for the entire organization. There's overhead in managing policies that might lead you to choose between broad, organization-wide policies and multiple team-specific policies. | Possible answers | Design considerations | | - | - | @@ -72,7 +72,7 @@ The time and resources that are available to you to perform the research and ana | Possible answers | Design considerations | | - | - | -| Yes | Invest the time to analyze your organization's application control requirements, and plan a complete deployment that uses rules that are constructed as possible.| +| Yes | Invest the time to analyze your organization's App Control requirements, and plan a complete deployment that uses rules that are constructed as possible.| | No | Consider a focused and phased deployment for specific groups by using few rules. As you apply controls to applications in a specific group, learn from that deployment to plan your next deployment. Alternatively, you can create a policy with a broad trust profile to authorize as many apps as possible. | ### Does your organization have Help Desk support? diff --git a/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md index a7acc2735e..14ebfd9259 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/use-appcontrol-with-intelligent-security-graph.md @@ -10,9 +10,9 @@ ms.topic: how-to [!INCLUDE [Feature availability note](../includes/feature-availability-note.md)] -Application control can be difficult to implement in organizations that don't deploy and manage applications through an IT-managed system. In such environments, users can acquire the applications they want to use for work, making it hard to build an effective application control policy. +App Control can be difficult to implement in organizations that don't deploy and manage applications through an IT-managed system. In such environments, users can acquire the applications they want to use for work, making it hard to build an effective App Control policy. -To reduce end-user friction and helpdesk calls, you can set App Control for Business to automatically allow applications that Microsoft's Intelligent Security Graph (ISG) recognizes as having known good reputation. The ISG option helps organizations begin to implement application control even when the organization has limited control over their app ecosystem. To learn more about the ISG, see the Security section in [Major services and features in Microsoft Graph](/graph/overview-major-services). +To reduce end-user friction and helpdesk calls, you can set App Control for Business to automatically allow applications that Microsoft's Intelligent Security Graph (ISG) recognizes as having known good reputation. The ISG option helps organizations begin to implement App Control even when the organization has limited control over their app ecosystem. To learn more about the ISG, see the Security section in [Major services and features in Microsoft Graph](/graph/overview-major-services). > [!WARNING] > Binaries that are critical to boot the system must be allowed using explicit rules in your App Control policy. Do not rely on the ISG to authorize these files. @@ -93,4 +93,4 @@ Packaged apps aren't supported with the ISG and will need to be separately autho The ISG doesn't authorize kernel mode drivers. The App Control policy must have rules that allow the necessary drivers to run. > [!NOTE] -> A rule that explicitly denies or allows a file will take precedence over that file's reputation data. Microsoft Intune's built-in App Control support includes the option to trust apps with good reputation via the ISG, but it has no option to add explicit allow or deny rules. In most cases, customers using application control will need to deploy a custom App Control policy (which can include the ISG option if desired) using [Intune's OMA-URI functionality](../deployment/deploy-appcontrol-policies-using-intune.md#deploy-app-control-policies-with-custom-oma-uri). +> A rule that explicitly denies or allows a file will take precedence over that file's reputation data. Microsoft Intune's built-in App Control support includes the option to trust apps with good reputation via the ISG, but it has no option to add explicit allow or deny rules. In most cases, customers using App Control will need to deploy a custom App Control policy (which can include the ISG option if desired) using [Intune's OMA-URI functionality](../deployment/deploy-appcontrol-policies-using-intune.md#deploy-app-control-policies-with-custom-oma-uri). diff --git a/windows/security/application-security/application-control/app-control-for-business/index.yml b/windows/security/application-security/application-control/app-control-for-business/index.yml index c9c90173d3..576efefff8 100644 --- a/windows/security/application-security/application-control/app-control-for-business/index.yml +++ b/windows/security/application-security/application-control/app-control-for-business/index.yml @@ -29,7 +29,7 @@ landingContent: linkLists: - linkListType: overview links: - - text: Using code signing to simplify application control + - text: Using code signing to simplify app control url: deployment/use-code-signing-for-better-control-and-protection.md - text: Applications that can bypass App Control and how to block them url: design/applications-that-can-bypass-appcontrol.md diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md index 15621fd0ff..755488b5a3 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/appcontrol-operational-guide.md @@ -17,8 +17,8 @@ You now understand how to design and deploy your App Control for Business polici | Article | Description | | - | - | | [Debugging and troubleshooting](appcontrol-debugging-and-troubleshooting.md) | This article explains how to debug app and script failures with App Control. | -| [Understanding Application Control event IDs](event-id-explanations.md) | This article explains the meaning of different App Control event IDs. | -| [Understanding Application Control event tags](event-tag-explanations.md) | This article explains the meaning of different App Control event tags. | +| [Understanding App Control event IDs](event-id-explanations.md) | This article explains the meaning of different App Control event IDs. | +| [Understanding App Control event tags](event-tag-explanations.md) | This article explains the meaning of different App Control event tags. | | [Query App Control events with Advanced hunting](querying-application-control-events-centrally-using-advanced-hunting.md) | This article covers how to view App Control events centrally from all systems that are connected to Microsoft Defender for Endpoint. | | [Admin Tips & Known Issues](known-issues.md) | This article describes some App Control Admin Tips & Known Issues. | | [Managed installer and ISG technical reference and troubleshooting guide](configure-appcontrol-managed-installer.md) | This article provides technical details and debugging steps for managed installer and ISG. | diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md b/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md index 05c8f6b852..d75a2df983 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/configure-appcontrol-managed-installer.md @@ -12,7 +12,7 @@ ms.topic: troubleshooting ## Enabling managed installer and Intelligent Security Graph (ISG) logging events -Refer to [Understanding Application Control Events](event-id-explanations.md#diagnostic-events-for-intelligent-security-graph-isg-and-managed-installer-mi) for information on enabling optional managed installer diagnostic events. +Refer to [Understanding App Control Events](event-id-explanations.md#diagnostic-events-for-intelligent-security-graph-isg-and-managed-installer-mi) for information on enabling optional managed installer diagnostic events. ## Using fsutil to query extended attributes for Managed Installer (MI) diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md b/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md index 862bf39d1a..ceaac2953b 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations.md @@ -1,12 +1,12 @@ --- -title: Understanding Application Control event IDs +title: Understanding App Control event IDs description: Learn what different App Control for Business event IDs signify. ms.localizationpriority: medium ms.date: 09/11/2024 ms.topic: reference --- -# Understanding Application Control events +# Understanding App Control events ## App Control Events Overview @@ -16,10 +16,10 @@ App Control logs events when a policy is loaded, when a file is blocked, or when App Control events are generated under two locations in the Windows Event Viewer: -- **Applications and Services logs - Microsoft - Windows - CodeIntegrity - Operational** includes events about Application Control policy activation and the control of executables, dlls, and drivers. +- **Applications and Services logs - Microsoft - Windows - CodeIntegrity - Operational** includes events about App Control policy activation and the control of executables, dlls, and drivers. - **Applications and Services logs - Microsoft - Windows - AppLocker - MSI and Script** includes events about the control of MSI installers, scripts, and COM objects. -Most app and script failures that occur when App Control is active can be diagnosed using these two event logs. This article describes in greater detail the events that exist in these logs. To understand the meaning of different data elements, or tags, found in the details of these events, see [Understanding Application Control event tags](event-tag-explanations.md). +Most app and script failures that occur when App Control is active can be diagnosed using these two event logs. This article describes in greater detail the events that exist in these logs. To understand the meaning of different data elements, or tags, found in the details of these events, see [Understanding App Control event tags](event-tag-explanations.md). > [!NOTE] > **Applications and Services logs - Microsoft - Windows - AppLocker - MSI and Script** events are not included on Windows Server Core edition. @@ -30,12 +30,12 @@ These events are found in the **CodeIntegrity - Operational** event log. | Event ID | Explanation | |--------|-----------| -| 3004 | This event isn't common and may occur with or without an Application Control policy present. It typically indicates a kernel driver tried to load with an invalid signature. For example, the file may not be WHQL-signed on a system where WHQL is required.

          This event is also seen for kernel- or user-mode code that the developer opted-in to [/INTEGRITYCHECK](/cpp/build/reference/integritycheck-require-signature-check) but isn't signed correctly. | -| 3033 | This event may occur with or without an Application Control policy present and should occur alongside a 3077 event if caused by App Control policy. It often means the file's signature is revoked or a signature with the Lifetime Signing EKU has expired. Presence of the Lifetime Signing EKU is the only case where App Control blocks files due to an expired signature. Try using option `20 Enabled:Revoked Expired As Unsigned` in your policy along with a rule (for example, hash) that doesn't rely on the revoked or expired cert.

          This event also occurs if code compiled with [Code Integrity Guard (CIG)](/microsoft-365/security/defender-endpoint/exploit-protection-reference#code-integrity-guard) tries to load other code that doesn't meet the CIG requirements. | +| 3004 | This event isn't common and may occur with or without an App Control policy present. It typically indicates a kernel driver tried to load with an invalid signature. For example, the file may not be WHQL-signed on a system where WHQL is required.

          This event is also seen for kernel- or user-mode code that the developer opted-in to [/INTEGRITYCHECK](/cpp/build/reference/integritycheck-require-signature-check) but isn't signed correctly. | +| 3033 | This event may occur with or without an App Control policy present and should occur alongside a 3077 event if caused by App Control policy. It often means the file's signature is revoked or a signature with the Lifetime Signing EKU has expired. Presence of the Lifetime Signing EKU is the only case where App Control blocks files due to an expired signature. Try using option `20 Enabled:Revoked Expired As Unsigned` in your policy along with a rule (for example, hash) that doesn't rely on the revoked or expired cert.

          This event also occurs if code compiled with [Code Integrity Guard (CIG)](/microsoft-365/security/defender-endpoint/exploit-protection-reference#code-integrity-guard) tries to load other code that doesn't meet the CIG requirements. | | 3034 | This event isn't common. It's the audit mode equivalent of event 3033. | -| 3076 | This event is the main Application Control block event for audit mode policies. It indicates that the file would have been blocked if the policy was enforced. | -| 3077 | This event is the main Application Control block event for enforced policies. It indicates that the file didn't pass your policy and was blocked. | -| 3089 | This event contains signature information for files that were blocked or audit blocked by Application Control. One of these events is created for each signature of a file. Each event shows the total number of signatures found and an index value to identify the current signature. Unsigned files generate a single one of these events with TotalSignatureCount of 0. These events are correlated with 3004, 3033, 3034, 3076 and 3077 events. You can match the events using the `Correlation ActivityID` found in the **System** portion of the event. | +| 3076 | This event is the main App Control block event for audit mode policies. It indicates that the file would have been blocked if the policy was enforced. | +| 3077 | This event is the main App Control block event for enforced policies. It indicates that the file didn't pass your policy and was blocked. | +| 3089 | This event contains signature information for files that were blocked or audit blocked by App Control. One of these events is created for each signature of a file. Each event shows the total number of signatures found and an index value to identify the current signature. Unsigned files generate a single one of these events with TotalSignatureCount of 0. These events are correlated with 3004, 3033, 3034, 3076 and 3077 events. You can match the events using the `Correlation ActivityID` found in the **System** portion of the event. | ## App Control block events for packaged apps, MSI installers, scripts, and COM objects @@ -43,7 +43,7 @@ These events are found in the **AppLocker - MSI and Script** event log. | Event ID | Explanation | |--------|-----------| -| 8028 | This event indicates that a script host, such as PowerShell, queried Application Control about a file the script host was about to run. Since the policy was in audit mode, the script or MSI file should have run, but wouldn't have passed the App Control policy if it was enforced. Some script hosts may have additional information in their logs. Note: Most third-party script hosts don't integrate with Application Control. Consider the risks from unverified scripts when choosing which script hosts you allow to run. | +| 8028 | This event indicates that a script host, such as PowerShell, queried App Control about a file the script host was about to run. Since the policy was in audit mode, the script or MSI file should have run, but wouldn't have passed the App Control policy if it was enforced. Some script hosts may have additional information in their logs. Note: Most third-party script hosts don't integrate with App Control. Consider the risks from unverified scripts when choosing which script hosts you allow to run. | | 8029 | This event is the enforcement mode equivalent of event 8028. Note: While this event says that a script was blocked, the script hosts control the actual script enforcement behavior. The script host may allow the file to run with restrictions and not block the file outright. For example, PowerShell runs script not allowed by your App Control policy in [Constrained Language Mode](/powershell/module/microsoft.powershell.core/about/about_language_modes). | | 8036| COM object was blocked. To learn more about COM object authorization, see [Allow COM object registration in an App Control for Business policy](../design/allow-com-object-registration-in-appcontrol-policy.md). | | 8037 | This event indicates that a script host checked whether to allow a script to run, and the file passed the App Control policy. | @@ -57,15 +57,15 @@ These events are found in the **CodeIntegrity - Operational** event log. | Event ID | Explanation | |--------|-----------| -| 3095 | The Application Control policy can't be refreshed and must be rebooted instead. | -| 3096 | The Application Control policy wasn't refreshed since it's already up-to-date. This event's Details includes useful information about the policy, such as its policy options. | -| 3097 | The Application Control policy can't be refreshed. | -| 3099 | Indicates that a policy has been loaded. This event's Details includes useful information about the Application Control policy, such as its policy options. | -| 3100 | The application control policy was refreshed but was unsuccessfully activated. Retry. | -| 3101 | Application Control policy refresh started for *N* policies. | -| 3102 | Application Control policy refresh finished for *N* policies. | -| 3103 | The system is ignoring the Application Control policy refresh. For example, an inbox Windows policy that doesn't meet the conditions for activation. | -| 3105 | The system is attempting to refresh the Application Control policy with the specified ID. | +| 3095 | The App Control policy can't be refreshed and must be rebooted instead. | +| 3096 | The App Control policy wasn't refreshed since it's already up-to-date. This event's Details includes useful information about the policy, such as its policy options. | +| 3097 | The App Control policy can't be refreshed. | +| 3099 | Indicates that a policy has been loaded. This event's Details includes useful information about the App Control policy, such as its policy options. | +| 3100 | The App Control policy was refreshed but was unsuccessfully activated. Retry. | +| 3101 | App Control policy refresh started for *N* policies. | +| 3102 | App Control policy refresh finished for *N* policies. | +| 3103 | The system is ignoring the App Control policy refresh. For example, an inbox Windows policy that doesn't meet the conditions for activation. | +| 3105 | The system is attempting to refresh the App Control policy with the specified ID. | ## Diagnostic events for Intelligent Security Graph (ISG) and Managed Installer (MI) @@ -79,7 +79,7 @@ Unless otherwise noted, these events are found in either the **CodeIntegrity - O | Event ID | Explanation | |--------|---------| | 3090 | *Optional* This event indicates that a file was allowed to run based purely on ISG or managed installer. | -| 3091 | This event indicates that a file didn't have ISG or managed installer authorization and the Application Control policy is in audit mode. | +| 3091 | This event indicates that a file didn't have ISG or managed installer authorization and the App Control policy is in audit mode. | | 3092 | This event is the enforcement mode equivalent of 3091. | | 8002 | This event is found in the **AppLocker - EXE and DLL** event log. When a process launches that matches a managed installer rule, this event is raised with PolicyName = MANAGEDINSTALLER found in the event Details. Events with PolicyName = EXE or DLL aren't related to App Control. | @@ -95,8 +95,8 @@ The following information is found in the details for 3090, 3091, and 3092 event | PassesManagedInstaller | Indicates whether the file originated from a MI | | SmartlockerEnabled | Indicates whether the specified policy enables ISG trust | | PassesSmartlocker | Indicates whether the file had positive reputation according to the ISG | -| AuditEnabled | True if the Application Control policy is in audit mode, otherwise it is in enforce mode | -| PolicyName | The name of the Application Control policy to which the event applies | +| AuditEnabled | True if the App Control policy is in audit mode, otherwise it is in enforce mode | +| PolicyName | The name of the App Control policy to which the event applies | ### Enabling ISG and MI diagnostic events @@ -120,42 +120,42 @@ A list of other relevant event IDs and their corresponding description. | 3010 | The catalog containing the signature for the file under validation is invalid. | | 3011 | Code Integrity finished loading the signature catalog. | | 3012 | Code Integrity started loading the signature catalog. | -| 3023 | The driver file under validation didn't meet the requirements to pass the application control policy. | -| 3024 | Windows application control was unable to refresh the boot catalog file. | +| 3023 | The driver file under validation didn't meet the requirements to pass the App Control policy. | +| 3024 | Windows App Control was unable to refresh the boot catalog file. | | 3026 | Microsoft or the certificate issuing authority revoked the certificate that signed the catalog. | | 3032 | The file under validation is revoked or the file has a signature that is revoked. -| 3033 | The file under validation didn't meet the requirements to pass the application control policy. | -| 3034 | The file under validation wouldn't meet the requirements to pass the Application Control policy if it was enforced. The file was allowed since the policy is in audit mode. | +| 3033 | The file under validation didn't meet the requirements to pass the App Control policy. | +| 3034 | The file under validation wouldn't meet the requirements to pass the App Control policy if it was enforced. The file was allowed since the policy is in audit mode. | | 3036 | Microsoft or the certificate issuing authority revoked the certificate that signed the file being validated. | -| 3064 | If the Application Control policy was enforced, a user mode DLL under validation wouldn't meet the requirements to pass the application control policy. The DLL was allowed since the policy is in audit mode. | -| 3065 | If the Application Control policy was enforced, a user mode DLL under validation wouldn't meet the requirements to pass the application control policy. | +| 3064 | If the App Control policy was enforced, a user mode DLL under validation wouldn't meet the requirements to pass the App Control policy. The DLL was allowed since the policy is in audit mode. | +| 3065 | If the App Control policy was enforced, a user mode DLL under validation wouldn't meet the requirements to pass the App Control policy. | | 3074 | Page hash failure while hypervisor-protected code integrity was enabled. | -| 3075 | This event measures the performance of the Application Control policy check during file validation. | -| 3076 | This event is the main Application Control block event for audit mode policies. It indicates that the file would have been blocked if the policy was enforced. | -| 3077 | This event is the main Application Control block event for enforced policies. It indicates that the file didn't pass your policy and was blocked. | -| 3079 | The file under validation didn't meet the requirements to pass the application control policy. | -| 3080 | If the Application Control policy was in enforced mode, the file under validation wouldn't have met the requirements to pass the application control policy. | -| 3081 | The file under validation didn't meet the requirements to pass the application control policy. | -| 3082 | If the Application Control policy was enforced, the policy would have blocked this non-WHQL driver. | +| 3075 | This event measures the performance of the App Control policy check during file validation. | +| 3076 | This event is the main App Control block event for audit mode policies. It indicates that the file would have been blocked if the policy was enforced. | +| 3077 | This event is the main App Control block event for enforced policies. It indicates that the file didn't pass your policy and was blocked. | +| 3079 | The file under validation didn't meet the requirements to pass the App Control policy. | +| 3080 | If the App Control policy was in enforced mode, the file under validation wouldn't have met the requirements to pass the App Control policy. | +| 3081 | The file under validation didn't meet the requirements to pass the App Control policy. | +| 3082 | If the App Control policy was enforced, the policy would have blocked this non-WHQL driver. | | 3084 | Code Integrity is enforcing WHQL driver signing requirements on this boot session. | | 3085 | Code Integrity isn't enforcing WHQL driver signing requirements on this boot session. | | 3086 | The file under validation doesn't meet the signing requirements for an isolated user mode (IUM) process. | -| 3089 | This event contains signature information for files that were blocked or audit blocked by Application Control. One 3089 event is created for each signature of a file. | +| 3089 | This event contains signature information for files that were blocked or audit blocked by App Control. One 3089 event is created for each signature of a file. | | 3090 | *Optional* This event indicates that a file was allowed to run based purely on ISG or managed installer. | -| 3091 | This event indicates that a file didn't have ISG or managed installer authorization and the Application Control policy is in audit mode. | +| 3091 | This event indicates that a file didn't have ISG or managed installer authorization and the App Control policy is in audit mode. | | 3092 | This event is the enforcement mode equivalent of 3091. | -| 3095 | The Application Control policy can't be refreshed and must be rebooted instead. | -| 3096 | The Application Control policy wasn't refreshed since it's already up-to-date. | -| 3097 | The Application Control policy can't be refreshed. | -| 3099 | Indicates that a policy has been loaded. This event also includes information about the options set by the Application Control policy. | -| 3100 | The application control policy was refreshed but was unsuccessfully activated. Retry. | -| 3101 | The system started refreshing the Application Control policy. | -| 3102 | The system finished refreshing the Application Control policy. | -| 3103 | The system is ignoring the Application Control policy refresh. | +| 3095 | The App Control policy can't be refreshed and must be rebooted instead. | +| 3096 | The App Control policy wasn't refreshed since it's already up-to-date. | +| 3097 | The App Control policy can't be refreshed. | +| 3099 | Indicates that a policy has been loaded. This event also includes information about the options set by the App Control policy. | +| 3100 | The App Control policy was refreshed but was unsuccessfully activated. Retry. | +| 3101 | The system started refreshing the App Control policy. | +| 3102 | The system finished refreshing the App Control policy. | +| 3103 | The system is ignoring the App Control policy refresh. | | 3104 | The file under validation doesn't meet the signing requirements for a PPL (protected process light) process. | -| 3105 | The system is attempting to refresh the Application Control policy. | +| 3105 | The system is attempting to refresh the App Control policy. | | 3108 | Windows mode change event was successful. | | 3110 | Windows mode change event was unsuccessful. | | 3111 | The file under validation didn't meet the hypervisor-protected code integrity (HVCI) policy. | | 3112 | Windows has revoked the certificate that signed the file being validated. | -| 3114 | Dynamic Code Security opted the .NET app or DLL into Application Control policy validation. The file under validation didn't pass your policy and was blocked. | +| 3114 | Dynamic Code Security opted the .NET app or DLL into App Control policy validation. The file under validation didn't pass your policy and was blocked. | diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md b/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md index 42552c1b23..0f5513efc4 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/event-tag-explanations.md @@ -1,12 +1,12 @@ --- -title: Understanding Application Control event tags +title: Understanding App Control event tags description: Learn what different App Control for Business event tags signify. ms.localizationpriority: medium ms.date: 09/11/2024 ms.topic: conceptual --- -# Understanding Application Control event tags +# Understanding App Control event tags App Control for Business events include many fields, which provide helpful troubleshooting information to figure out exactly what an event means. This article describes the values and meanings for a few useful event tags. @@ -82,7 +82,7 @@ Represents why verification failed, or if it succeeded. ## Policy activation event Options -The Application Control policy rule option values can be derived from the "Options" field in the Details section for successful [policy activation events](event-id-explanations.md#app-control-policy-activation-events). To parse the values, first convert the hex value to binary. To derive and parse these values, follow the below workflow. +The App Control policy rule option values can be derived from the "Options" field in the Details section for successful [policy activation events](event-id-explanations.md#app-control-policy-activation-events). To parse the values, first convert the hex value to binary. To derive and parse these values, follow the below workflow. - Access Event Viewer. - Access the Code integrity 3099 event. diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md b/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md index a60c584ba9..d6d7b0bf4d 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md @@ -1,12 +1,12 @@ --- -title: Query Application Control events with Advanced Hunting +title: Query App Control events with Advanced Hunting description: Learn how to query App Control for Business events across your entire organization by using Advanced Hunting. ms.localizationpriority: medium ms.date: 09/11/2024 ms.topic: troubleshooting --- -# Querying Application Control events centrally using Advanced hunting +# Querying App Control events centrally using Advanced hunting an App Control for Business policy logs events locally in Windows Event Viewer in either enforced or audit mode. While Event Viewer helps to see the impact on a single system, IT Pros want to gauge it across many systems. @@ -20,7 +20,7 @@ This capability is supported beginning with Windows version 1607. | ActionType Name | ETW Source Event ID | Description | | - | - | - | -| AppControlCodeIntegrityDriverRevoked | 3023 | The driver file under validation didn't meet the requirements to pass the application control policy. | +| AppControlCodeIntegrityDriverRevoked | 3023 | The driver file under validation didn't meet the requirements to pass the App Control policy. | | AppControlCodeIntegrityImageRevoked | 3036 | The signed file under validation is signed by a code signing certificate that has been revoked by Microsoft or the certificate issuing authority. | | AppControlCodeIntegrityPolicyAudited | 3076 | This event is the main App Control for Business block event for audit mode policies. It indicates the file would have been blocked if the App Control policy was enforced. | | AppControlCodeIntegrityPolicyBlocked | 3077 | This event is the main App Control for Business block event for enforced policies. It indicates the file didn't pass your App Control policy and was blocked. | @@ -39,11 +39,11 @@ This capability is supported beginning with Windows version 1607. | AppControlCodeIntegritySigningInformation | 3089 | Signing information event correlated with either a 3076 or 3077 event. One 3089 event is generated for each signature of a file. | | AppControlPolicyApplied | 8001 | Indicates the AppLocker policy was successfully applied to the computer. | -Learn more about the [Understanding Application Control event IDs (Windows)](event-id-explanations.md) +Learn more about the [Understanding App Control event IDs (Windows)](event-id-explanations.md) -## Example Advanced Hunting Application Control Queries +## Example Advanced Hunting App Control Queries -Query Example 1: Query the application control action types summarized by type for past seven days +Query Example 1: Query the App Control action types summarized by type for past seven days Here's a simple example query that shows all the App Control for Business events generated in the last seven days from machines being monitored by Microsoft Defender for Endpoint: From dc0eda847ad591b00d31eb6d2f28eb878e23df1c Mon Sep 17 00:00:00 2001 From: Gary Moore <5432776+garycentric@users.noreply.github.com> Date: Wed, 25 Sep 2024 12:48:06 -0700 Subject: [PATCH 16/23] Add auto image borders and/or lightboxes to aid legibility --- .../design-create-appid-tagging-policies.md | 2 +- .../deployment/audit-appcontrol-policies.md | 4 ++-- ...create-code-signing-cert-for-appcontrol.md | 2 +- ...-appcontrol-policies-using-group-policy.md | 2 +- .../deploy-appcontrol-policies-with-memcm.md | 20 +++++++++---------- ...loy-catalog-files-to-support-appcontrol.md | 6 +++--- ...ntrol-wizard-create-supplemental-policy.md | 6 +++--- .../appcontrol-wizard-editing-policy.md | 2 +- .../appcontrol-wizard-merging-policies.md | 2 +- .../appcontrol-wizard-parsing-event-logs.md | 15 +++++--------- ...-guard-secure-launch-and-smm-protection.md | 4 ++-- 11 files changed, 30 insertions(+), 35 deletions(-) diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md index 26940bd0e3..f330f24100 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md @@ -18,7 +18,7 @@ You can use the App Control for Business Wizard and the PowerShell commands to c Start with the Policy Creator task and select Multiple Policy Format and Base Policy. Select the Base Template to use for the policy. The following example shows beginning with the [Default Windows Mode](../design/appcontrol-wizard-create-base-policy.md#template-base-policies) template and build on top of these rules. - ![Configuring the policy base and template.](../images/appid-appcontrol-wizard-1.png) + :::image type="content" alt-text="Configuring the policy base and template." source="../images/appid-appcontrol-wizard-1.png" lightbox="../images/appid-appcontrol-wizard-1.png"::: > [!NOTE] > If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates. For more information on the issue, see the [AppId Tagging Known Issue](../operations/known-issues.md#slow-boot-and-performance-with-custom-policies). diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md index 59a910aa0f..6f8919e77d 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/audit-appcontrol-policies.md @@ -25,8 +25,8 @@ To familiarize yourself with creating App Control rules from audit events, follo 2. Review the **CodeIntegrity - Operational** and **AppLocker - MSI and Script** event logs to confirm events, like those shown in Figure 1, are generated related to the application. For information about the types of events you should see, refer to [Understanding App Control events](../operations/event-id-explanations.md). - **Figure 1. Exceptions to the deployed App Control policy** - ![Event showing exception to App Control policy.](../images/dg-fig23-exceptionstocode.png) + **Figure 1. Exceptions to the deployed App Control policy**
          + :::image type="content" alt-text="Event showing exception to App Control policy." source="../images/dg-fig23-exceptionstocode.png"::: 3. In an elevated PowerShell session, run the following commands to initialize variables used by this procedure. This procedure builds upon the **Lamna_FullyManagedClients_Audit.xml** policy introduced in [Create an App Control policy for fully managed devices](../design/create-appcontrol-policy-for-fully-managed-devices.md) and will produce a new policy called **EventsPolicy.xml**. diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md index 6da9a96b92..773daf6a82 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/create-code-signing-cert-for-appcontrol.md @@ -75,7 +75,7 @@ Now that the template is available to be issued, you must request one from the c 4. In the **Request Certificate** list, select your newly created code signing certificate, and then select the blue text that requests additional information, as shown in Figure 4. - ![Request Certificates: more information required.](../images/dg-fig31-getmoreinfo.png) + :::image type="content" alt-text="Request Certificates: more information required." source="../images/dg-fig31-getmoreinfo.png"::: Figure 4. Get more information for your code signing certificate diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md index 885c8d0203..03cfad7165 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md @@ -50,7 +50,7 @@ To deploy and manage an App Control for Business policy with Group Policy: > [!NOTE] > This policy file does not need to be copied to every computer. You can instead copy the App Control policies to a file share to which all computer accounts have access. Any policy selected here is converted to SIPolicy.p7b when it is deployed to the individual client computers. - ![Group Policy called Deploy App Control for Business.](../images/dg-fig26-enablecode.png) + :::image type="content" alt-text="Group Policy called Deploy App Control for Business." source="../images/dg-fig26-enablecode.png"::: > [!NOTE] > You may have noticed that the GPO setting references a .p7b file, but the file extension and name of the policy binary do not matter. Regardless of what you name your policy binary, they are all converted to SIPolicy.p7b when applied to the client computers running Windows 10. If you are deploying different App Control policies to different sets of devices, you may want to give each of your App Control policies a friendly name and allow the system to convert the policy names for you to ensure that the policies are easily distinguishable when viewed in a share or any other central repository. diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md index ae36e1b394..5baec955a9 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-with-memcm.md @@ -28,49 +28,49 @@ Configuration Manager doesn't remove policies once deployed. To stop enforcement 1. Select **Asset and Compliance** > **Endpoint Protection** > **App Control for Business** > **Create Application Control Policy** - ![Create an App Control policy in Configuration Manager.](../images/memcm/memcm-create-appcontrol-policy.jpg) + :::image type="content" alt-text="Create an App Control policy in Configuration Manager." source="../images/memcm/memcm-create-appcontrol-policy.jpg"::: 2. Enter the name of the policy > **Next** 3. Enable **Enforce a restart of devices so that this policy can be enforced for all processes** 4. Select the mode that you want the policy to run (Enforcement enabled / Audit Only) 5. Select **Next** - ![Create an enforced App Control policy in Configuration Manager.](../images/memcm/memcm-create-appcontrol-policy-2.jpg) + :::image type="content" alt-text="Create an enforced App Control policy in Configuration Manager." source="../images/memcm/memcm-create-appcontrol-policy-2.jpg"::: 6. Select **Add** to begin creating rules for trusted software - ![Create an App Control path rule in Configuration Manager.](../images/memcm/memcm-create-appcontrol-rule.jpg) + :::image type="content" alt-text="Create an App Control path rule in Configuration Manager." source="../images/memcm/memcm-create-appcontrol-rule.jpg"::: 7. Select **File** or **Folder** to create a path rule > **Browse** - ![Select a file or folder to create a path rule.](../images/memcm/memcm-create-appcontrol-rule-2.jpg) + :::image type="content" alt-text="Select a file or folder to create a path rule." source="../images/memcm/memcm-create-appcontrol-rule-2.jpg"::: 8. Select the executable or folder for your path rule > **OK** - ![Select the executable file or folder.](../images/memcm/memcm-create-appcontrol-rule-3.jpg) + :::image type="content" alt-text="Select the executable file or folder." source="../images/memcm/memcm-create-appcontrol-rule-3.jpg"::: 9. Select **OK** to add the rule to the table of trusted files or folder 10. Select **Next** to navigate to the summary page > **Close** - ![Confirm the App Control path rule in Configuration Manager.](../images/memcm/memcm-confirm-appcontrol-rule.jpg) + :::image type="content" alt-text="Confirm the App Control path rule in Configuration Manager." source="../images/memcm/memcm-confirm-appcontrol-rule.jpg"::: ### Deploy the App Control policy in Configuration Manager 1. Right-click the newly created policy > **Deploy Application Control Policy** - ![Deploy App Control via Configuration Manager.](../images/memcm/memcm-deploy-appcontrol.jpg) + :::image type="content" alt-text="Deploy App Control via Configuration Manager." source="../images/memcm/memcm-deploy-appcontrol.jpg"::: 2. Select **Browse** - ![Select Browse.](../images/memcm/memcm-deploy-appcontrol-2.jpg) + :::image type="content" alt-text="Select Browse." source="../images/memcm/memcm-deploy-appcontrol-2.jpg"::: 3. Select the Device Collection you created earlier > **OK** - ![Select the device collection.](../images/memcm/memcm-deploy-appcontrol-3.jpg) + :::image type="content" alt-text="Select the device collection." source="../images/memcm/memcm-deploy-appcontrol-3.jpg"::: 4. Change the schedule > **OK** - ![Change the App Control deployment schedule.](../images/memcm/memcm-deploy-appcontrol-4.jpg) + :::image type="content" alt-text="Change the App Control deployment schedule." source="../images/memcm/memcm-deploy-appcontrol-4.jpg"::: For more information on using Configuration Manager's native App Control policies, see [App Control for Business management with Configuration Manager](/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager). diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md index 2c21e89039..cf222d2d4a 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md @@ -108,7 +108,7 @@ For the code signing certificate that you use to sign the catalog file, import i 3. Verify the catalog file's digital signature. Right-click the catalog file, and then select **Properties**. On the **Digital Signatures** tab, verify that your signing certificate exists with a **sha256** algorithm, as shown in Figure 1. - ![Digital Signature list in file Properties.](../images/dg-fig12-verifysigning.png) + :::image type="content" alt-text="Digital Signature list in file Properties." source="../images/dg-fig12-verifysigning.png"::: Figure 1. Verify that the signing certificate exists. @@ -131,7 +131,7 @@ The following process walks you through the deployment of a signed catalog file > [!NOTE] > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining App Control policies. - ![Group Policy Management, create a GPO.](../images/dg-fig13-createnewgpo.png) + :::image type="content" alt-text="Group Policy Management, create a GPO." source="../images/dg-fig13-createnewgpo.png"::: Figure 2. Create a new GPO. @@ -141,7 +141,7 @@ The following process walks you through the deployment of a signed catalog file 5. Within the selected GPO, navigate to **Computer Configuration\\Preferences\\Windows Settings\\Files**. Right-click **Files**, point to **New**, and then select **File**, as shown in Figure 3. - ![Group Policy Management Editor, New File.](../images/dg-fig14-createnewfile.png) + :::image type="content" alt-text="Group Policy Management Editor, New File." source="../images/dg-fig14-createnewfile.png"::: Figure 3. Create a new file. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md index 03c7231e74..5d17f8fd6f 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md @@ -22,11 +22,11 @@ Once the Supplemental Policy type is chosen on the New Policy page, policy name If the base policy isn't configured for supplemental policies, the Wizard attempts to convert the policy to one that can be supplemented. Once successful, the Wizard shows a dialog demonstrating that the addition of the Allow Supplemental Policy rule was completed. -![Wizard confirms modification of base policy.](../images/appcontrol-wizard-confirm-base-policy-modification.png) +:::image type="content" alt-text="Wizard confirms modification of base policy." source="../images/appcontrol-wizard-confirm-base-policy-modification.png"::: Policies that can't be supplemented, for instance another supplemental policy, are detected by the Wizard and show the following error. Only a base policy can be supplemented. More information on supplemental policies can be found on our [Multiple Policies article](deploy-multiple-appcontrol-policies.md). -![Wizard detects a bad base policy.](../images/appcontrol-wizard-supplemental-not-base.png) +:::image type="content" alt-text="Wizard detects a bad base policy." source="../images/appcontrol-wizard-supplemental-not-base.png"::: ## Configuring Policy Rules @@ -44,7 +44,7 @@ Supplemental policies can only configure three policy rules. The following table | **Managed Installer** | Use this option to automatically allow applications installed by a software distribution solution, such as Microsoft Configuration Manager, that has been defined as a managed installer. | | **Disable Runtime FilePath Rule Protection** | This option disables the default runtime check that only allows FilePath rules for paths that are only writable by an administrator. | -![Rule options UI for Windows Allowed mode.](../images/appcontrol-wizard-supplemental-policy-rule-options-UI.png) +:::image type="content" alt-text="Rule options UI for Windows Allowed mode." source="../images/appcontrol-wizard-supplemental-policy-rule-options-UI.png"::: ## Creating custom file rules diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md index 0386faab8c..f6c6797de5 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md @@ -35,7 +35,7 @@ Selecting the `+ Custom Rules` button will open the Custom Rules panel. For more The App Control Wizard makes deleting file rules from an existing policy quick and easy. To remove any type of file rule: publisher rule, path rule, filename rule, or a hash rule, select the rule in the `Policy Signing Rules List` table on the left-hand side of the page. Selecting the rule will highlight the entire row. Once the row is highlighted, select the remove icon underneath the table. The Wizard will prompt for user confirmation before removing the file rule. Once removed, the rule will no longer appear in the policy or the table. -![Removing file rule from policy during edit.](../images/appcontrol-wizard-edit-remove-file-rule.png) +:::image type="content" alt-text="Removing file rule from policy during edit." source="../images/appcontrol-wizard-edit-remove-file-rule.png"::: **Note:** removing a publisher rule will also remove the associated File Attribute rules. For instance, in the xml block below, removing ID_SIGNER_CONTOSO_PUBLISHER would also remove the rules ID_FILEATTRIB_LOB_APP_1 and ID_FILEATTRIB_LOB_APP_2. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md index a7099a7c32..a0c8c1e69a 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-merging-policies.md @@ -17,4 +17,4 @@ Select the policies you wish to merge into one policy using the `+ Add Policy` b Lastly, select a filepath save location for the final merged policy using the `Browse` button. If a minimum of two policies are selected, and the save location is specified, select the `Next` button to build the policy. -![Merging App Control policies into a final App Control policy.](../images/appcontrol-wizard-merge.png) +:::image type="content" alt-text="Merging App Control policies into a final App Control policy." source="../images/appcontrol-wizard-merge.png"::: diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md index c2cfced0cc..2f94b6e7c6 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md @@ -26,8 +26,7 @@ To create rules from the App Control event logs on the system: The Wizard parses the relevant audit and block events from the CodeIntegrity (App Control) Operational and AppLocker MSI and Script logs. You see a notification when the Wizard successfully finishes reading the events. - > [!div class="mx-imgBorder"] - > [![Parse App Control and AppLocker event log system events](../images/appcontrol-wizard-event-log-system.png)](../images/appcontrol-wizard-event-log-system-expanded.png) + :::image type="content" alt-text="Parse App Control and AppLocker event log system events." source="../images/appcontrol-wizard-event-log-system.png" lightbox="../images/appcontrol-wizard-event-log-system.png"::: 4. Select the Next button to view the audit and block events and create rules. 5. [Generate rules from the events](#creating-policy-rules-from-the-events). @@ -43,8 +42,7 @@ To create rules from the App Control `.EVTX` event logs files on the system: The Wizard parses the relevant audit and block events from the selected log files. You see a notification when the Wizard successfully finishes reading the events. - > [!div class="mx-imgBorder"] - > [![Parse evtx file App Control events](../images/appcontrol-wizard-event-log-files.png)](../images/appcontrol-wizard-event-log-files-expanded.png) + :::image type="content" alt-text="Parse evtx file App Control events" source="../images/appcontrol-wizard-event-log-files.png" lightbox="../images/appcontrol-wizard-event-log-files.png"::: 5. Select the Next button to view the audit and block events and create rules. 6. [Generate rules from the events](#creating-policy-rules-from-the-events). @@ -80,8 +78,7 @@ To create rules from the App Control events in [MDE Advanced Hunting](../operati 2. Export the App Control event results by selecting the **Export** button in the results view. - > [!div class="mx-imgBorder"] - > [![Export the MDE Advanced Hunting results to CSV](../images/appcontrol-wizard-event-log-mde-ah-export.png)](../images/appcontrol-wizard-event-log-mde-ah-export-expanded.png) + :::image type="content" alt-text="Export the MDE Advanced Hunting results to CSV" source="../images/appcontrol-wizard-event-log-mde-ah-export.png" lightbox="../images/appcontrol-wizard-event-log-mde-ah-export.png"::: 3. Select **Policy Editor** from the main page. 4. Select **Convert Event Log to an App Control Policy**. @@ -90,8 +87,7 @@ To create rules from the App Control events in [MDE Advanced Hunting](../operati The Wizard will parse the relevant audit and block events from the selected Advanced Hunting log files. You see a notification when the Wizard successfully finishes reading the events. - > [!div class="mx-imgBorder"] - > [![Parse the Advanced Hunting CSV App Control event files](../images/appcontrol-wizard-event-log-mde-ah-parsing.png)](../images/appcontrol-wizard-event-log-mde-ah-parsing-expanded.png) + :::image type="content" alt-text="Parse the Advanced Hunting CSV App Control event files." source="../images/appcontrol-wizard-event-log-mde-ah-parsing.png" lightbox="../images/appcontrol-wizard-event-log-mde-ah-parsing.png"::: 7. Select the Next button to view the audit and block events and create rules. 8. [Generate rules from the events](#creating-policy-rules-from-the-events). @@ -107,8 +103,7 @@ To create a rule and add it to the App Control policy: 3. Select the attributes and fields that should be added to the policy rules using the checkboxes provided for the rule type. 4. Select the **Add Allow Rule** button to add the configured rule to the policy generated by the Wizard. The "Added to policy" label is shown in the selected row confirming that the rule will be generated. - > [!div class="mx-imgBorder"] - > [![Adding a publisher rule to the App Control policy](../images/appcontrol-wizard-event-rule-creation.png)](../images/appcontrol-wizard-event-rule-creation-expanded.png) + :::image type="content" alt-text="Adding a publisher rule to the App Control policy" source="../images/appcontrol-wizard-event-rule-creation.png" lightbox="../images/appcontrol-wizard-event-rule-creation.png"::: 5. Select the **Next** button to output the policy. Once generated, the event log policy should be merged with your base or supplemental policies. diff --git a/windows/security/hardware-security/system-guard-secure-launch-and-smm-protection.md b/windows/security/hardware-security/system-guard-secure-launch-and-smm-protection.md index 24de29841e..af01702227 100644 --- a/windows/security/hardware-security/system-guard-secure-launch-and-smm-protection.md +++ b/windows/security/hardware-security/system-guard-secure-launch-and-smm-protection.md @@ -30,7 +30,7 @@ System Guard Secure Launch can be configured for Mobile Device Management (MDM) 1. Select **Start** > type and then select **Edit group policy**. 1. Select **Computer Configuration** > **Administrative Templates** > **System** > **Device Guard** > **Turn On Virtualization Based Security** > **Secure Launch Configuration**. - ![Secure Launch Configuration.](images/secure-launch-group-policy.png) + :::image type="content" alt-text="Secure Launch Configuration." source="images/secure-launch-group-policy.png" lightbox="images/secure-launch-group-policy.png"::: ### Windows Security @@ -52,7 +52,7 @@ Select **Start** > **Settings** > **Update & Security** > **Windows Security** > To verify that Secure Launch is running, use System Information (MSInfo32). Select **Start**, search for **System Information**, and look under **Virtualization-based Security Services Running** and **Virtualization-based Security Services Configured**. -![Verifying Secure Launch is running in the Windows Security settings.](images/secure-launch-msinfo.png) +:::image type="content" alt-text="Verifying Secure Launch is running in the Windows Security settings." source="images/secure-launch-msinfo.png" lightbox="images/secure-launch-msinfo.png"::: > [!NOTE] > To enable System Guard Secure launch, the platform must meet all the baseline requirements for [System Guard](how-hardware-based-root-of-trust-helps-protect-windows.md), [Device Guard](../application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md), [Credential Guard](../identity-protection/credential-guard/index.md), and [Virtualization Based Security](/windows-hardware/design/device-experiences/oem-vbs). From 8ee327110331ff0f35216b40f1221b2341485875 Mon Sep 17 00:00:00 2001 From: Gary Moore <5432776+garycentric@users.noreply.github.com> Date: Wed, 25 Sep 2024 13:28:24 -0700 Subject: [PATCH 17/23] Corrections to code blocks: indentation, content types --- .../design-create-appid-tagging-policies.md | 4 +- .../deployment/appcontrol-deployment-guide.md | 32 +++---- .../deployment/disable-appcontrol-policies.md | 2 +- .../appcontrol-wizard-editing-policy.md | 10 +-- .../appcontrol-wizard-parsing-event-logs.md | 4 +- ...ontrol-policy-for-fully-managed-devices.md | 87 ++++++++++--------- .../operations/citool-commands.md | 22 ++--- .../operations/known-issues.md | 4 +- ...events-centrally-using-advanced-hunting.md | 6 +- ...tion-based-protection-of-code-integrity.md | 26 +++--- 10 files changed, 102 insertions(+), 95 deletions(-) diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md index f330f24100..69df945159 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md @@ -92,8 +92,8 @@ After creating your AppId Tagging policy in the above steps, you can deploy the 2. Optionally, deploy it for local testing: ```powershell - copy ".\{Policy ID}.cip" c:\windows\system32\codeintegrity\CiPolicies\Active\ - ./RefreshPolicy.exe + copy ".\{Policy ID}.cip" c:\windows\system32\codeintegrity\CiPolicies\Active\ + ./RefreshPolicy.exe ``` RefreshPolicy.exe is available for download from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=102925). diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md index b3ba7121e7..4ee7ef2757 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/appcontrol-deployment-guide.md @@ -16,23 +16,23 @@ You should now have one or more App Control for Business policies ready to deplo Before you deploy your App Control policies, you must first convert the XML to its binary form. You can do this using the following PowerShell example. You must set the $AppControlPolicyXMLFile variable to point to your App Control policy XML file. - ```powershell - ## Update the path to your App Control policy XML - $AppControlPolicyXMLFile = $env:USERPROFILE + "\Desktop\MyAppControlPolicy.xml" - [xml]$AppControlPolicy = Get-Content -Path $AppControlPolicyXMLFile - if (($AppControlPolicy.SiPolicy.PolicyID) -ne $null) ## Multiple policy format (For Windows builds 1903+ only, including Server 2022) - { - $PolicyID = $AppControlPolicy.SiPolicy.PolicyID - $PolicyBinary = $PolicyID+".cip" - } - else ## Single policy format (Windows Server 2016 and 2019, and Windows 10 1809 LTSC) - { - $PolicyBinary = "SiPolicy.p7b" - } +```powershell +## Update the path to your App Control policy XML +$AppControlPolicyXMLFile = $env:USERPROFILE + "\Desktop\MyAppControlPolicy.xml" +[xml]$AppControlPolicy = Get-Content -Path $AppControlPolicyXMLFile +if (($AppControlPolicy.SiPolicy.PolicyID) -ne $null) ## Multiple policy format (For Windows builds 1903+ only, including Server 2022) +{ + $PolicyID = $AppControlPolicy.SiPolicy.PolicyID + $PolicyBinary = $PolicyID+".cip" +} +else ## Single policy format (Windows Server 2016 and 2019, and Windows 10 1809 LTSC) +{ + $PolicyBinary = "SiPolicy.p7b" +} - ## Binary file will be written to your desktop - ConvertFrom-CIPolicy -XmlFilePath $AppControlPolicyXMLFile -BinaryFilePath $env:USERPROFILE\Desktop\$PolicyBinary - ``` +## Binary file will be written to your desktop +ConvertFrom-CIPolicy -XmlFilePath $AppControlPolicyXMLFile -BinaryFilePath $env:USERPROFILE\Desktop\$PolicyBinary +``` ## Plan your deployment diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md index a3add21030..f1e65d8fff 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/disable-appcontrol-policies.md @@ -43,7 +43,7 @@ To make a policy effectively inactive before removing it, you can first replace Beginning with the Windows 11 2022 Update, you can remove App Control policies using CiTool.exe. From an elevated command window, run the following command. Be sure to replace the text *PolicyId GUID* with the actual PolicyId of the App Control policy you want to remove: ```powershell - CiTool.exe -rp "{PolicyId GUID}" -json +CiTool.exe -rp "{PolicyId GUID}" -json ``` Then restart the computer. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md index f6c6797de5..111961661b 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md @@ -40,11 +40,11 @@ The App Control Wizard makes deleting file rules from an existing policy quick a **Note:** removing a publisher rule will also remove the associated File Attribute rules. For instance, in the xml block below, removing ID_SIGNER_CONTOSO_PUBLISHER would also remove the rules ID_FILEATTRIB_LOB_APP_1 and ID_FILEATTRIB_LOB_APP_2. ```xml - - - - - + + + + + ``` [comment]: <> (## Editing File Rules Coming soon!) diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md index 2f94b6e7c6..5e2b4e4017 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-parsing-event-logs.md @@ -53,13 +53,13 @@ To create rules from the App Control events in [MDE Advanced Hunting](../operati 1. Navigate to the Advanced Hunting section within the MDE console and query the App Control events. **The Wizard requires the following fields** in the Advanced Hunting csv file export: - ```KQL + ```kusto | project-keep Timestamp, DeviceId, DeviceName, ActionType, FileName, FolderPath, SHA1, SHA256, IssuerName, IssuerTBSHash, PublisherName, PublisherTBSHash, AuthenticodeHash, PolicyId, PolicyName ``` The following Advanced Hunting query is recommended: - ```KQL + ```kusto DeviceEvents // Take only App Control events | where ActionType startswith 'AppControlCodeIntegrity' diff --git a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md index 978a986c90..1563a69a95 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/create-appcontrol-policy-for-fully-managed-devices.md @@ -61,47 +61,47 @@ Alice follows these steps to complete this task: 2. On the client device, run the following commands in an elevated Windows PowerShell session to initialize variables: - ```powershell - $PolicyPath=$env:userprofile+"\Desktop\" - $PolicyName= "Lamna_FullyManagedClients_Audit" - $LamnaPolicy=$PolicyPath+$PolicyName+".xml" - $ConfigMgrPolicy=$env:windir+"\CCM\DeviceGuard\MergedPolicy_Audit_ISG.xml" - ``` + ```powershell + $PolicyPath=$env:userprofile+"\Desktop\" + $PolicyName= "Lamna_FullyManagedClients_Audit" + $LamnaPolicy=$PolicyPath+$PolicyName+".xml" + $ConfigMgrPolicy=$env:windir+"\CCM\DeviceGuard\MergedPolicy_Audit_ISG.xml" + ``` 3. Copy the policy created by Configuration Manager to the desktop: - ```powershell - cp $ConfigMgrPolicy $LamnaPolicy - ``` + ```powershell + cp $ConfigMgrPolicy $LamnaPolicy + ``` 4. Give the new policy a unique ID, descriptive name, and initial version number: - ```powershell - Set-CIPolicyIdInfo -FilePath $LamnaPolicy -PolicyName $PolicyName -ResetPolicyID - Set-CIPolicyVersion -FilePath $LamnaPolicy -Version "1.0.0.0" - ``` + ```powershell + Set-CIPolicyIdInfo -FilePath $LamnaPolicy -PolicyName $PolicyName -ResetPolicyID + Set-CIPolicyVersion -FilePath $LamnaPolicy -Version "1.0.0.0" + ``` 5. Modify the copied policy to set policy rules: - ```powershell - Set-RuleOption -FilePath $LamnaPolicy -Option 3 # Audit Mode - Set-RuleOption -FilePath $LamnaPolicy -Option 6 # Unsigned Policy - Set-RuleOption -FilePath $LamnaPolicy -Option 9 # Advanced Boot Menu - Set-RuleOption -FilePath $LamnaPolicy -Option 12 # Enforce Store Apps - Set-RuleOption -FilePath $LamnaPolicy -Option 13 # Managed Installer - Set-RuleOption -FilePath $LamnaPolicy -Option 16 # No Reboot - Set-RuleOption -FilePath $LamnaPolicy -Option 17 # Allow Supplemental - Set-RuleOption -FilePath $LamnaPolicy -Option 19 # Dynamic Code Security - ``` + ```powershell + Set-RuleOption -FilePath $LamnaPolicy -Option 3 # Audit Mode + Set-RuleOption -FilePath $LamnaPolicy -Option 6 # Unsigned Policy + Set-RuleOption -FilePath $LamnaPolicy -Option 9 # Advanced Boot Menu + Set-RuleOption -FilePath $LamnaPolicy -Option 12 # Enforce Store Apps + Set-RuleOption -FilePath $LamnaPolicy -Option 13 # Managed Installer + Set-RuleOption -FilePath $LamnaPolicy -Option 16 # No Reboot + Set-RuleOption -FilePath $LamnaPolicy -Option 17 # Allow Supplemental + Set-RuleOption -FilePath $LamnaPolicy -Option 19 # Dynamic Code Security + ``` 6. If appropriate, add more signer or file rules to further customize the policy for your organization. 7. Use [ConvertFrom-CIPolicy](/powershell/module/configci/convertfrom-cipolicy) to convert the App Control for Business policy to a binary format: ```powershell - [xml]$PolicyXML = Get-Content $LamnaPolicy - $LamnaPolicyBin = Join-Path $PolicyPath "$($PolicyXML.SiPolicy.PolicyID).cip" - ConvertFrom-CIPolicy $LamnaPolicy $LamnaPolicyBin + [xml]$PolicyXML = Get-Content $LamnaPolicy + $LamnaPolicyBin = Join-Path $PolicyPath "$($PolicyXML.SiPolicy.PolicyID).cip" + ConvertFrom-CIPolicy $LamnaPolicy $LamnaPolicyBin ``` 8. Upload your base policy XML and the associated binary to a source control solution such as [GitHub](https://github.com/) or a document management solution such as [Office 365 SharePoint](https://products.office.com/sharepoint/collaboration). @@ -112,33 +112,40 @@ At this point, Alice now has an initial policy that is ready to deploy in audit Alice has defined a policy for Lamna's fully managed devices that makes some trade-offs between security and manageability for apps. Some of the trade-offs include: -- **Users with administrative access**
          - Although applying to fewer users, Lamna still allows some IT staff to sign in to its fully managed devices as administrator. This privilege allows these users (or malware running with the user's privileges) to modify or remove altogether the App Control policy applied on the device. Additionally, administrators can configure any app they wish to operate as a managed installer that would allow them to gain persistent app authorization for whatever apps or binaries they wish. +- **Users with administrative access** - Possible mitigations: + Although applying to fewer users, Lamna still allows some IT staff to sign in to its fully managed devices as administrator. This privilege allows these users (or malware running with the user's privileges) to modify or remove altogether the App Control policy applied on the device. Additionally, administrators can configure any app they wish to operate as a managed installer that would allow them to gain persistent app authorization for whatever apps or binaries they wish. + + Possible mitigations: - Use signed App Control policies and UEFI BIOS access protection to prevent tampering of App Control policies. - Create and deploy signed catalog files as part of the app deployment process in order to remove the requirement for managed installer. - Use device attestation to detect the configuration state of App Control at boot time and use that information to condition access to sensitive corporate resources. -- **Unsigned policies**
          - Unsigned policies can be replaced or removed without consequence by any process running as administrator. Unsigned base policies that also enable supplemental policies can have their "circle-of-trust" altered by any unsigned supplemental policy. - Existing mitigations applied: +- **Unsigned policies** + + Unsigned policies can be replaced or removed without consequence by any process running as administrator. Unsigned base policies that also enable supplemental policies can have their "circle-of-trust" altered by any unsigned supplemental policy. + + Existing mitigations applied: - Limit who can elevate to administrator on the device. - Possible mitigations: + Possible mitigations: - Use signed App Control policies and UEFI BIOS access protection to prevent tampering of App Control policies. -- **Managed installer**
          - See [security considerations with managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md#security-considerations-with-managed-installer) - Existing mitigations applied: +- **Managed installer** + + See [security considerations with managed installer](configure-authorized-apps-deployed-with-a-managed-installer.md#security-considerations-with-managed-installer) + + Existing mitigations applied: - Limit who can elevate to administrator on the device. - Possible mitigations: + Possible mitigations: - Create and deploy signed catalog files as part of the app deployment process in order to remove the requirement for managed installer. -- **Supplemental policies**
          - Supplemental policies are designed to relax the associated base policy. Additionally allowing unsigned policies allows any administrator process to expand the "circle-of-trust" defined by the base policy without restriction. - Possible mitigations: +- **Supplemental policies**
          + + Supplemental policies are designed to relax the associated base policy. Additionally allowing unsigned policies allows any administrator process to expand the "circle-of-trust" defined by the base policy without restriction. + + Possible mitigations: - Use signed App Control policies that allow authorized signed supplemental policies only. - Use a restrictive audit mode policy to audit app usage and augment vulnerability detection. diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md b/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md index d5dba038d4..c8bb39fb47 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/citool-commands.md @@ -42,17 +42,17 @@ CiTool makes App Control for Business policy management easier for IT admins. Yo ### List policies (`--list-policies`) -```output - Policy ID: d2bda982-ccf6-4344-ac5b-0b44427b6816 - Base Policy ID: d2bda982-ccf6-4344-ac5b-0b44427b6816 - Friendly Name: Microsoft Windows Driver Policy - Version: 2814751463178240 - Platform Policy: true - Policy is Signed: true - Has File on Disk: false - Is Currently Enforced: true - Is Authorized: true - Status: 0 +```console +Policy ID: d2bda982-ccf6-4344-ac5b-0b44427b6816 +Base Policy ID: d2bda982-ccf6-4344-ac5b-0b44427b6816 +Friendly Name: Microsoft Windows Driver Policy +Version: 2814751463178240 +Platform Policy: true +Policy is Signed: true +Has File on Disk: false +Is Currently Enforced: true +Is Authorized: true +Status: 0 ``` | Attribute | Description | Example value | diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md b/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md index 5288f40a3e..018a5a86c7 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md @@ -76,13 +76,13 @@ MSI installer files are always detected as user writeable on Windows 10, and on Installing .msi files directly from the internet to a computer protected by App Control fails. For example, this command fails: -```console +```cmd msiexec -i https://download.microsoft.com/download/2/E/3/2E3A1E42-8F50-4396-9E7E-76209EA4F429/Windows10_Version_1511_ADMX.msi ``` As a workaround, download the MSI file and run it locally: -```console +```cmd msiexec -i c:\temp\Windows10_Version_1511_ADMX.msi ``` diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md b/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md index d6d7b0bf4d..d39105c4a1 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/querying-application-control-events-centrally-using-advanced-hunting.md @@ -8,7 +8,7 @@ ms.topic: troubleshooting # Querying App Control events centrally using Advanced hunting -an App Control for Business policy logs events locally in Windows Event Viewer in either enforced or audit mode. +An App Control for Business policy logs events locally in Windows Event Viewer in either enforced or audit mode. While Event Viewer helps to see the impact on a single system, IT Pros want to gauge it across many systems. In November 2018, we added functionality in Microsoft Defender for Endpoint that makes it easy to view App Control events centrally from all connected systems. @@ -47,7 +47,7 @@ Query Example 1: Query the App Control action types summarized by type for past Here's a simple example query that shows all the App Control for Business events generated in the last seven days from machines being monitored by Microsoft Defender for Endpoint: -``` +```kusto DeviceEvents | where Timestamp > ago(7d) and ActionType startswith "AppControl" @@ -64,7 +64,7 @@ The query results can be used for several important functions related to managin Query Example #2: Query to determine audit blocks in the past seven days -``` +```kusto DeviceEvents | where ActionType startswith "AppControlExecutableAudited" | where Timestamp > ago(7d) diff --git a/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md index d11b54e8b9..53dfb74978 100644 --- a/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md @@ -73,7 +73,7 @@ Set the following registry keys to enable memory integrity. These keys provide s Recommended settings (to enable memory integrity without UEFI Lock): -```console +```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /t REG_DWORD /d 1 /f reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "RequirePlatformSecurityFeatures" /t REG_DWORD /d 1 /f reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "Locked" /t REG_DWORD /d 0 /f @@ -85,55 +85,55 @@ If you want to customize the preceding recommended settings, use the following r **To enable VBS only (no memory integrity)** -```console +```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /t REG_DWORD /d 1 /f ``` **To enable VBS and require Secure boot only (value 1)** -```console +```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "RequirePlatformSecurityFeatures" /t REG_DWORD /d 1 /f ``` **To enable VBS with Secure Boot and DMA protection (value 3)** -```console +```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "RequirePlatformSecurityFeatures" /t REG_DWORD /d 3 /f ``` **To enable VBS without UEFI lock (value 0)** -```console +```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "Locked" /t REG_DWORD /d 0 /f ``` **To enable VBS with UEFI lock (value 1)** -```console +```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "Locked" /t REG_DWORD /d 1 /f ``` **To enable memory integrity** -```console +```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 1 /f ``` **To enable memory integrity without UEFI lock (value 0)** -```console +```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Locked" /t REG_DWORD /d 0 /f ``` **To enable memory integrity with UEFI lock (value 1)** -```console +```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Locked" /t REG_DWORD /d 1 /f ``` **To enable VBS (and memory integrity) in mandatory mode** -```console +```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "Mandatory" /t REG_DWORD /d 1 /f ``` @@ -143,12 +143,12 @@ The **Mandatory** setting prevents the OS loader from continuing to boot in case > Special care should be used before enabling this mode, since, in case of any failure of the virtualization modules, the system will refuse to boot. **To gray out the memory integrity UI and display the message "This setting is managed by your administrator"** -```console +```cmd reg delete HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity /v "WasEnabledBy" /f ``` **To let memory integrity UI behave normally (Not grayed out)** -```console +```cmd reg add HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity /v "WasEnabledBy" /t REG_DWORD /d 2 /f ``` @@ -269,7 +269,7 @@ Another method to determine the available and enabled VBS features is to run msi 2. Then, boot to Windows RE on the affected computer, see [Windows RE Technical Reference](/windows-hardware/manufacture/desktop/windows-recovery-environment--windows-re--technical-reference). 3. After logging in to Windows RE, set the memory integrity registry key to off: - ```console + ```cmd reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 0 /f ``` From 839e36c30775df823a41b1606d7a2cb8dce7e15f Mon Sep 17 00:00:00 2001 From: Gary Moore <5432776+garycentric@users.noreply.github.com> Date: Wed, 25 Sep 2024 13:55:47 -0700 Subject: [PATCH 18/23] Correct note style --- .../design/appcontrol-wizard-editing-policy.md | 3 ++- .../app-control-for-business/operations/known-issues.md | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md index 111961661b..0143718e13 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-editing-policy.md @@ -37,7 +37,8 @@ The App Control Wizard makes deleting file rules from an existing policy quick a :::image type="content" alt-text="Removing file rule from policy during edit." source="../images/appcontrol-wizard-edit-remove-file-rule.png"::: -**Note:** removing a publisher rule will also remove the associated File Attribute rules. For instance, in the xml block below, removing ID_SIGNER_CONTOSO_PUBLISHER would also remove the rules ID_FILEATTRIB_LOB_APP_1 and ID_FILEATTRIB_LOB_APP_2. +> [!NOTE] +> Removing a publisher rule will also remove the associated File Attribute rules. For instance, in the xml block below, removing ID_SIGNER_CONTOSO_PUBLISHER would also remove the rules ID_FILEATTRIB_LOB_APP_1 and ID_FILEATTRIB_LOB_APP_2. ```xml diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md b/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md index 018a5a86c7..4181691e76 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/known-issues.md @@ -50,7 +50,8 @@ When the App Control engine evaluates files against the active set of policies o Until you apply the Windows security update released on or after April 9, 2024, your device is limited to 32 active policies. If the maximum number of policies is exceeded, the device bluescreens referencing ci.dll with a bug check value of 0x0000003b. Consider this maximum policy count limit when planning your App Control policies. Any [Windows inbox policies](inbox-appcontrol-policies.md) that are active on the device also count towards this limit. To remove the maximum policy limit, install the Windows security update released on, or after, April 9, 2024 and then restart the device. Otherwise, reduce the number of policies on the device to remain below 32 policies. -**Note:** The policy limit was not removed on Windows 11 21H2, and will remain limited to 32 policies. +> [!NOTE] +> The policy limit was not removed on Windows 11 21H2, and will remain limited to 32 policies. ### Audit mode policies can change the behavior for some apps or cause app crashes From c353de08bd36b68c28e75aec406f512b935d24b0 Mon Sep 17 00:00:00 2001 From: Gary Moore <5432776+garycentric@users.noreply.github.com> Date: Wed, 25 Sep 2024 13:56:40 -0700 Subject: [PATCH 19/23] Correct font weight of table headings On Learn, table headings are bold by default, and in fact, a heavier weight font than standard bold. Adding formatting for bold results in a lighter weight font than is standard on Learn. --- .../design/example-appcontrol-base-policies.md | 2 +- .../operations/inbox-appcontrol-policies.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md b/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md index 02073ebcb4..fcc507dc75 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/example-appcontrol-base-policies.md @@ -12,7 +12,7 @@ ms.date: 09/11/2024 When you create policies for use with App Control for Business, start from an existing base policy and then add or remove rules to build your own custom policy. Windows includes several example policies that you can use. These example policies are provided "as-is". You should thoroughly test the policies you deploy using safe deployment methods. -| **Example Base Policy** | **Description** | **Where it can be found** | +| Example Base Policy | Description | Where it can be found | |-------------------------|---------------------------------------------------------------|--------| | **DefaultWindows_\*.xml** | This example policy is available in both audit and enforced mode. It includes rules to allow Windows, third-party hardware and software kernel drivers, and Windows Store apps. Used as the basis for the [Microsoft Intune product family](https://www.microsoft.com/security/business/endpoint-management/microsoft-intune) policies. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_\*.xml
          %ProgramFiles%\WindowsApps\Microsoft.App Control.WDACWizard*\DefaultWindows_Audit.xml | | **AllowMicrosoft.xml** | This example policy includes the rules from DefaultWindows and adds rules to trust apps signed by the Microsoft product root certificate. | %OSDrive%\Windows\schemas\CodeIntegrity\ExamplePolicies\AllowMicrosoft.xml
          %ProgramFiles%\WindowsApps\Microsoft.App Control.WDACWizard*\AllowMicrosoft.xml | diff --git a/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md b/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md index b1a415cde3..f62b037cb4 100644 --- a/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/operations/inbox-appcontrol-policies.md @@ -15,7 +15,7 @@ This article describes the App Control for Business policies that ship inbox wit ## Inbox App Control Policies -| **Policy Name** | **Policy ID** | **Policy Type** | **Description** | +| Policy Name | Policy ID | Policy Type | Description | |-----------|-----------|-----------|-----------| | **Microsoft Windows Driver Policy** | {d2bda982-ccf6-4344-ac5b-0b44427b6816} | Kernel-only Base policy | This policy blocks known [vulnerable or malicious kernel drivers](../design/microsoft-recommended-driver-block-rules.md). It's active by default on Windows 11 22H2, [Windows in S mode](https://support.microsoft.com/windows/windows-10-and-windows-11-in-s-mode-faq-851057d6-1ee9-b9e5-c30b-93baebeebc85), [Windows 11 SE](/education/windows/windows-11-se-overview), and anywhere [memory integrity](https://support.microsoft.com/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78) (also known as hypervisor-protected code integrity (HVCI)) is on. Its policy binary file is found at `%windir%\System32\CodeIntegrity\driversipolicy.p7b` and in the EFI system partition at `\Microsoft\Boot\driversipolicy.p7b`. | | **Windows10S_Lockdown_Policy_Supplementable** | {5951a96a-e0b5-4d3d-8fb8-3e5b61030784} | Base policy | This policy is active on devices running [Windows in S mode](https://support.microsoft.com/windows/windows-10-and-windows-11-in-s-mode-faq-851057d6-1ee9-b9e5-c30b-93baebeebc85). Its policy binary file is found in the EFI system partition at `\Microsoft\Boot\winsipolicy.p7b`. | From 490522101c4d9c95d261958dfa3bbb849e8c01ac Mon Sep 17 00:00:00 2001 From: Gary Moore <5432776+garycentric@users.noreply.github.com> Date: Wed, 25 Sep 2024 13:57:22 -0700 Subject: [PATCH 20/23] Add vertical spacing for more consistent layout --- .../enable-virtualization-based-protection-of-code-integrity.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md index 53dfb74978..22b8f3245f 100644 --- a/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md @@ -54,7 +54,9 @@ Use the **Virtualization Based Technology** > **Hypervisor Enforced Code Integri 1. Navigate to **Computer Configuration** > **Administrative Templates** > **System** > **Device Guard**. 1. Double-click **Turn on Virtualization Based Security**. 1. Select **Enabled** and under **Virtualization Based Protection of Code Integrity**, select **Enabled without UEFI lock**. Only select **Enabled with UEFI lock** if you want to prevent memory integrity from being disabled remotely or by policy update. Once enabled with UEFI lock, you must have access to the UEFI BIOS menu to turn off Secure Boot if you want to turn off memory integrity. + ![Enable memory integrity using Group Policy.](images/enable-hvci-gp.png) + 1. Select **Ok** to close the editor. To apply the new policy on a domain-joined computer, either restart or run `gpupdate /force` in an elevated Command Prompt. From cb9008b79506c7d2c49f72e5e53fc0460f0a5c81 Mon Sep 17 00:00:00 2001 From: David Strome <21028455+dstrome@users.noreply.github.com> Date: Wed, 25 Sep 2024 14:26:03 -0700 Subject: [PATCH 21/23] New Stale workflow --- .github/workflows/Stale.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/Stale.yml diff --git a/.github/workflows/Stale.yml b/.github/workflows/Stale.yml new file mode 100644 index 0000000000..101ee8ba9c --- /dev/null +++ b/.github/workflows/Stale.yml @@ -0,0 +1,19 @@ +name: (Scheduled) Mark stale pull requests + +permissions: + issues: write + pull-requests: write + +on: + schedule: + - cron: "0 */6 * * *" + workflow_dispatch: + +jobs: + stale: + uses: MicrosoftDocs/microsoft-365-docs/.github/workflows/Shared-Stale.yml@workflows-prod + with: + RunDebug: true + RepoVisibility: ${{ github.repository_visibility }} + secrets: + AccessToken: ${{ secrets.GITHUB_TOKEN }} From 94da042ea5617c71b544189d1dd49f8127964bb8 Mon Sep 17 00:00:00 2001 From: Gary Moore <5432776+garycentric@users.noreply.github.com> Date: Wed, 25 Sep 2024 15:01:30 -0700 Subject: [PATCH 22/23] Add automatic image borders --- .../AppIdTagging/design-create-appid-tagging-policies.md | 2 +- .../deployment/deploy-appcontrol-policies-using-group-policy.md | 2 +- .../design/appcontrol-wizard-create-supplemental-policy.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md index 69df945159..363d4b5dd8 100644 --- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md +++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md @@ -25,7 +25,7 @@ You can use the App Control for Business Wizard and the PowerShell commands to c 2. Set the following rule-options using the Wizard toggles: - ![Configuring the policy rule-options.](../images/appid-appcontrol-wizard-2.png) + :::image type="content" alt-text="Configuring the policy rule-options." source="../images/appid-appcontrol-wizard-2.png"::: 3. Create custom rules: diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md index 03cfad7165..5efe8cdcdb 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-appcontrol-policies-using-group-policy.md @@ -33,7 +33,7 @@ To deploy and manage an App Control for Business policy with Group Policy: > [!NOTE] > You can use any OU name. Also, security group filtering is an option when you consider different ways of combining App Control policies (or keeping them separate), as discussed in [Plan for App Control for Business lifecycle policy management](../design/plan-appcontrol-management.md). - ![Group Policy Management, create a GPO.](../images/dg-fig24-creategpo.png) + :::image type="content" alt-text="Group Policy Management, create a GPO." source="../images/dg-fig24-creategpo.png"::: 3. Name the new GPO. You can choose any name. diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md index 5d17f8fd6f..3cd72d3fcd 100644 --- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md +++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-wizard-create-supplemental-policy.md @@ -78,7 +78,7 @@ The Wizard supports the creation of [file name rules](select-types-of-rules-to-c | **Product name** | Specifies the name of the product with which the binary ships. | | **Internal name** | Specifies the internal name of the binary. | -![Custom file attributes rule.](../images/appcontrol-wizard-custom-file-attribute-rule.png) +:::image type="content" alt-text="Custom file attributes rule." source="../images/appcontrol-wizard-custom-file-attribute-rule.png"::: ### File Hash Rules From 9df0253ef6cbf1690fbc4ea6e8f6bff982fee47b Mon Sep 17 00:00:00 2001 From: Gary Moore <5432776+garycentric@users.noreply.github.com> Date: Wed, 25 Sep 2024 15:01:45 -0700 Subject: [PATCH 23/23] Correct indentation in code blocks --- .../deploy-catalog-files-to-support-appcontrol.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md index cf222d2d4a..ff49b5a9fe 100644 --- a/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md +++ b/windows/security/application-security/application-control/app-control-for-business/deployment/deploy-catalog-files-to-support-appcontrol.md @@ -91,15 +91,15 @@ For the code signing certificate that you use to sign the catalog file, import i 1. Initialize the variables to use. Replace the `$ExamplePath` and `$CatFileName` variables as needed: ```powershell - $ExamplePath=$env:userprofile+"\Desktop" - $CatFileName=$ExamplePath+"\LOBApp-Contoso.cat" - ``` + $ExamplePath=$env:userprofile+"\Desktop" + $CatFileName=$ExamplePath+"\LOBApp-Contoso.cat" + ``` 2. Sign the catalog file with Signtool.exe: ```powershell - sign /n "ContosoSigningCert" /fd sha256 /v $CatFileName - ``` + sign /n "ContosoSigningCert" /fd sha256 /v $CatFileName + ``` > [!NOTE] > The `` variable should be the full path to the Signtool.exe utility. `ContosoSigningCert` represents the subject name of the certificate that you use to sign the catalog file. This certificate should be imported to your personal certificate store on the computer on which you are attempting to sign the catalog file.