deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-17 03:13:44 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

update toc, prerelease, meta

Browse Source
This commit is contained in:
Joey Caparas
2021-03-18 13:48:48 -07:00
parent 400eb2fbaa
commit 432dace242
4 changed files with 12 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/TOC.md
View File

@ -254,7 +254,7 @@
##### [Set preferences](microsoft-defender-atp/mac-preferences.md)
##### [Detect and block Potentially Unwanted Applications](microsoft-defender-atp/mac-pua.md)
##### [Device control]()
###### [Overview](microsoft-defender-atp/mac-device-control-overview.md)
###### [Device control overview](microsoft-defender-atp/mac-device-control-overview.md)
###### [JAMF examples](microsoft-defender-atp/mac-device-control-jamf.md)
###### [Intune examples](microsoft-defender-atp/mac-device-control-intune.md)
##### [Schedule scans](microsoft-defender-atp/mac-schedule-scan-atp.md)

7
windows/security/threat-protection/microsoft-defender-atp/mac-device-control-intune.md
View File

@ -1,6 +1,6 @@
---
title: Examples of device control policies for Intune
description: This document contains examples of device control policies that can be used with Intune.
description: Learn how to use device control policies using examples that can be used with Intune.
keywords: microsoft, defender, atp, mac, device, control, usb, removable, media, intune
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -30,10 +30,7 @@ ms.technology: mde
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
> [!IMPORTANT]
> **Device control for macOS is currently in public preview**<br>
> This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
> For more information, see [Microsoft Defender for Endpoint preview features](preview.md).
[!include[Prerelease information](../../includes/prerelease.md)]
This document contains examples of device control policies that you can customize for your own organization. These examples are applicable if you are using Intune to manage devices in your enterprise.

11
windows/security/threat-protection/microsoft-defender-atp/mac-device-control-jamf.md
View File

@ -1,7 +1,7 @@
---
title: Examples of device control policies for JAMF
description: This document contains examples of device control policies that can be used with JAMF.
keywords: microsoft, defender, atp, mac, device, control, usb, removable, media, jamf
description: Learn how to use device control policies using examples that can be used with JAMF.
keywords: microsoft, defender, endpoint, atp, mac, device, control, usb, removable, media, jamf
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: m365-security
@ -30,16 +30,13 @@ ms.technology: mde
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
> [!IMPORTANT]
> **Device control for macOS is currently in public preview**<br>
> This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
> For more information, see [Microsoft Defender for Endpoint preview features](preview.md).
[!include[Prerelease information](../../includes/prerelease.md)]
This document contains examples of device control policies that you can customize for your own organization. These examples are applicable if you are using JAMF to manage devices in your enterprise.
## Restrict access to all removable media
The following example restricts access to all removable media. Note the `none` permission that is applied at the top level of the policy, meaning that all file operations will be disallowed.
The following example restricts access to all removable media. Note the `none` permission that is applied at the top level of the policy, meaning that all file operations will be prohibited.
```xml
<?xml version="1.0" encoding="UTF-8"?>

13
windows/security/threat-protection/microsoft-defender-atp/mac-device-control-overview.md
View File

@ -1,6 +1,6 @@
---
title: How to control USB devices and other removable media on macOS
description: You can configure Microsoft Defender for Endpoint for Mac to reduce threats from removable storage such as USB devices.
title: Device control for macOS
description: Learn how to configure Microsoft Defender for Endpoint for Mac to reduce threats from removable storage such as USB devices.
keywords: microsoft, defender, atp, mac, device, control, usb, removable, media
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -30,10 +30,7 @@ ms.technology: mde
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
> [!IMPORTANT]
> **Device control for macOS is currently in public preview**<br>
> This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
> For more information, see [Microsoft Defender for Endpoint preview features](preview.md).
[!include[Prerelease information](../../includes/prerelease.md)]
## Requirements
@ -45,7 +42,7 @@ Device control for macOS has the following prerequisites:
> - Minimum product version: 101.24.59
> - Your device must be running with system extensions (this is the default on macOS 11 Big Sur).
>
> You can check if your device is running on system extensions, run the following command and verify that it is printing `endpoint_security_extension` to the console:
> You can check if your device is running on system extensions by running the following command and verify that it is printing `endpoint_security_extension` to the console:
>
> ```bash
> mdatp health --field real_time_protection_subsystem
@ -132,7 +129,7 @@ This section of the policy is hierarchical, allowing for maximum flexibility and
For information on how to find the device identifiers, see [Look up device identifiers](#look-up-device-identifiers).
The policy is evaluated from the most specific entry to the most general one. In other words, when a device is plugged in, the product tries to find the most specific match in the policy for each removable media device and apply the permissions at that level. If there is no match, then the next best match is applied, all the way to the permission specified at the top level, which is the default when a device does not match any other entry in the policy.
The policy is evaluated from the most specific entry to the most general one. Meaning, when a device is plugged in, the product tries to find the most specific match in the policy for each removable media device and apply the permissions at that level. If there is no match, then the next best match is applied, all the way to the permission specified at the top level, which is the default when a device does not match any other entry in the policy.
#### Policy enforcement level