diff --git a/windows/keep-secure/WDAV-working/configure-block-at-first-sight-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/configure-block-at-first-sight-windows-defender-antivirus.md index 4ccdc0e33e..f8fd24ed27 100644 --- a/windows/keep-secure/WDAV-working/configure-block-at-first-sight-windows-defender-antivirus.md +++ b/windows/keep-secure/WDAV-working/configure-block-at-first-sight-windows-defender-antivirus.md @@ -37,7 +37,7 @@ It is enabled by default when certain pre-requisite settings are also enabled. I When a Windows Defender client encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend will apply heuristics, machine learning, and automated analysis of the file to determine the files as malicious or clean. The following video describes how this feature works. +src="https://videoplayercdn.osi.office.net/embed/c2f20f59-ca56-4a7b-ba23-44c60bc62c59" width="768" height="432" allowFullScreen="true" frameBorder="0" scrolling="no"> > [!NOTE] > The Block at first sight feature only use the cloud protection backend for executable files that are downloaded from the Internet, or originating from the Internet zone. A hash value of the EXE file is checked via the cloud backend to determine if this is a previously undetected file. diff --git a/windows/keep-secure/WDAV-working/utilize-microsoft-cloud-protection-windows-defender-antivirus.md b/windows/keep-secure/WDAV-working/utilize-microsoft-cloud-protection-windows-defender-antivirus.md index 8ff3ec18da..06efe5ba32 100644 --- a/windows/keep-secure/WDAV-working/utilize-microsoft-cloud-protection-windows-defender-antivirus.md +++ b/windows/keep-secure/WDAV-working/utilize-microsoft-cloud-protection-windows-defender-antivirus.md @@ -37,7 +37,7 @@ The following table describes the differences in cloud-based protection between Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) | Windows 10, version 1703 (Group Policy) | Configuration manager 2012 | Configuration manager (current branch) | Microsoft Intune ---|---|---|---|---| Cloud-protection service label | Microsoft Advanced Protection Service | Microsoft Advanced Protection Service | Cloud-based Protection | NA | Cloud protection service | Microsoft Advanced Protection Service -Reporting level (MAPS membership level) | Basic, Advanced | Advanced | Advanced | Dependent on Windows version +Reporting level (MAPS membership level) | Basic, Advanced | Advanced | Advanced | Dependent on Windows version | Dependent on Windows version | Dependent on Windows version Block at first sight availability | No | Yes | Yes | Not configurable | Configurable | No Cloud block timeout period | No | No | Configurable | Not configurable | Configurable | No @@ -47,7 +47,7 @@ Cloud block timeout period | No | No | Configurable | Not configurable | Configu ---|--- [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) | You can enable cloud-delivered protection with System Center Configuration Manager, Group Policy, Microsoft Intune, and PowerShell cmdlets. [Specify the cloud-delivered protection level](specify-cloud-protection-level-windows-defender-antivirus.md) | You can specify the level of protection offered by the cloud with Group Policy and System Center Configuration Manager. The protection level will affect the amount of information shared with the cloud and how aggressively new files are blocked. -[Configure and validate network connections for Windows Defender Antivirus](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | There are certain Microsoft URLs that your network and endpoints must be able to connect to for cloud-delivered protection to work effectively. This topic lists the URLs that should be allowed via firewall or network filtering rules, and instructions for confirming your network is properly enrolled in cloud-delivered protection. +[Configure and validate network connections for Windows Defender Antivirus](configure-network-connections-windows-defender-antivirus.md) | There are certain Microsoft URLs that your network and endpoints must be able to connect to for cloud-delivered protection to work effectively. This topic lists the URLs that should be allowed via firewall or network filtering rules, and instructions for confirming your network is properly enrolled in cloud-delivered protection. [Configure the Block at First Sight feature](configure-block-at-first-sight-windows-defender-antivirus.md) | The Block at First Sight feature can block new malware within seconds, without having to wait hours for a traditional signature. You can enable and configure it with System Center Configuration Manager and Group Policy. [Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | Windows Defender Antivirus can block suspicious files from running while it queries our cloud-based protection service. You can configure the amount of time the file will be prevented from running with System Center Configuration Manager and Group Policy.