deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Updated as per feedback

Browse Source
This commit is contained in:
Alekhya Jupudi 2022-08-26 13:06:31 +05:30
parent df301bc42c
commit 3bd611c472
2 changed files with 177 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
windows/client-management/mdm/policy-configuration-service-provider.md
View File

@ -9172,6 +9172,15 @@ dfsdiscoverdc">ADMX_DFS/DFSDiscoverDC</a>
<dd> <dd>
<a href="./policy-csp-webthreatdefense.md#webthreatdefense-enableservice" id="webthreatdefense-enableservice">WebThreatDefense/EnableService</a> <a href="./policy-csp-webthreatdefense.md#webthreatdefense-enableservice" id="webthreatdefense-enableservice">WebThreatDefense/EnableService</a>
</dd> </dd>
<dd>
<a href="./policy-csp-webthreatdefense.md#webthreatdefense-notifymalicious" id="webthreatdefense-notifymalicious">WebThreatDefense/NotifyMalicious</a>
</dd>
<dd>
<a href="./policy-csp-webthreatdefense.md#webthreatdefense-notifypasswordreuse" id="webthreatdefense-notifypasswordreuse">WebThreatDefense/NotifyPasswordReuse</a>
</dd>
<dd>
<a href="./policy-csp-webthreatdefense.md#webthreatdefense-notifyunsafeapp" id="webthreatdefense-notifyunsafeapp">WebThreatDefense/NotifyUnsafeApp</a>
</dd>
</dl> </dl>
### Wifi policies ### Wifi policies

180
windows/client-management/mdm/policy-csp-webthreatdefense.md
View File

@ -24,10 +24,19 @@ manager: aaroncz
<dd> <dd>
<a href="#webthreatdefense-enableservice">WebThreatDefense/EnableService</a> <a href="#webthreatdefense-enableservice">WebThreatDefense/EnableService</a>
</dd> </dd>
<dd>
<a href="#webthreatdefense-notifymalicious">WebThreatDefense/NotifyMalicious</a>
</dd>
<dd>
<a href="#webthreatdefense-notifypasswordreuse">WebThreatDefense/NotifyPasswordReuse</a>
</dd>
<dd>
<a href="#webthreatdefense-notifyunsafeapp">WebThreatDefense/NotifyUnsafeApp</a>
</dd>
</dl> </dl>
>[!NOTE] >[!NOTE]
>In Intune, this CSP is under the “Enhanced Phishing Protection” category. >In Microsoft Intune, this CSP is under the “Enhanced Phishing Protection” category.
<!--Policy--> <!--Policy-->
<a href="" id="webthreatdefense-enableservice"></a>**WebThreatDefense/EnableService** <a href="" id="webthreatdefense-enableservice"></a>**WebThreatDefense/EnableService**
@ -36,12 +45,12 @@ manager: aaroncz
|Edition|Windows 10|Windows 11| |Edition|Windows 10|Windows 11|
|--- |--- |--- | |--- |--- |--- |
|Home|Yes|Yes| |Home|No|Yes|
|Pro|Yes|Yes| |Pro|No|Yes|
|Windows SE|Yes|Yes| |Windows SE|No|Yes|
|Business|Yes|Yes| |Business|No|Yes|
|Enterprise|Yes|Yes| |Enterprise|No|Yes|
|Education|Yes|Yes| |Education|No|Yes|
<!--/SupportedSKUs--> <!--/SupportedSKUs-->
<hr/> <hr/>
@ -57,22 +66,167 @@ manager: aaroncz
<!--/Scope--> <!--/Scope-->
<!--Description--> <!--Description-->
This policy protects user's password from being stolen or used unsafely in apps and web-sites. By enabling this feature, one can control "Phishing protection" on user machine: This policy setting determines whether Enhanced Phishing Protection is in audit mode or off. Users do not see any notifications for any protection scenarios when Enhanced Phishing Protection is in audit mode. When in audit mode Enhanced Phishing Protection captures unsafe password entry events and sends telemetry through Microsoft Defender.
- Enterprise admins to turn off the feature for all users. If you enable this policy setting or dont configure this setting, Enhanced Phishing Protection is enabled in audit mode and your users are unable to turn it off.
- Enterprise admins to turn on the feature for all users.
- Enterprise admins to have Phishing Sensors show UX to end-users for password entry on malicious content (first checkbox). If you disable this policy setting, Enhanced Phishing Protection is off. When off, Enhanced Phishing Protection does not capture events, send telemetry, or notify users. Additionally, your users are unable to turn it on.
- Enterprise admins to have Phishing Sensors show UX to end-users for password entry on malicious content AND unsafe password entry (first and second checkbox checked) - this is default for enterprise admins when the feature is on.
<!--/Description--> <!--/Description-->
<!--ADMXMapped--> <!--ADMXMapped-->
ADMX Info: ADMX Info:
- GP Friendly name: *Configure Web Threat Defense* - GP Friendly name: *Configure Web Threat Defense*
- GP name: *EnableWebThreatDefenseService* - GP name: *EnableWebThreatDefenseService*
- GP path: *Windows Security\App & bowser control\Reputation-based protection\Phishing protections* - GP path: *Windows Security\App & browser control\Reputation-based protection\Phishing protections*
- GP ADMX file name: *WebThreatDefense.admx* - GP ADMX file name: *WebThreatDefense.admx*
<!--/ADMXMapped--> <!--/ADMXMapped-->
<!--SupportedValues-->
The following list shows the supported values:
- 0:Turns off Enhanced Phishing Protection.
- 1:Turns on Enhanced Phishing Protection in audit mode, which captures work or school password entry events and sends telemetry but does not show any notifications to your users.
<!--/SupportedValues-->
<!--/Policy--> <!--/Policy-->
<hr/> <hr/>
<!--Policy-->
<a href="" id="webthreatdefense-notifymalicious"></a>**WebThreatDefense/NotifyMalicious**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|Yes|
|Pro|No|Yes|
|Windows SE|No|Yes|
|Business|No|Yes|
|Enterprise|No|Yes|
|Education|No|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school password into one of the following malicious scenarios: into a reported phishing site, into a login URL with an invalid certificate, or into an application connecting to either a reported phishing site or a login URL with an invalid certificate.
If you enable this policy setting, Enhanced Phishing Protection warns your users if they type their work or school password into one of the malicious scenarios described above and encourages them to change their password.
If you disable or dont configure this policy setting, Enhanced Phishing Protection will not warn your users if they type their work or school password into one of the malicious scenarios described above.
<!--/Description-->
<!--SupportedValues-->
The following list shows the supported values:
- 0:Turns off Enhanced Phishing Protection notifications when users type their work or school password into one of the following malicious scenarios: a reported phishing site, a login URL with an invalid certificate, or into an application connecting to either a reported phishing site or a login URL with an invalid certificate.
- 1:Turns on Enhanced Phishing Protection notifications when users type their work or school password into one of the previously described malicious scenarios and encourages them to change their password.
<!--/SupportedValues-->
<!--/Policy-->
<hr/>
<!--Policy-->
<a href="" id="webthreatdefense-notifypasswordreuse"></a>**WebThreatDefense/NotifyPasswordReuse**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|Yes|
|Pro|No|Yes|
|Windows SE|No|Yes|
|Business|No|Yes|
|Enterprise|No|Yes|
|Education|No|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
This policy setting determines whether Enhanced Phishing Protection warns your users if they reuse their work or school password.
If you enable this policy setting, Enhanced Phishing Protection warns users if they reuse their work or school password and encourages them to change it.
If you disable or dont configure this policy setting, Enhanced Phishing Protection will not warn users if they reuse their work or school password.
<!--/Description-->
<!--SupportedValues-->
The following list shows the supported values:
- 0:Turns off Enhanced Phishing Protection notifications when users reuse their work or school password.
- 1:Turns on Enhanced Phishing Protection notifications when users reuse their work or school password and encourages them to change their password.
<!--/SupportedValues-->
<!--/Policy-->
<hr/>
<!--Policy-->
<a href="" id="webthreatdefense-notifyunsafeapp"></a>**WebThreatDefense/NotifyUnsafeApp**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|Yes|
|Pro|No|Yes|
|Windows SE|No|Yes|
|Business|No|Yes|
|Enterprise|No|Yes|
|Education|No|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school passwords in text editor apps like OneNote, Word, Notepad, etc.
If you enable this policy setting, Enhanced Phishing Protection warns your users if they store their password in text editor apps.
If you disable or dont configure this policy setting, Enhanced Phishing Protection will not warn users if they store their password in text editor apps.
<!--/Description-->
<!--SupportedValues-->
The following list shows the supported values:
- 0:Turns off Enhanced Phishing Protection notifications when users type their work or school passwords in text editor apps like OneNote, Word, Notepad, etc.
- 1:Turns on Enhanced Phishing Protection notifications when users type their work or school passwords in text editor apps.
<!--/SupportedValues-->
<!--/Policy-->
<hr/>
## Related topics
[Policy configuration service provider](policy-configuration-service-provider.md)