mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-15 14:57:23 +00:00
Merge branch 'repo_sync_working_branch'
This commit is contained in:
Gary Moore
commit
439566ee26
@ -26,6 +26,7 @@ System SKU is a variable (along with System Model and others) stored in System M
|
||||
| Surface Book 2 15inch | Surface Book 2 | Surface_Book_1793 |
|
||||
| Surface Go Consumer | Surface Go | Surface_Go_1824_Consumer |
|
||||
| Surface Go Commercial | Surface Go | Surface_Go_1824_Commercial |
|
||||
| Surface Go 2 | Surface Go 2 | Surface_Go_2_1927 |
|
||||
| Surface Pro 6 Consumer | Surface Pro 6 | Surface_Pro_6_1796_Consumer |
|
||||
| Surface Pro 6 Commercial | Surface Pro 6 | Surface_Pro_6_1796_Commercial |
|
||||
| Surface Laptop 2 Consumer | Surface Laptop 2 | Surface_Laptop_2_1769_Consumer |
|
||||
|
||||
@ -39,9 +39,11 @@ SetupDiag works by examining Windows Setup log files. It attempts to parse these
|
||||
|
||||
With the release of Windows 10, version 2004, SetupDiag is included with Windows Setup.
|
||||
|
||||
During the upgrade process, Windows Setup will extract all its sources files to the **%SystemDrive%$Windows.~bt\Sources** directory. With Windows 10, version 2004 and later, SetupDiag.exe is also installed to this directory. If there is an issue with the upgrade, SetupDiag will automatically run to determine the cause of the failure.
|
||||
During the upgrade process, Windows Setup will extract all its sources files to the **%SystemDrive%$Windows.~bt\Sources** directory. With Windows 10, version 2004 and later, **setupdiag.exe** is also installed to this directory. If there is an issue with the upgrade, SetupDiag will automatically run to determine the cause of the failure.
|
||||
|
||||
If the upgrade process proceeds normally, this directory is moved under **%SystemDrive%\Windows.Old** for cleanup. If this directory is deleted, SetupDiag.exe will also be removed.
|
||||
When run by Windows Setup, results of the SetupDiag analysis can be found at **%WinDir%\Logs\SetupDiag\SetupDiagResults.xml** and in the registry under **HKLM\Setup\SetupDiag\Results**.
|
||||
|
||||
If the upgrade process proceeds normally, the **Sources** directory including **setupdiag.exe** is moved under **%SystemDrive%\Windows.Old** for cleanup. If the **Windows.old** directory is deleted later, **setupdiag.exe** will also be removed.
|
||||
|
||||
## Using SetupDiag
|
||||
|
||||
|
||||
@ -150,7 +150,7 @@ Domain controllers automatically request a certificate from the domain controlle
|
||||
7. Expand **Windows Settings**, **Security Settings**, and click **Public Key Policies**.
|
||||
8. In the details pane, right-click **Certificate Services Client – Auto-Enrollment** and select **Properties**.
|
||||
9. Select **Enabled** from the **Configuration Model** list.
|
||||
10. Select the **Renew expired certificates**, **update pending certificates**, and **remove revoked certificates** check box.
|
||||
10. Select the **Renew expired certificates, update pending certificates, and remove revoked certificates** check box.
|
||||
11. Select the **Update certificates that use certificate templates** check box.
|
||||
12. Click **OK**. Close the **Group Policy Management Editor**.
|
||||
|
||||
|
||||
@ -1882,7 +1882,7 @@ This policy controls how BitLocker-enabled system volumes are handled in conjunc
|
||||
Secure Boot ensures that the computer's preboot environment loads only firmware that is digitally signed by authorized software publishers. Secure Boot also provides more flexibility for managing preboot configurations than BitLocker integrity checks prior to Windows Server 2012 and Windows 8.
|
||||
When this policy is enabled and the hardware is capable of using Secure Boot for BitLocker scenarios, the **Use enhanced Boot Configuration Data validation profile** Group Policy setting is ignored, and Secure Boot verifies BCD settings according to the Secure Boot policy setting, which is configured separately from BitLocker.
|
||||
|
||||
>**Warning:** Enabling this policy might result in BitLocker recovery when manufacturer-specific firmware is updated. If you disable this policy, suspend BitLocker prior to applying firmware updates.
|
||||
>**Warning:** Disabling this policy might result in BitLocker recovery when manufacturer-specific firmware is updated. If you disable this policy, suspend BitLocker prior to applying firmware updates.
|
||||
|
||||
### <a href="" id="bkmk-depopt1"></a>Provide the unique identifiers for your organization
|
||||
|
||||
|
||||
@ -111,7 +111,7 @@ For example:
|
||||
If you want to prevent the installation of a device class or certain devices, you can use the prevent device installation policies:
|
||||
|
||||
1. Enable **Prevent installation of devices that match any of these device IDs**.
|
||||
2. Enable **Prevent installation of devices that match these device setup classes**.
|
||||
2. Enable **Prevent installation of devices using drivers that match these device setup classes**.
|
||||
|
||||
> [!Note]
|
||||
> The prevent device installation policies take precedence over the allow device installation policies.
|
||||
@ -145,6 +145,14 @@ Get-WMIObject -Class Win32_DiskDrive |
|
||||
Select-Object -Property *
|
||||
```
|
||||
|
||||
The **Prevent installation of devices using drivers that match these device setup classes** policy allows you to specify device setup classes that Windows is prevented from installing.
|
||||
|
||||
To prevent installation of particular classes of devices:
|
||||
|
||||
1. Find the GUID of the device setup class from [System-Defined Device Setup Classes Available to Vendors](https://docs.microsoft.com/windows-hardware/drivers/install/system-defined-device-setup-classes-available-to-vendors).
|
||||
2. Enable **Prevent installation of devices using drivers that match these device setup classes** and add the class GUID to the list.
|
||||
|
||||
|
||||
### Block installation and usage of removable storage
|
||||
|
||||
1. Sign in to the [Microsoft Azure portal](https://portal.azure.com/).
|
||||
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 64 KiB |
@ -26,7 +26,7 @@ ms.topic: article
|
||||
## API description
|
||||
Retrieves a collection of Alerts.
|
||||
<br>Supports [OData V4 queries](https://www.odata.org/documentation/).
|
||||
<br>The OData's ```$filter``` query is supported on: ```alertCreationTime```, ```incidentId```, ```InvestigationId```, ```status```, ```severity``` and ```category``` properties.
|
||||
<br>The OData's ```$filter``` query is supported on: ```alertCreationTime```, ```lastUpdateTime```, ```incidentId```,```InvestigationId```, ```status```, ```severity``` and ```category``` properties.
|
||||
<br>See examples at [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)
|
||||
|
||||
|
||||
|
||||
@ -53,7 +53,13 @@ The risk level reflects the overall risk assessment of the machine based on a co
|
||||
|
||||
### Exposure level
|
||||
|
||||
The exposure level reflects the current exposure of the machine based on the cumulative impact of its pending security recommendations.
|
||||
The exposure level reflects the current exposure of the machine based on the cumulative impact of its pending security recommendations. The possible levels are low, medium, and high. Low exposure means your machines are less vulnerable from exploitation.
|
||||
|
||||
If the exposure level says "No data available," there are a few reasons why this may be the case:
|
||||
|
||||
- Device stopped reporting for more than 30 days – in that case it is considered inactive, and the exposure isn't computed
|
||||
- Device OS not supported - see [minimum requirements for Microsoft Defender ATP](minimum-requirements.md)
|
||||
- Device with stale agent (very unlikely)
|
||||
|
||||
### OS Platform
|
||||
|
||||
|
||||
@ -20,18 +20,18 @@ ms.date: 04/19/2017
|
||||
# Minimum password length
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Minimum password length** security policy setting.
|
||||
|
||||
## Reference
|
||||
|
||||
The **Minimum password length** policy setting determines the least number of characters that can make up a password for a user account. You can set a value of between 1 and 14 characters, or you can establish that no password is required by setting the number of characters to 0.
|
||||
The **Minimum password length** policy setting determines the least number of characters that can make up a password for a user account. You can set a value of between 1 and 20 characters, or you can establish that no password is required by setting the number of characters to 0.
|
||||
|
||||
### Possible values
|
||||
|
||||
- User-specified number of characters between 0 and 14
|
||||
- Not defined
|
||||
- User-specified number of characters between 0 and 20
|
||||
- Not defined
|
||||
|
||||
### Best practices
|
||||
|
||||
@ -51,13 +51,13 @@ The following table lists the actual and effective default policy values. Defaul
|
||||
|
||||
| Server type or Group Policy Object (GPO) | Default value |
|
||||
| - | - |
|
||||
| Default domain policy| 7 characters|
|
||||
| Default domain controller policy | Not defined|
|
||||
| Stand-alone server default settings | 0 characters|
|
||||
| Domain controller effective default settings | 7 characters|
|
||||
| Member server effective default settings | 7 characters|
|
||||
| Effective GPO default settings on client computers | 0 characters|
|
||||
|
||||
| Default domain policy| 7 characters|
|
||||
| Default domain controller policy | Not defined|
|
||||
| Stand-alone server default settings | 0 characters|
|
||||
| Domain controller effective default settings | 7 characters|
|
||||
| Member server effective default settings | 7 characters|
|
||||
| Effective GPO default settings on client computers | 0 characters|
|
||||
|
||||
## Policy management
|
||||
|
||||
This section describes features, tools, and guidance to help you manage this policy.
|
||||
@ -80,8 +80,9 @@ Configure the **** policy setting to a value of 8 or more. If the number of char
|
||||
|
||||
In most environments, we recommend an eight-character password because it is long enough to provide adequate security, but not too difficult for users to easily remember. This configuration provides adequate defense against a brute force attack. Using the [Password must meet complexity requirements](password-must-meet-complexity-requirements.md) policy setting in addition to the **Minimum password length** setting helps reduce the possibility of a dictionary attack.
|
||||
|
||||
>**Note:** Some jurisdictions have established legal requirements for password length as part of establishing security regulations.
|
||||
|
||||
> [!NOTE]
|
||||
> Some jurisdictions have established legal requirements for password length as part of establishing security regulations.
|
||||
|
||||
### Potential impact
|
||||
|
||||
Requirements for extremely long passwords can actually decrease the security of an organization because users might leave the information in an unsecured location or lose it. If very long passwords are required, mistyped passwords could cause account lockouts and increase the volume of Help Desk calls. If your organization has issues with forgotten passwords due to password length requirements, consider teaching your users about passphrases, which are often easier to remember and, due to the larger number of character combinations, much harder to discover.
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Configure the Group Policy settings for Windows Defender Application Guard (Windows 10)
|
||||
description: Learn about the available Group Policy settings for Windows Defender Application Guard.
|
||||
title: Configure the Group Policy settings for Microsoft Defender Application Guard (Windows 10)
|
||||
description: Learn about the available Group Policy settings for Microsoft Defender Application Guard.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
@ -14,12 +14,12 @@ manager: dansimp
|
||||
ms.custom: asr
|
||||
---
|
||||
|
||||
# Configure Windows Defender Application Guard policy settings
|
||||
# Configure Microsoft Defender Application Guard policy settings
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
|
||||
Windows Defender Application Guard (Application Guard) works with Group Policy to help you manage your organization's computer settings. By using Group Policy, you can configure a setting once, and then copy it onto many computers. For example, you can set up multiple security settings in a GPO, which is linked to a domain, and then apply all those settings to every computer in the domain.
|
||||
Microsoft Defender Application Guard (Application Guard) works with Group Policy to help you manage your organization's computer settings. By using Group Policy, you can configure a setting once, and then copy it onto many computers. For example, you can set up multiple security settings in a GPO, which is linked to a domain, and then apply all those settings to every computer in the domain.
|
||||
|
||||
Application Guard uses both network isolation and application-specific settings.
|
||||
|
||||
@ -36,7 +36,7 @@ These settings, located at **Computer Configuration\Administrative Templates\Net
|
||||
|-----------|------------------|-----------|
|
||||
|Private network ranges for apps|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.|
|
||||
|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.|
|
||||
|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.|
|
||||
|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment. Proxies should be added to this list. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.|
|
||||
|
||||
## Network isolation settings wildcards
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: FAQ - Windows Defender Application Guard (Windows 10)
|
||||
description: Learn about the commonly asked questions and answers for Windows Defender Application Guard.
|
||||
title: FAQ - Microsoft Defender Application Guard (Windows 10)
|
||||
description: Learn about the commonly asked questions and answers for Microsoft Defender Application Guard.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
@ -8,17 +8,17 @@ ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: denisebmsft
|
||||
ms.author: deniseb
|
||||
ms.date: 12/04/2019
|
||||
ms.date: 06/02/2020
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
ms.custom: asr
|
||||
---
|
||||
|
||||
# Frequently asked questions - Windows Defender Application Guard
|
||||
# Frequently asked questions - Microsoft Defender Application Guard
|
||||
|
||||
**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
|
||||
Answering frequently asked questions about Windows Defender Application Guard (Application Guard) features, integration with the Windows operating system, and general configuration.
|
||||
Answering frequently asked questions about Microsoft Defender Application Guard (Application Guard) features, integration with the Windows operating system, and general configuration.
|
||||
|
||||
## Frequently Asked Questions
|
||||
|
||||
@ -83,7 +83,7 @@ To trust a subdomain, you must precede your domain with two dots, for example: `
|
||||
|
||||
### Are there differences between using Application Guard on Windows Pro vs Windows Enterprise?
|
||||
|
||||
When using Windows Pro or Windows Enterprise, you will have access to using Application Guard's Standalone Mode. However, when using Enterprise you will have access to Application Guard's Enterprise-Managed Mode. This mode has some extra features that the Standalone Mode does not. For more information, see [Prepare to install Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard).
|
||||
When using Windows Pro or Windows Enterprise, you have access to using Application Guard's Standalone Mode. However, when using Windows Enterprise, you have access to Application Guard's Enterprise-Managed Mode. This mode has some extra features that the Standalone Mode does not. For more information, see [Prepare to install Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard).
|
||||
|
||||
### Is there a size limit to the domain lists that I need to configure?
|
||||
|
||||
@ -91,4 +91,8 @@ Yes, both the Enterprise Resource domains hosted in the cloud and the Domains ca
|
||||
|
||||
### Why does my encryption driver break Windows Defender Application Guard?
|
||||
|
||||
Windows Defender Application Guard accesses files from a VHD mounted on the host that needs to be written during setup. If an encryption driver prevents a VHD from being mounted or from being written to, WDAG will not work and result in an error message ("0x80070013 ERROR_WRITE_PROTECT").
|
||||
Windows Defender Application Guard accesses files from a VHD mounted on the host that needs to be written during setup. If an encryption driver prevents a VHD from being mounted or from being written to, WDAG will not work and result in an error message (`0x80070013 ERROR_WRITE_PROTECT`).
|
||||
|
||||
### Why did Application Guard stop working after I turned off hyperthreading?
|
||||
|
||||
If hyperthreading is disabled (because of an update applied through a KB article or through BIOS settings), there is a possibility Application Guard no longer meets the minimum requirements.
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Enable hardware-based isolation for Microsoft Edge (Windows 10)
|
||||
description: Learn about the Windows Defender Application Guard modes (Standalone or Enterprise-managed) and how to install Application Guard in your enterprise.
|
||||
description: Learn about the Microsoft Defender Application Guard modes (Standalone or Enterprise-managed) and how to install Application Guard in your enterprise.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
@ -14,19 +14,19 @@ manager: dansimp
|
||||
ms.custom: asr
|
||||
---
|
||||
|
||||
# Prepare to install Windows Defender Application Guard
|
||||
# Prepare to install Microsoft Defender Application Guard
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
|
||||
## Review system requirements
|
||||
|
||||
See [System requirements for Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard) to review the hardware and software installation requirements for Windows Defender Application Guard.
|
||||
See [System requirements for Microsoft Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard) to review the hardware and software installation requirements for Windows Defender Application Guard.
|
||||
>[!NOTE]
|
||||
>Windows Defender Application Guard is not supported on VMs and VDI environment. For testing and automation on non-production machines, you may enable WDAG on a VM by enabling Hyper-V nested virtualization on the host.
|
||||
>Microsoft Defender Application Guard is not supported on VMs and VDI environment. For testing and automation on non-production machines, you may enable WDAG on a VM by enabling Hyper-V nested virtualization on the host.
|
||||
|
||||
## Prepare for Windows Defender Application Guard
|
||||
Before you can install and use Windows Defender Application Guard, you must determine which way you intend to use it in your enterprise. You can use Application Guard in either **Standalone** or **Enterprise-managed** mode.
|
||||
## Prepare for Microsoft Defender Application Guard
|
||||
Before you can install and use Microsoft Defender Application Guard, you must determine which way you intend to use it in your enterprise. You can use Application Guard in either **Standalone** or **Enterprise-managed** mode.
|
||||
|
||||
### Standalone mode
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: System requirements for Windows Defender Application Guard (Windows 10)
|
||||
description: Learn about the system requirements for installing and running Windows Defender Application Guard.
|
||||
title: System requirements for Microsoft Defender Application Guard (Windows 10)
|
||||
description: Learn about the system requirements for installing and running Microsoft Defender Application Guard.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
@ -14,17 +14,17 @@ manager: dansimp
|
||||
ms.custom: asr
|
||||
---
|
||||
|
||||
# System requirements for Windows Defender Application Guard
|
||||
# System requirements for Microsoft Defender Application Guard
|
||||
|
||||
**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
|
||||
The threat landscape is continually evolving. While hackers are busy developing new techniques to breach enterprise networks by compromising workstations, phishing schemes remain one of the top ways to lure employees into social engineering attacks. Windows Defender Application Guard is designed to help prevent old, and newly emerging attacks, to help keep employees productive.
|
||||
The threat landscape is continually evolving. While hackers are busy developing new techniques to breach enterprise networks by compromising workstations, phishing schemes remain one of the top ways to lure employees into social engineering attacks. Microsoft Defender Application Guard is designed to help prevent old, and newly emerging attacks, to help keep employees productive.
|
||||
|
||||
>[!NOTE]
|
||||
>Windows Defender Application Guard is not supported on VMs and VDI environment. For testing and automation on non-production machines, you may enable WDAG on a VM by enabling Hyper-V nested virtualization on the host.
|
||||
>Microsoft Defender Application Guard is not supported on VMs and VDI environment. For testing and automation on non-production machines, you may enable WDAG on a VM by enabling Hyper-V nested virtualization on the host.
|
||||
|
||||
## Hardware requirements
|
||||
Your environment needs the following hardware to run Windows Defender Application Guard.
|
||||
Your environment needs the following hardware to run Microsoft Defender Application Guard.
|
||||
|
||||
|Hardware|Description|
|
||||
|--------|-----------|
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Testing scenarios with Windows Defender Application Guard (Windows 10)
|
||||
description: Suggested testing scenarios for Windows Defender Application Guard, showing how it works in both Standalone and Enterprise-managed mode.
|
||||
title: Testing scenarios with Microsoft Defender Application Guard (Windows 10)
|
||||
description: Suggested testing scenarios for Microsoft Defender Application Guard, showing how it works in both Standalone and Enterprise-managed mode.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Windows Defender Application Guard (Windows 10)
|
||||
description: Learn about Windows Defender Application Guard and how it helps to combat malicious content and malware out on the Internet.
|
||||
title: Microsoft Defender Application Guard (Windows 10)
|
||||
description: Learn about Microsoft Defender Application Guard and how it helps to combat malicious content and malware out on the Internet.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
@ -14,11 +14,11 @@ manager: dansimp
|
||||
ms.custom: asr
|
||||
---
|
||||
|
||||
# Windows Defender Application Guard overview
|
||||
# Microsoft Defender Application Guard overview
|
||||
|
||||
**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
|
||||
|
||||
Windows Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete.
|
||||
Microsoft Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete.
|
||||
|
||||
## What is Application Guard and how does it work?
|
||||
|
||||
@ -48,4 +48,4 @@ Application Guard has been created to target several types of systems:
|
||||
|[Prepare and install Windows Defender Application Guard](install-wd-app-guard.md) |Provides instructions about determining which mode to use, either Standalone or Enterprise-managed, and how to install Application Guard in your organization.|
|
||||
|[Configure the Group Policy settings for Windows Defender Application Guard](configure-wd-app-guard.md) |Provides info about the available Group Policy and MDM settings.|
|
||||
|[Testing scenarios using Windows Defender Application Guard in your business or organization](test-scenarios-wd-app-guard.md)|Provides a list of suggested testing scenarios that you can use to test Application Guard in your organization.|
|
||||
|[Frequently asked questions - Windows Defender Application Guard](faq-wd-app-guard.md)|Provides answers to frequently asked questions about Application Guard features, integration with the Windows operating system, and general configuration.|
|
||||
|[Frequently asked questions - Windows Defender Application Guard](faq-wd-app-guard.md)|Provides answers to frequently asked questions about Application Guard features, integration with the Windows operating system, and general configuration.|
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user