mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-15 18:33:43 +00:00
This commit is contained in:
Dani Halfin
@ -34,10 +34,10 @@ For Windows 10 deployment, Microsoft 365 includes a fantastic deployment advisor
|
||||
|
||||
You can check out the Microsoft 365 deployment advisor and other resources for free! Just follow the steps below.
|
||||
|
||||
1. Obtain a free EMS 90-day trial by visiting the following link. Provide your email address and answer a few simple questions.
|
||||
|
||||
[Free Trial - Enterprise Mobility + Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security-trial)
|
||||
>[!NOTE]
|
||||
>If you have not run a setup guide before, you will see the **Prepare your environment** guide first. This is to make sure you have basics covered like domain verification and a method for adding users. At the end of the "Prepare your environment" guide, there will be a **Ready to continue** button that sends you to the original guide that was selected.
|
||||
|
||||
1. [Obtain a free M365 trial](https://docs.microsoft.com/office365/admin/try-or-buy-microsoft-365).
|
||||
2. Check out the [Microsoft 365 deployment advisor](https://portal.office.com/onboarding/Microsoft365DeploymentAdvisor#/).
|
||||
3. Also check out the [Windows Analytics deployment advisor](https://portal.office.com/onboarding/WindowsAnalyticsDeploymentAdvisor#/). This advisor will walk you through deploying [Upgrade Readiness](https://docs.microsoft.com/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness), [Update Compliance](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor), and [Device Health](https://docs.microsoft.com/windows/deployment/update/device-health-monitor).
|
||||
|
||||
|
||||
|
Before Width: | Height: | Size: 242 KiB After Width: | Height: | Size: 242 KiB |
BIN
windows/deployment/images/wada.png
Normal file
BIN
windows/deployment/images/wada.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 223 KiB |
@ -57,7 +57,9 @@ On the top navigation you can:
|
||||
|
||||
|
||||
>[!NOTE]
|
||||
>Blocking IPs, domains, or URLs is currently available on limited preview only. This requires sending your custom list to [network protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection) to be enforeced. While the option is not yet generally available, it will only be used when identified during an investigation.
|
||||
>Blocking IPs, domains, or URLs is currently available on limited preview only.
|
||||
>This requires sending your custom list to [network protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection) to be enforced which is an option that will be generally available soon.
|
||||
>As it is not yet generally available, when Automated investigations finds this indicator during an investigation it will use the allowed/block list as the basis of its decision to automatically remediate (blocked list) or skip (allowed list) the entity.
|
||||
|
||||
|
||||
## Manage indicators
|
||||
|
||||
@ -15,7 +15,6 @@ manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: article
|
||||
ms.date: 04/24/2018
|
||||
---
|
||||
|
||||
# Take response actions on a file
|
||||
@ -109,13 +108,17 @@ You can roll back and remove a file from quarantine if you’ve determined that
|
||||
You can prevent further propagation of an attack in your organization by banning potentially malicious files or suspected malware. If you know a potentially malicious portable executable (PE) file, you can block it. This operation will prevent it from being read, written, or executed on machines in your organization.
|
||||
|
||||
>[!IMPORTANT]
|
||||
>- This feature is available if your organization uses Windows Defender Antivirus and Cloud–based protection is enabled. For more information, see [Manage cloud–based protection](../windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md). </br></br>
|
||||
>- This feature is available if your organization uses Windows Defender Antivirus and Cloud–based protection is enabled. For more information, see [Manage cloud–based protection](../windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md).
|
||||
>- The Antimalware client version must be 4.18.1901.x or later.
|
||||
>- This feature is designed to prevent suspected malware (or potentially malicious files) from being downloaded from the web. It currently supports portable executable (PE) files, including _.exe_ and _.dll_ files. The coverage will be extended over time.
|
||||
>- This response action is available for machines on Windows 10, version 1703 or later.
|
||||
>- The allow or block function cannot be done on files if the file's classification exists on the device's cache prior to the allow or block action.
|
||||
|
||||
|
||||
|
||||
>[!NOTE]
|
||||
> The PE file needs to be in the machine timeline for you to be able to take this action.
|
||||
|
||||
>- There may be a couple of minutes of latency between the time the action is taken and the actual file being blocked.
|
||||
|
||||
### Enable the block file feature
|
||||
Before you can block files, you'll need to enable the feature.
|
||||
@ -149,6 +152,9 @@ Before you can block files, you'll need to enable the feature.
|
||||
|
||||
When the file is blocked, there will be a new event in the machine timeline.</br>
|
||||
|
||||
>[!NOTE]
|
||||
>-If a file was scanned before the action was taken, it may take longer to be effective on the device.
|
||||
|
||||
**Notification on machine user**:</br>
|
||||
When a file is being blocked on the machine, the following notification is displayed to inform the user that the file was blocked:
|
||||
|
||||
|
||||
Reference in New Issue
Block a user