deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 06:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merging changes synced from https://github.com/MicrosoftDocs/windows-docs-pr (branch live)

Browse Source
This commit is contained in:
officedocspr 2020-04-02 17:54:09 +00:00
commit 5769e7f7d4
9 changed files with 359 additions and 351 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mdop/appv-v5/app-v-51-supported-configurations.md
View File

@ -151,7 +151,7 @@ The following table lists the SQL Server versions that are supported for the App
</tbody> </tbody>
</table> </table>
For more information on user configuration files with SQL server 2016 or later, see the [support article](https://support.microsoft.com/help/4548751/app-v-server-publishing-might-fail-when-you-apply-user-configuration-f).
### Publishing server operating system requirements ### Publishing server operating system requirements

606
windows/security/threat-protection/TOC.md
View File

@ -6,101 +6,331 @@
### [What's new in Microsoft Defender ATP](microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md) ### [What's new in Microsoft Defender ATP](microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md)
### [Preview features](microsoft-defender-atp/preview.md) ### [Preview features](microsoft-defender-atp/preview.md)
### [Data storage and privacy](microsoft-defender-atp/data-storage-privacy.md) ### [Data storage and privacy](microsoft-defender-atp/data-storage-privacy.md)
### [Portal overview](microsoft-defender-atp/portal-overview.md)
### [Microsoft Defender ATP for US Government Community Cloud High customers](microsoft-defender-atp/commercial-gov.md) ### [Microsoft Defender ATP for US Government Community Cloud High customers](microsoft-defender-atp/commercial-gov.md)
## [Evaluate capabilities](microsoft-defender-atp/evaluation-lab.md) ## [Evaluate capabilities](microsoft-defender-atp/evaluation-lab.md)
## [Deployment strategy](microsoft-defender-atp/deployment-strategy.md) ## [Plan deployment](microsoft-defender-atp/deployment-strategy.md)
## [Deployment guide]() ## [Deployment guide]()
### [Deployment phases](microsoft-defender-atp/deployment-phases.md) ### [Deployment phases](microsoft-defender-atp/deployment-phases.md)
### [Phase 1: Prepare](microsoft-defender-atp/prepare-deployment.md) ### [Phase 1: Prepare](microsoft-defender-atp/prepare-deployment.md)
### [Phase 2: Set up](microsoft-defender-atp/production-deployment.md)
### [Phase 2: Setup](microsoft-defender-atp/production-deployment.md)
### [Phase 3: Onboard](microsoft-defender-atp/onboarding.md) ### [Phase 3: Onboard](microsoft-defender-atp/onboarding.md)
## [Security administration]() ## [Security administration]()
### [Threat & Vulnerability Management overview](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md) ### [Threat & Vulnerability Management]()
### [Supported operating systems and platforms](microsoft-defender-atp/tvm-supported-os.md) #### [Overview of Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)
### [What's in the dashboard and what it means for my organization](microsoft-defender-atp/tvm-dashboard-insights.md) #### [Supported operating systems and platforms](microsoft-defender-atp/tvm-supported-os.md)
### [Exposure score](microsoft-defender-atp/tvm-exposure-score.md) #### [What's in the dashboard and what it means for my organization](microsoft-defender-atp/tvm-dashboard-insights.md)
### [Configuration score](microsoft-defender-atp/configuration-score.md) #### [Exposure score](microsoft-defender-atp/tvm-exposure-score.md)
### [Security recommendations](microsoft-defender-atp/tvm-security-recommendation.md) #### [Configuration score](microsoft-defender-atp/configuration-score.md)
### [Remediation and exception](microsoft-defender-atp/tvm-remediation.md) #### [Security recommendations](microsoft-defender-atp/tvm-security-recommendation.md)
### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md) #### [Remediation and exception](microsoft-defender-atp/tvm-remediation.md)
### [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md) #### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md)
### [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md) #### [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md)
#### [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md)
### [Attack surface reduction]()
#### [Overview of attack surface reduction](microsoft-defender-atp/overview-attack-surface-reduction.md)
#### [Attack surface reduction evaluation](microsoft-defender-atp/evaluate-attack-surface-reduction.md)
#### [Attack surface reduction configuration settings](microsoft-defender-atp/configure-attack-surface-reduction.md)
#### [Attack surface reduction FAQ](microsoft-defender-atp/attack-surface-reduction-faq.md)
#### [Attack surface reduction controls]()
##### [Attack surface reduction rules](microsoft-defender-atp/attack-surface-reduction.md)
##### [Enable attack surface reduction rules](microsoft-defender-atp/enable-attack-surface-reduction.md)
##### [Customize attack surface reduction rules](microsoft-defender-atp/customize-attack-surface-reduction.md)
#### [Hardware-based isolation]()
##### [Hardware-based isolation in Windows 10](microsoft-defender-atp/overview-hardware-based-isolation.md)
##### [Hardware-based isolation evaluation](windows-defender-application-guard/test-scenarios-wd-app-guard.md)
##### [Application isolation]()
###### [Application guard overview](windows-defender-application-guard/wd-app-guard-overview.md)
###### [System requirements](windows-defender-application-guard/reqs-wd-app-guard.md)
###### [Install Windows Defender Application Guard](windows-defender-application-guard/install-wd-app-guard.md)
##### [Application control](windows-defender-application-control/windows-defender-application-control.md)
###### [Audit Application control policies](windows-defender-application-control/audit-windows-defender-application-control-policies.md)
##### [System isolation](windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md)
##### [System integrity](windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md)
#### [Device control]()
##### [Control USB devices](device-control/control-usb-devices-using-intune.md)
##### [Device Guard]()
###### [Code integrity](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
#### [Exploit protection]()
##### [Protect devices from exploits](microsoft-defender-atp/exploit-protection.md)
##### [Exploit protection evaluation](microsoft-defender-atp/evaluate-exploit-protection.md)
#### [Network protection]()
##### [Protect your network](microsoft-defender-atp/network-protection.md)
##### [Network protection evaluation](microsoft-defender-atp/evaluate-network-protection.md)
#### [Web protection]()
##### [Web protection overview](microsoft-defender-atp/web-protection-overview.md)
##### [Web threat protection]()
###### [Web threat protection overview](microsoft-defender-atp/web-threat-protection.md)
###### [Monitor web security](microsoft-defender-atp/web-protection-monitoring.md)
###### [Respond to web threats](microsoft-defender-atp/web-protection-response.md)
##### [Web content filtering](microsoft-defender-atp/web-content-filtering.md)
#### [Controlled folder access]()
##### [Protect folders](microsoft-defender-atp/controlled-folders.md)
##### [Controlled folder access evaluation](microsoft-defender-atp/evaluate-controlled-folder-access.md)
#### [Network firewall]()
##### [Network firewall overview](windows-firewall/windows-firewall-with-advanced-security.md)
##### [Network firewall evaluation](windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md)
### [Next-generation protection]()
#### [Next-generation protection overview](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
#### [Evaluate next-generation protection](windows-defender-antivirus/evaluate-windows-defender-antivirus.md)
#### [Configure next-generation protection]()
##### [Configure Windows Defender Antivirus features](windows-defender-antivirus/configure-windows-defender-antivirus-features.md)
##### [Utilize Microsoft cloud-delivered protection](windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md)
###### [Enable cloud-delivered protection](windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md)
###### [Specify the cloud-delivered protection level](windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md)
###### [Configure and validate network connections](windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md)
###### [Prevent security settings changes with tamper protection](windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md)
###### [Enable Block at first sight](windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md)
###### [Configure the cloud block timeout period](windows-defender-antivirus/configure-cloud-block-timeout-period-windows-defender-antivirus.md)
##### [Configure behavioral, heuristic, and real-time protection]()
###### [Configuration overview](windows-defender-antivirus/configure-protection-features-windows-defender-antivirus.md)
###### [Detect and block Potentially Unwanted Applications](windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md)
###### [Enable and configure always-on protection and monitoring](windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md)
##### [Antivirus on Windows Server 2016](windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016.md)
##### [Antivirus compatibility]()
###### [Compatibility charts](windows-defender-antivirus/windows-defender-antivirus-compatibility.md)
###### [Use limited periodic antivirus scanning](windows-defender-antivirus/limited-periodic-scanning-windows-defender-antivirus.md)
##### [Deploy, manage updates, and report on antivirus]()
###### [Preparing to deploy](windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md)
###### [Deploy and enable antivirus](windows-defender-antivirus/deploy-windows-defender-antivirus.md)
####### [Deployment guide for VDI environments](windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md)
###### [Report on antivirus protection]()
####### [Review protection status and alerts](windows-defender-antivirus/report-monitor-windows-defender-antivirus.md)
####### [Troubleshoot antivirus reporting in Update Compliance](windows-defender-antivirus/troubleshoot-reporting.md)
###### [Manage updates and apply baselines]()
####### [Learn about the different kinds of updates](windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md)
####### [Manage protection and security intelligence updates](windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md)
####### [Manage when protection updates should be downloaded and applied](windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md)
####### [Manage updates for endpoints that are out of date](windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md)
####### [Manage event-based forced updates](windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md)
####### [Manage updates for mobile devices and VMs](windows-defender-antivirus/manage-updates-mobile-devices-vms-windows-defender-antivirus.md)
##### [Customize, initiate, and review the results of scans and remediation]()
###### [Configuration overview](windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md)
###### [Configure and validate exclusions in antivirus scans]()
####### [Exclusions overview](windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md)
####### [Configure and validate exclusions based on file name, extension, and folder location](windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md)
####### [Configure and validate exclusions for files opened by processes](windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md)
####### [Configure antivirus exclusions Windows Server 2016](windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md)
###### [Configure scanning antivirus options](windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md)
###### [Configure remediation for scans](windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md)
###### [Configure scheduled scans](windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md)
###### [Configure and run scans](windows-defender-antivirus/run-scan-windows-defender-antivirus.md)
###### [Review scan results](windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md)
###### [Run and review the results of an offline scan](windows-defender-antivirus/windows-defender-offline.md)
##### [Restore quarantined files](windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md)
##### [Manage antivirus in your business]()
###### [Management overview](windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md)
###### [Use Group Policy settings to configure and manage antivirus](windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md)
###### [Use Microsoft Endpoint Configuration Manager and Microsoft Intune to configure and manage antivirus](windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md)
###### [Use PowerShell cmdlets to configure and manage antivirus](windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md)
###### [Use Windows Management Instrumentation (WMI) to configure and manage antivirus](windows-defender-antivirus/use-wmi-windows-defender-antivirus.md)
###### [Use the mpcmdrun.exe commandline tool to configure and manage antivirus](windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md)
##### [Manage scans and remediation]()
###### [Management overview](windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md)
###### [Configure and validate exclusions in antivirus scans]()
####### [Exclusions overview](windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md)
####### [Configure and validate exclusions based on file name, extension, and folder location](windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md)
####### [Configure and validate exclusions for files opened by processes](windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md)
####### [Configure antivirus exclusions on Windows Server 2016](windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md)
###### [Configure scanning options](windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md)
##### [Configure remediation for scans](windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md)
###### [Configure remediation for scans](windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md)
###### [Configure scheduled scans](windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md)
###### [Configure and run scans](windows-defender-antivirus/run-scan-windows-defender-antivirus.md)
###### [Review scan results](windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md)
###### [Run and review the results of an offline scan](windows-defender-antivirus/windows-defender-offline.md)
###### [Restore quarantined files](windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md)
##### [Manage next-generation protection in your business]()
###### [Handle false positives/negatives in Windows Defender Antivirus](windows-defender-antivirus/antivirus-false-positives-negatives.md)
###### [Management overview](windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md)
###### [Use Microsoft Intune and Microsoft Endpoint Configuration Manager to manage next generation protection](windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md)
###### [Use Group Policy settings to manage next generation protection](windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md)
###### [Use PowerShell cmdlets to manage next generation protection](windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md)
###### [Use Windows Management Instrumentation (WMI) to manage next generation protection](windows-defender-antivirus/use-wmi-windows-defender-antivirus.md)
###### [Use the mpcmdrun.exe command line tool to manage next generation protection](windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md)
#### [Better together: Windows Defender Antivirus and Microsoft Defender ATP](windows-defender-antivirus/why-use-microsoft-antivirus.md)
#### [Better together: Windows Defender Antivirus and Office 365](windows-defender-antivirus/office-365-windows-defender-antivirus.md)
### [Microsoft Defender Advanced Threat Protection for Mac](microsoft-defender-atp/microsoft-defender-atp-mac.md)
#### [What's New](microsoft-defender-atp/mac-whatsnew.md)
##### [Deploy]()
###### [Microsoft Intune-based deployment](microsoft-defender-atp/mac-install-with-intune.md)
###### [JAMF-based deployment](microsoft-defender-atp/mac-install-with-jamf.md)
###### [Deployment with a different Mobile Device Management (MDM) system](microsoft-defender-atp/mac-install-with-other-mdm.md)
###### [Manual deployment](microsoft-defender-atp/mac-install-manually.md)
##### [Update](microsoft-defender-atp/mac-updates.md)
##### [Configure]()
###### [Configure and validate exclusions](microsoft-defender-atp/mac-exclusions.md)
###### [Set preferences](microsoft-defender-atp/mac-preferences.md)
###### [Detect and block Potentially Unwanted Applications](microsoft-defender-atp/mac-pua.md)
##### [Troubleshoot]()
###### [Troubleshoot installation issues](microsoft-defender-atp/mac-support-install.md)
###### [Troubleshoot performance issues](microsoft-defender-atp/mac-support-perf.md)
###### [Troubleshoot kernel extension issues](microsoft-defender-atp/mac-support-kext.md)
###### [Troubleshoot license issues](microsoft-defender-atp/mac-support-license.md)
##### [Privacy](microsoft-defender-atp/mac-privacy.md)
##### [Resources](microsoft-defender-atp/mac-resources.md)
### [Microsoft Defender Advanced Threat Protection for Linux](microsoft-defender-atp/microsoft-defender-atp-linux.md)
#### [Deploy]()
##### [Manual deployment](microsoft-defender-atp/linux-install-manually.md)
##### [Puppet based deployment](microsoft-defender-atp/linux-install-with-puppet.md)
##### [Ansible based deployment](microsoft-defender-atp/linux-install-with-ansible.md)
#### [Update](microsoft-defender-atp/linux-updates.md)
#### [Configure]()
##### [Configure and validate exclusions](microsoft-defender-atp/linux-exclusions.md)
##### [Static proxy configuration](microsoft-defender-atp/linux-static-proxy-configuration.md)
##### [Set preferences](microsoft-defender-atp/linux-preferences.md)
#### [Troubleshoot]()
##### [Troubleshoot cloud connectivity issues](microsoft-defender-atp/linux-support-connectivity.md)
##### [Troubleshoot performance issues](microsoft-defender-atp/linux-support-perf.md)
#### [Resources](microsoft-defender-atp/linux-resources.md)
### [Configure and manage Microsoft Threat Experts capabilities](microsoft-defender-atp/configure-microsoft-threat-experts.md)
## [Security operations]() ## [Security operations]()
### [Portal overview](microsoft-defender-atp/portal-overview.md)
### [Security operations dashboard](microsoft-defender-atp/security-operations-dashboard.md)
### [Incidents queue]()
#### [View and organize the Incidents queue](microsoft-defender-atp/view-incidents-queue.md)
#### [Manage incidents](microsoft-defender-atp/manage-incidents.md)
#### [Investigate incidents](microsoft-defender-atp/investigate-incidents.md)
### [Alerts queue]() ### [Endpoint detection and response]()
#### [View and organize the Alerts queue](microsoft-defender-atp/alerts-queue.md) #### [Endpoint detection and response overview](microsoft-defender-atp/overview-endpoint-detection-response.md)
#### [Manage alerts](microsoft-defender-atp/manage-alerts.md) #### [Security operations dashboard](microsoft-defender-atp/security-operations-dashboard.md)
#### [Investigate alerts](microsoft-defender-atp/investigate-alerts.md) #### [Incidents queue]()
#### [Investigate files](microsoft-defender-atp/investigate-files.md) ##### [View and organize the Incidents queue](microsoft-defender-atp/view-incidents-queue.md)
#### [Investigate machines](microsoft-defender-atp/investigate-machines.md) ##### [Manage incidents](microsoft-defender-atp/manage-incidents.md)
#### [Investigate an IP address](microsoft-defender-atp/investigate-ip.md) ##### [Investigate incidents](microsoft-defender-atp/investigate-incidents.md)
#### [Investigate a domain](microsoft-defender-atp/investigate-domain.md)
##### [Investigate connection events that occur behind forward proxies](microsoft-defender-atp/investigate-behind-proxy.md) #### [Alerts queue]()
#### [Investigate a user account](microsoft-defender-atp/investigate-user.md) ##### [View and organize the Alerts queue](microsoft-defender-atp/alerts-queue.md)
##### [Manage alerts](microsoft-defender-atp/manage-alerts.md)
##### [Investigate alerts](microsoft-defender-atp/investigate-alerts.md)
##### [Investigate files](microsoft-defender-atp/investigate-files.md)
##### [Investigate machines](microsoft-defender-atp/investigate-machines.md)
##### [Investigate an IP address](microsoft-defender-atp/investigate-ip.md)
##### [Investigate a domain](microsoft-defender-atp/investigate-domain.md)
###### [Investigate connection events that occur behind forward proxies](microsoft-defender-atp/investigate-behind-proxy.md)
##### [Investigate a user account](microsoft-defender-atp/investigate-user.md)
#### [Machines list]()
##### [View and organize the Machines list](microsoft-defender-atp/machines-view-overview.md)
##### [Manage machine group and tags](microsoft-defender-atp/machine-tags.md)
#### [Take response actions]()
##### [Take response actions on a machine]()
###### [Response actions on machines](microsoft-defender-atp/respond-machine-alerts.md)
###### [Manage tags](microsoft-defender-atp/respond-machine-alerts.md#manage-tags)
###### [Initiate an automated investigation](microsoft-defender-atp/respond-machine-alerts.md#initiate-automated-investigation)
###### [Initiate Live Response session](microsoft-defender-atp/respond-machine-alerts.md#initiate-live-response-session)
###### [Collect investigation package](microsoft-defender-atp/respond-machine-alerts.md#collect-investigation-package-from-machines)
###### [Run antivirus scan](microsoft-defender-atp/respond-machine-alerts.md#run-windows-defender-antivirus-scan-on-machines)
###### [Restrict app execution](microsoft-defender-atp/respond-machine-alerts.md#restrict-app-execution)
###### [Isolate machines from the network](microsoft-defender-atp/respond-machine-alerts.md#isolate-machines-from-the-network)
###### [Consult a threat expert](microsoft-defender-atp/respond-machine-alerts.md#consult-a-threat-expert)
###### [Check activity details in Action center](microsoft-defender-atp/respond-machine-alerts.md#check-activity-details-in-action-center)
##### [Take response actions on a file]()
###### [Response actions on files](microsoft-defender-atp/respond-file-alerts.md)
###### [Stop and quarantine files in your network](microsoft-defender-atp/respond-file-alerts.md#stop-and-quarantine-files-in-your-network)
###### [Restore file from quarantine](microsoft-defender-atp/respond-file-alerts.md#restore-file-from-quarantine)
###### [Add indicators to block or allow a file](microsoft-defender-atp/respond-file-alerts.md#add-indicator-to-block-or-allow-a-file)
###### [Consult a threat expert](microsoft-defender-atp/respond-file-alerts.md#consult-a-threat-expert)
###### [Check activity details in Action center](microsoft-defender-atp/respond-file-alerts.md#check-activity-details-in-action-center)
###### [Download or collect file](microsoft-defender-atp/respond-file-alerts.md#download-or-collect-file)
###### [Deep analysis](microsoft-defender-atp/respond-file-alerts.md#deep-analysis)
###### [Submit files for analysis](microsoft-defender-atp/respond-file-alerts.md#submit-files-for-analysis)
###### [View deep analysis reports](microsoft-defender-atp/respond-file-alerts.md#view-deep-analysis-reports)
###### [Troubleshoot deep analysis](microsoft-defender-atp/respond-file-alerts.md#troubleshoot-deep-analysis)
### [Machines list]() #### [View and approve remediation actions](microsoft-defender-atp/manage-auto-investigation.md)
#### [View and organize the Machines list](microsoft-defender-atp/machines-view-overview.md) ##### [View details and results of automated investigations](microsoft-defender-atp/auto-investigation-action-center.md)
#### [Manage machine group and tags](microsoft-defender-atp/machine-tags.md)
### [Take response actions]() #### [Investigate entities using Live response]()
#### [Take response actions on a machine]() ##### [Investigate entities on machines](microsoft-defender-atp/live-response.md)
##### [Response actions on machines](microsoft-defender-atp/respond-machine-alerts.md) ##### [Live response command examples](microsoft-defender-atp/live-response-command-examples.md)
##### [Manage tags](microsoft-defender-atp/respond-machine-alerts.md#manage-tags)
##### [Initiate an automated investigation](microsoft-defender-atp/respond-machine-alerts.md#initiate-automated-investigation)
##### [Initiate Live Response session](microsoft-defender-atp/respond-machine-alerts.md#initiate-live-response-session)
##### [Collect investigation package](microsoft-defender-atp/respond-machine-alerts.md#collect-investigation-package-from-machines)
##### [Run antivirus scan](microsoft-defender-atp/respond-machine-alerts.md#run-windows-defender-antivirus-scan-on-machines)
##### [Restrict app execution](microsoft-defender-atp/respond-machine-alerts.md#restrict-app-execution)
##### [Isolate machines from the network](microsoft-defender-atp/respond-machine-alerts.md#isolate-machines-from-the-network)
##### [Consult a threat expert](microsoft-defender-atp/respond-machine-alerts.md#consult-a-threat-expert)
##### [Check activity details in Action center](microsoft-defender-atp/respond-machine-alerts.md#check-activity-details-in-action-center)
#### [Take response actions on a file]()
##### [Response actions on files](microsoft-defender-atp/respond-file-alerts.md)
##### [Stop and quarantine files in your network](microsoft-defender-atp/respond-file-alerts.md#stop-and-quarantine-files-in-your-network)
##### [Restore file from quarantine](microsoft-defender-atp/respond-file-alerts.md#restore-file-from-quarantine)
##### [Add indicators to block or allow a file](microsoft-defender-atp/respond-file-alerts.md#add-indicator-to-block-or-allow-a-file)
##### [Consult a threat expert](microsoft-defender-atp/respond-file-alerts.md#consult-a-threat-expert)
##### [Check activity details in Action center](microsoft-defender-atp/respond-file-alerts.md#check-activity-details-in-action-center)
##### [Download or collect file](microsoft-defender-atp/respond-file-alerts.md#download-or-collect-file)
##### [Deep analysis](microsoft-defender-atp/respond-file-alerts.md#deep-analysis)
##### [Submit files for analysis](microsoft-defender-atp/respond-file-alerts.md#submit-files-for-analysis)
##### [View deep analysis reports](microsoft-defender-atp/respond-file-alerts.md#view-deep-analysis-reports)
##### [Troubleshoot deep analysis](microsoft-defender-atp/respond-file-alerts.md#troubleshoot-deep-analysis)
### [View and approve remediation actions](microsoft-defender-atp/manage-auto-investigation.md)
#### [View details and results of automated investigations](microsoft-defender-atp/auto-investigation-action-center.md)
### [Investigate entities using Live response]()
#### [Investigate entities on machines](microsoft-defender-atp/live-response.md)
#### [Live response command examples](microsoft-defender-atp/live-response-command-examples.md)
### [Threat analytics](microsoft-defender-atp/threat-analytics.md)
##### [Shadow protection?](windows-defender-antivirus/shadow-protection.md)
#### [Use sensitivity labels to prioritize incident response](microsoft-defender-atp/information-protection-investigation.md)
#### [Reporting]()
##### [Power BI - How to use API - Samples](microsoft-defender-atp/api-power-bi.md)
##### [Create and build Power BI reports using Microsoft Defender ATP data connectors (deprecated)](microsoft-defender-atp/powerbi-reports.md)
##### [Threat protection reports](microsoft-defender-atp/threat-protection-reports.md)
#### [Machine health and compliance reports](microsoft-defender-atp/machine-reports.md)
#### [Custom detections]()
##### [Understand custom detections](microsoft-defender-atp/overview-custom-detections.md)
##### [Create and manage detection rules](microsoft-defender-atp/custom-detection-rules.md)
### [Automated investigation and response]()
#### [Overview of AIR](microsoft-defender-atp/automated-investigations.md)
### [Advanced hunting]() ### [Advanced hunting]()
#### [Advanced hunting overview](microsoft-defender-atp/advanced-hunting-overview.md) #### [Advanced hunting overview](microsoft-defender-atp/advanced-hunting-overview.md)
@ -128,17 +358,13 @@
### [Microsoft Threat Experts](microsoft-defender-atp/microsoft-threat-experts.md) ### [Microsoft Threat Experts](microsoft-defender-atp/microsoft-threat-experts.md)
### [Reporting]() ### [Threat analytics](microsoft-defender-atp/threat-analytics.md)
#### [Power BI - How to use API - Samples](microsoft-defender-atp/api-power-bi.md)
#### [Create and build Power BI reports using Microsoft Defender ATP data connectors (deprecated)](microsoft-defender-atp/powerbi-reports.md)
#### [Threat protection reports](microsoft-defender-atp/threat-protection-reports.md)
#### [Machine health and compliance reports](microsoft-defender-atp/machine-reports.md)
### [Custom detections]()
#### [Understand custom detections](microsoft-defender-atp/overview-custom-detections.md)
#### [Create and manage detection rules](microsoft-defender-atp/custom-detection-rules.md)
@ -174,175 +400,6 @@
#### [Increase compliance to the security baseline](microsoft-defender-atp/configure-machines-security-baseline.md) #### [Increase compliance to the security baseline](microsoft-defender-atp/configure-machines-security-baseline.md)
#### [Optimize ASR rule deployment and detections](microsoft-defender-atp/configure-machines-asr.md) #### [Optimize ASR rule deployment and detections](microsoft-defender-atp/configure-machines-asr.md)
### [Manage capabilities]()
#### [Configure attack surface reduction]()
##### [Attack surface reduction configuration settings](microsoft-defender-atp/configure-attack-surface-reduction.md)
#### [Hardware-based isolation]()
##### [System isolation](windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md)
##### [Application isolation]()
###### [Install Windows Defender Application Guard](windows-defender-application-guard/install-wd-app-guard.md)
###### [Application control](windows-defender-application-control/windows-defender-application-control.md)
##### [Device control]()
###### [Control USB devices](device-control/control-usb-devices-using-intune.md)
###### [Device Guard]()
####### [Code integrity](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
####### [Memory integrity]()
######## [Understand memory integrity](device-guard/memory-integrity.md)
######## [Hardware qualifications](device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md)
######## [Enable HVCI](device-guard/enable-virtualization-based-protection-of-code-integrity.md)
##### [Exploit protection]()
###### [Enable exploit protection](microsoft-defender-atp/enable-exploit-protection.md)
###### [Customize exploit protection](microsoft-defender-atp/customize-exploit-protection.md)
###### [Import/export configurations](microsoft-defender-atp/import-export-exploit-protection-emet-xml.md)
##### [Network protection](microsoft-defender-atp/enable-network-protection.md)
##### [Controlled folder access](microsoft-defender-atp/enable-controlled-folders.md)
##### [Attack surface reduction controls]()
###### [Enable attack surface reduction rules](microsoft-defender-atp/enable-attack-surface-reduction.md)
###### [Customize attack surface reduction](microsoft-defender-atp/customize-attack-surface-reduction.md)
##### [Network firewall](windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md)
#### [Configure next-generation protection]()
##### [Configure Windows Defender Antivirus features](windows-defender-antivirus/configure-windows-defender-antivirus-features.md)
##### [Utilize Microsoft cloud-delivered protection](windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md)
###### [Enable cloud-delivered protection](windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md)
###### [Specify the cloud-delivered protection level](windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md)
###### [Configure and validate network connections](windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md)
###### [Prevent security settings changes with tamper protection](windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md)
###### [Enable Block at first sight](windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md)
###### [Configure the cloud block timeout period](windows-defender-antivirus/configure-cloud-block-timeout-period-windows-defender-antivirus.md)
##### [Configure behavioral, heuristic, and real-time protection]()
###### [Configuration overview](windows-defender-antivirus/configure-protection-features-windows-defender-antivirus.md)
###### [Detect and block Potentially Unwanted Applications](windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md)
###### [Enable and configure always-on protection and monitoring](windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md)
##### [Antivirus on Windows Server 2016](windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016.md)
##### [Antivirus compatibility]()
###### [Compatibility charts](windows-defender-antivirus/windows-defender-antivirus-compatibility.md)
###### [Use limited periodic antivirus scanning](windows-defender-antivirus/limited-periodic-scanning-windows-defender-antivirus.md)
##### [Deploy, manage updates, and report on antivirus]()
###### [Preparing to deploy](windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md)
###### [Deploy and enable antivirus](windows-defender-antivirus/deploy-windows-defender-antivirus.md)
####### [Deployment guide for VDI environments](windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md)
###### [Report on antivirus protection]()
####### [Review protection status and alerts](windows-defender-antivirus/report-monitor-windows-defender-antivirus.md)
####### [Troubleshoot antivirus reporting in Update Compliance](windows-defender-antivirus/troubleshoot-reporting.md)
###### [Manage updates and apply baselines]()
####### [Learn about the different kinds of updates](windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md)
####### [Manage protection and security intelligence updates](windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md)
####### [Manage when protection updates should be downloaded and applied](windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md)
####### [Manage updates for endpoints that are out of date](windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md)
####### [Manage event-based forced updates](windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md)
####### [Manage updates for mobile devices and VMs](windows-defender-antivirus/manage-updates-mobile-devices-vms-windows-defender-antivirus.md)
##### [Customize, initiate, and review the results of scans and remediation]()
###### [Configuration overview](windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md)
###### [Configure and validate exclusions in antivirus scans]()
####### [Exclusions overview](windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md)
####### [Configure and validate exclusions based on file name, extension, and folder location](windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md)
####### [Configure and validate exclusions for files opened by processes](windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md)
####### [Configure antivirus exclusions Windows Server 2016](windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md)
###### [Configure scanning antivirus options](windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md)
###### [Configure remediation for scans](windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md)
###### [Configure scheduled scans](windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md)
###### [Configure and run scans](windows-defender-antivirus/run-scan-windows-defender-antivirus.md)
###### [Review scan results](windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md)
###### [Run and review the results of an offline scan](windows-defender-antivirus/windows-defender-offline.md)
##### [Restore quarantined files](windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md)
##### [Manage antivirus in your business]()
###### [Management overview](windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md)
###### [Use Group Policy settings to configure and manage antivirus](windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md)
###### [Use Microsoft Endpoint Configuration Manager and Microsoft Intune to configure and manage antivirus](windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md)
###### [Use PowerShell cmdlets to configure and manage antivirus](windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md)
###### [Use Windows Management Instrumentation (WMI) to configure and manage antivirus](windows-defender-antivirus/use-wmi-windows-defender-antivirus.md)
###### [Use the mpcmdrun.exe commandline tool to configure and manage antivirus](windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md)
##### [Manage scans and remediation]()
###### [Management overview](windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md)
###### [Configure and validate exclusions in antivirus scans]()
####### [Exclusions overview](windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md)
####### [Configure and validate exclusions based on file name, extension, and folder location](windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md)
####### [Configure and validate exclusions for files opened by processes](windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md)
####### [Configure antivirus exclusions on Windows Server 2016](windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md)
###### [Configure scanning options](windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md)
##### [Configure remediation for scans](windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md)
###### [Configure remediation for scans](windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md)
###### [Configure scheduled scans](windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md)
###### [Configure and run scans](windows-defender-antivirus/run-scan-windows-defender-antivirus.md)
###### [Review scan results](windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md)
###### [Run and review the results of an offline scan](windows-defender-antivirus/windows-defender-offline.md)
###### [Restore quarantined files](windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md)
##### [Manage next-generation protection in your business]()
###### [Handle false positives/negatives in Windows Defender Antivirus](windows-defender-antivirus/antivirus-false-positives-negatives.md)
###### [Management overview](windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md)
###### [Use Microsoft Intune and Microsoft Endpoint Configuration Manager to manage next generation protection](windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md)
###### [Use Group Policy settings to manage next generation protection](windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md)
###### [Use PowerShell cmdlets to manage next generation protection](windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md)
###### [Use Windows Management Instrumentation (WMI) to manage next generation protection](windows-defender-antivirus/use-wmi-windows-defender-antivirus.md)
###### [Use the mpcmdrun.exe command line tool to manage next generation protection](windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md)
#### [Microsoft Defender Advanced Threat Protection for Mac](microsoft-defender-atp/microsoft-defender-atp-mac.md)
##### [What's New](microsoft-defender-atp/mac-whatsnew.md)
##### [Deploy]()
###### [Microsoft Intune-based deployment](microsoft-defender-atp/mac-install-with-intune.md)
###### [JAMF-based deployment](microsoft-defender-atp/mac-install-with-jamf.md)
###### [Deployment with a different Mobile Device Management (MDM) system](microsoft-defender-atp/mac-install-with-other-mdm.md)
###### [Manual deployment](microsoft-defender-atp/mac-install-manually.md)
##### [Update](microsoft-defender-atp/mac-updates.md)
##### [Configure]()
###### [Configure and validate exclusions](microsoft-defender-atp/mac-exclusions.md)
###### [Set preferences](microsoft-defender-atp/mac-preferences.md)
###### [Detect and block Potentially Unwanted Applications](microsoft-defender-atp/mac-pua.md)
##### [Troubleshoot]()
###### [Troubleshoot installation issues](microsoft-defender-atp/mac-support-install.md)
###### [Troubleshoot performance issues](microsoft-defender-atp/mac-support-perf.md)
###### [Troubleshoot kernel extension issues](microsoft-defender-atp/mac-support-kext.md)
###### [Troubleshoot license issues](microsoft-defender-atp/mac-support-license.md)
##### [Privacy](microsoft-defender-atp/mac-privacy.md)
##### [Resources](microsoft-defender-atp/mac-resources.md)
#### [Microsoft Defender Advanced Threat Protection for Linux](microsoft-defender-atp/microsoft-defender-atp-linux.md)
##### [Deploy]()
###### [Manual deployment](microsoft-defender-atp/linux-install-manually.md)
###### [Puppet based deployment](microsoft-defender-atp/linux-install-with-puppet.md)
###### [Ansible based deployment](microsoft-defender-atp/linux-install-with-ansible.md)
##### [Update](microsoft-defender-atp/linux-updates.md)
##### [Configure]()
###### [Configure and validate exclusions](microsoft-defender-atp/linux-exclusions.md)
###### [Static proxy configuration](microsoft-defender-atp/linux-static-proxy-configuration.md)
###### [Set preferences](microsoft-defender-atp/linux-preferences.md)
##### [Troubleshoot]()
###### [Troubleshoot cloud connectivity issues](microsoft-defender-atp/linux-support-connectivity.md)
###### [Troubleshoot performance issues](microsoft-defender-atp/linux-support-perf.md)
##### [Resources](microsoft-defender-atp/linux-resources.md)
#### [Configure and manage Microsoft Threat Experts capabilities](microsoft-defender-atp/configure-microsoft-threat-experts.md)
### [Configure portal settings]() ### [Configure portal settings]()
#### [Set up preferences](microsoft-defender-atp/preferences-setup.md) #### [Set up preferences](microsoft-defender-atp/preferences-setup.md)
#### [General]() #### [General]()
@ -380,51 +437,7 @@
#### [Configure information protection in Windows](microsoft-defender-atp/information-protection-in-windows-config.md) #### [Configure information protection in Windows](microsoft-defender-atp/information-protection-in-windows-config.md)
## Reference ## Reference
### [Capabilities]()
#### [Threat & Vulnerability Management]()
##### [Next-generation capabilities](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)
##### [Supported operating systems and platforms](microsoft-defender-atp/tvm-supported-os.md)
#### [Attack surface reduction]()
##### [Overview of attack surface reduction](microsoft-defender-atp/overview-attack-surface-reduction.md)
##### [Attack surface reduction FAQ](microsoft-defender-atp/attack-surface-reduction-faq.md)
##### [Hardware-based isolation]()
###### [Hardware-based isolation in Windows 10](microsoft-defender-atp/overview-hardware-based-isolation.md)
###### [Application isolation]()
####### [Application guard overview](windows-defender-application-guard/wd-app-guard-overview.md)
####### [System requirements](windows-defender-application-guard/reqs-wd-app-guard.md)
###### [System integrity](windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md)
##### [Application control](windows-defender-application-control/windows-defender-application-control.md)
##### [Exploit protection](microsoft-defender-atp/exploit-protection.md)
##### [Network protection](microsoft-defender-atp/network-protection.md)
##### [Web protection]()
###### [Web protection overview](microsoft-defender-atp/web-protection-overview.md)
###### [Web threat protection]()
####### [Web threat protection overview](microsoft-defender-atp/web-threat-protection.md)
####### [Monitor web security](microsoft-defender-atp/web-protection-monitoring.md)
####### [Respond to web threats](microsoft-defender-atp/web-protection-response.md)
###### [Web content filtering](microsoft-defender-atp/web-content-filtering.md)
##### [Controlled folder access](microsoft-defender-atp/controlled-folders.md)
##### [Attack surface reduction](microsoft-defender-atp/attack-surface-reduction.md)
##### [Network firewall](windows-firewall/windows-firewall-with-advanced-security.md)
#### [Next-generation protection](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
##### [Better together: Windows Defender Antivirus and Microsoft Defender ATP](windows-defender-antivirus/why-use-microsoft-antivirus.md)
##### [Better together: Windows Defender Antivirus and Office 365](windows-defender-antivirus/office-365-windows-defender-antivirus.md)
#### [Endpoint detection and response](microsoft-defender-atp/overview-endpoint-detection-response.md)
##### [Shadow protection](windows-defender-antivirus/shadow-protection.md)
#### [Overview of AIR](microsoft-defender-atp/automated-investigations.md)
### [Management and APIs]() ### [Management and APIs]()
#### [Overview of management and APIs](microsoft-defender-atp/management-apis.md) #### [Overview of management and APIs](microsoft-defender-atp/management-apis.md)
@ -595,28 +608,9 @@
### [Information protection in Windows overview]() ### [Information protection in Windows overview]()
#### [Windows integration](microsoft-defender-atp/information-protection-in-windows-overview.md) #### [Windows integration](microsoft-defender-atp/information-protection-in-windows-overview.md)
#### [Use sensitivity labels to prioritize incident response](microsoft-defender-atp/information-protection-investigation.md)
### [Evaluate Microsoft Defender ATP]()
#### [Attack surface reduction and next-generation capability evaluation]()
##### [Attack surface reduction and nex-generation evaluation overview](microsoft-defender-atp/evaluate-atp.md)
##### [Hardware-based isolation](windows-defender-application-guard/test-scenarios-wd-app-guard.md)
##### [Application control](windows-defender-application-control/audit-windows-defender-application-control-policies.md)
##### [Exploit protection](microsoft-defender-atp/evaluate-exploit-protection.md)
##### [Network Protection](microsoft-defender-atp/evaluate-network-protection.md)
##### [Controlled folder access](microsoft-defender-atp/evaluate-controlled-folder-access.md)
##### [Attack surface reduction](microsoft-defender-atp/evaluate-attack-surface-reduction.md)
##### [Network firewall](windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md)
##### [Evaluate next-generation protection](windows-defender-antivirus/evaluate-windows-defender-antivirus.md)
### [Access the Microsoft Defender ATP Community Center](microsoft-defender-atp/community.md) ### [Access the Microsoft Defender ATP Community Center](microsoft-defender-atp/community.md)
### [Helpful resources](microsoft-defender-atp/helpful-resources.md) ### [Helpful resources](microsoft-defender-atp/helpful-resources.md)

14
windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
View File

@ -38,8 +38,8 @@ The WinHTTP configuration setting is independent of the Windows Internet (WinINe
- Transparent proxy - Transparent proxy
- Web Proxy Auto-discovery Protocol (WPAD) - Web Proxy Auto-discovery Protocol (WPAD)
> [!NOTE] > [!NOTE]
> If you're using Transparent proxy or WPAD in your network topology, you don't need special configuration settings. For more information on Microsoft Defender ATP URL exclusions in the proxy, see [Enable access to Microsoft Defender ATP service URLs in the proxy server](#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server). > If you're using Transparent proxy or WPAD in your network topology, you don't need special configuration settings. For more information on Microsoft Defender ATP URL exclusions in the proxy, see [Enable access to Microsoft Defender ATP service URLs in the proxy server](#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server).
- Manual static proxy configuration: - Manual static proxy configuration:
- Registry based configuration - Registry based configuration
@ -120,6 +120,16 @@ United States | ```us.vortex-win.data.microsoft.com``` <br> ```ussus1eastprod.bl
If a proxy or firewall is blocking anonymous traffic, as Microsoft Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the previously listed URLs. If a proxy or firewall is blocking anonymous traffic, as Microsoft Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the previously listed URLs.
### Log analytics agent requirements
The information below list the proxy and firewall configuration information required to communicate with Log Analytics agent (often referred to as Microsoft Monitoring Agent) for the previous versions of Windows such as Windows 7 SP1, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2, and Windows Server 2016.
|Agent Resource|Ports |Direction |Bypass HTTPS inspection|
|------|---------|--------|--------|
|*.ods.opinsights.azure.com |Port 443 |Outbound|Yes |
|*.oms.opinsights.azure.com |Port 443 |Outbound|Yes |
|*.blob.core.windows.net |Port 443 |Outbound|Yes |
## Microsoft Defender ATP service backend IP range ## Microsoft Defender ATP service backend IP range
If your network devices don't support the URLs added to an "allow" list in the prior section, you can use the following information. If your network devices don't support the URLs added to an "allow" list in the prior section, you can use the following information.

12
windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
View File

@ -113,7 +113,7 @@ The following steps are required to enable this integration:
On the **Agent Setup Options** page, choose **Connect the agent to Azure Log Analytics (OMS)**. On the **Agent Setup Options** page, choose **Connect the agent to Azure Log Analytics (OMS)**.
- [Install the agent using the command line](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#install-the-agent-using-the-command-line) and [configure the agent using a script](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#add-a-workspace-using-a-script). - [Install the agent using the command line](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#install-the-agent-using-the-command-line) and [configure the agent using a script](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#add-a-workspace-using-a-script).
3. You'll need to configure proxy settings for the Microsoft Monitoring Agent. For more information, see [Configure proxy settings](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#configure-proxy-settings). 3. You'll need to configure proxy settings for the Microsoft Monitoring Agent. For more information, see [Configure proxy settings](configure-proxy-internet.md).
Once completed, you should see onboarded servers in the portal within an hour. Once completed, you should see onboarded servers in the portal within an hour.
@ -153,11 +153,13 @@ Support for Windows Server, version 1803 and Windows 2019 provides deeper insigh
b. Run the following PowerShell command to verify that the passive mode was configured: b. Run the following PowerShell command to verify that the passive mode was configured:
```Get-WinEvent -FilterHashtable @{ProviderName="Microsoft-Windows-Sense" ;ID=84}``` ```PowerShell
Get-WinEvent -FilterHashtable @{ProviderName="Microsoft-Windows-Sense" ;ID=84}
```
c. Confirm that a recent event containing the passive mode event is found: c. Confirm that a recent event containing the passive mode event is found:
![Image of passive mode verification result](images/atp-verify-passive-mode.png) ![Image of passive mode verification result](images/atp-verify-passive-mode.png)
3. Run the following command to check if Windows Defender AV is installed: 3. Run the following command to check if Windows Defender AV is installed:
@ -172,8 +174,8 @@ Microsoft Defender ATP integrates with Azure Security Center to provide a compre
The following capabilities are included in this integration: The following capabilities are included in this integration:
- Automated onboarding - Microsoft Defender ATP sensor is automatically enabled on Windows Servers that are onboarded to Azure Security Center. For more information on Azure Security Center onboarding, see [Onboarding to Azure Security Center Standard for enhanced security](https://docs.microsoft.com/azure/security-center/security-center-onboarding). - Automated onboarding - Microsoft Defender ATP sensor is automatically enabled on Windows Servers that are onboarded to Azure Security Center. For more information on Azure Security Center onboarding, see [Onboarding to Azure Security Center Standard for enhanced security](https://docs.microsoft.com/azure/security-center/security-center-onboarding).
> [!NOTE] > [!NOTE]
> Automated onboarding is only applicable for Windows Server 2012 R2 and Windows Server 2016. > Automated onboarding is only applicable for Windows Server 2012 R2 and Windows Server 2016.
- Servers monitored by Azure Security Center will also be available in Microsoft Defender ATP - Azure Security Center seamlessly connects to the Microsoft Defender ATP tenant, providing a single view across clients and servers. In addition, Microsoft Defender ATP alerts will be available in the Azure Security Center console. - Servers monitored by Azure Security Center will also be available in Microsoft Defender ATP - Azure Security Center seamlessly connects to the Microsoft Defender ATP tenant, providing a single view across clients and servers. In addition, Microsoft Defender ATP alerts will be available in the Azure Security Center console.
- Server investigation - Azure Security Center customers can access Microsoft Defender Security Center to perform detailed investigation to uncover the scope of a potential breach - Server investigation - Azure Security Center customers can access Microsoft Defender Security Center to perform detailed investigation to uncover the scope of a potential breach

7
windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
View File

@ -26,6 +26,13 @@ ms.topic: conceptual
> >
> If you have previously whitelisted the kernel extension as part of your remote deployment, that warning should not be presented to the end user. If you have not previously deployed a policy to whitelist the kernel extension, your users will be presented with the warning. To proactively silence the warning, you can still deploy a configuration to whitelist the kernel extension. Refer to the instructions in the [JAMF-based deployment](mac-install-with-jamf.md#approved-kernel-extension) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics. > If you have previously whitelisted the kernel extension as part of your remote deployment, that warning should not be presented to the end user. If you have not previously deployed a policy to whitelist the kernel extension, your users will be presented with the warning. To proactively silence the warning, you can still deploy a configuration to whitelist the kernel extension. Refer to the instructions in the [JAMF-based deployment](mac-install-with-jamf.md#approved-kernel-extension) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics.
## 100.90.27
- You can now [set an update channel](mac-updates.md#set-the-channel-name) for Microsoft Defender ATP for Mac that is different from the system-wide update channel
- New product icon
- Other user experience improvements
- Bug fixes
## 100.86.92 ## 100.86.92
- Improvements around compatibility with Time Machine - Improvements around compatibility with Time Machine

26
windows/security/threat-protection/microsoft-defender-atp/onboarding.md
View File

@ -1,5 +1,5 @@
--- ---
title: Onboard to the Micrsoft Defender ATP service title: Onboard to the Microsoft Defender ATP service
description: description:
keywords: keywords:
search.product: eADQiWindows 10XVcnh search.product: eADQiWindows 10XVcnh
@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
ms.topic: article ms.topic: article
--- ---
# Onboard to the Micrsoft Defender ATP service # Onboard to the Microsoft Defender ATP service
**Applies to:** **Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
@ -34,7 +34,7 @@ Deploying Microsoft Defender ATP is a three-phase process:
<td align="center"> <td align="center">
<a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment"> <a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment">
<img src="images/setup.png" alt="Setup the Microsoft Defender ATP service" title="Setup" /> <img src="images/setup.png" alt="Setup the Microsoft Defender ATP service" title="Setup" />
<br/>Phase 2: Setup </a><br> <br/>Phase 2: Set up </a><br>
</td> </td>
<td align="center" bgcolor="#d5f5e3"> <td align="center" bgcolor="#d5f5e3">
<a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboarding"> <a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboarding">
@ -184,11 +184,11 @@ Before the systems can be onboarded into the workspace, the deployment scripts n
Edit the InstallMMA.cmd with a text editor, such as notepad and update the Edit the InstallMMA.cmd with a text editor, such as notepad and update the
following lines and save the file: following lines and save the file:
![Image of onboarding](images/a22081b675da83e8f62a046ae6922b0d.png) ![Image of onboarding](images/a22081b675da83e8f62a046ae6922b0d.png)
Edit the ConfiguerOMSAgent.vbs with a text editor, such as notepad, and update the following lines and save the file: Edit the ConfiguerOMSAgent.vbs with a text editor, such as notepad, and update the following lines and save the file:
![Image of onboarding](images/09833d16df7f37eda97ea1d5009b651a.png) ![Image of onboarding](images/09833d16df7f37eda97ea1d5009b651a.png)
Microsoft Monitoring Agent (MMA) is currently (as of January 2019) supported on the following Windows Operating Microsoft Monitoring Agent (MMA) is currently (as of January 2019) supported on the following Windows Operating
Systems: Systems:
@ -257,15 +257,15 @@ MMA for enrollment into the workspace.
9. Set Run to **Hidden**. 9. Set Run to **Hidden**.
10. Set **Program can run** to **Whether or not a user is logged on**. 10. Set **Program can run** to **Whether or not a user is logged on**.
11. Click **Next**. 11. Click **Next**.
12. Set the **Maximum allowed run time** to 720. 12. Set the **Maximum allowed run time** to 720.
13. Click **Next**. 13. Click **Next**.
![Image of Microsoft Endpoint Configuration Manager console](images/262a41839704d6da2bbd72ed6b4a826a.png) ![Image of Microsoft Endpoint Configuration Manager console](images/262a41839704d6da2bbd72ed6b4a826a.png)
14. Verify the configuration, then click **Next**. 14. Verify the configuration, then click **Next**.
@ -275,12 +275,12 @@ MMA for enrollment into the workspace.
16. Click **Close**. 16. Click **Close**.
17. In the Microsoft Endpoint Configuration Manager console, right-click the Microsoft Defender ATP 17. In the Microsoft Endpoint Configuration Manager console, right-click the Microsoft Defender ATP
Onboarding Package just created and select **Deploy**. Onboarding Package just created and select **Deploy**.
18. On the right panel select the appropriate collection. 18. On the right panel select the appropriate collection.
19. Click **OK**. 19. Click **OK**.
## Next generation protection ## Next generation protection
Microsoft Defender Antivirus is a built-in antimalware solution that provides next generation protection for desktops, portable computers, and servers. Microsoft Defender Antivirus is a built-in antimalware solution that provides next generation protection for desktops, portable computers, and servers.
@ -318,7 +318,7 @@ needs on how Antivirus is configured.
![Image of next generation protection pane](images/3876ca687391bfc0ce215d221c683970.png) ![Image of next generation protection pane](images/3876ca687391bfc0ce215d221c683970.png)
3. Right-click on the newly created antimalware policy and select **Deploy** . 3. Right-click on the newly created antimalware policy and select **Deploy**.
![Image of next generation protection pane](images/f5508317cd8c7870627cb4726acd5f3d.png) ![Image of next generation protection pane](images/f5508317cd8c7870627cb4726acd5f3d.png)

14
windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md
View File

@ -32,12 +32,10 @@ Inspired by the "assume breach" mindset, Microsoft Defender ATP continuously col
The response capabilities give you the power to promptly remediate threats by acting on the affected entities. The response capabilities give you the power to promptly remediate threats by acting on the affected entities.
## In this section
Topic | Description ## Related topics
:---|:--- - [Security operations dashboard](security-operations-dashboard.md)
[Security operations dashboard](security-operations-dashboard.md) | Explore a high level overview of detections, highlighting where response actions are needed. - [Incidents queue](view-incidents-queue.md)
[Incidents queue](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue) | View and organize the incidents queue, and manage and investigate alerts. - [Alerts queue](alerts-queue.md)
[Alerts queue](alerts-queue.md) | View and organize the machine alerts queue, and manage and investigate alerts. - [Machines list](machines-view-overview.md)
[Machines list](machines-view-overview.md) | Investigate machines with generated alerts and search for specific events over time.
[Take response actions](response-actions.md) | Learn about the available response actions and apply them to machines and files.

4
windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md
View File

@ -38,7 +38,7 @@ Deploying Microsoft Defender ATP is a three-phase process:
<td align="center" > <td align="center" >
<a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment"> <a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment">
<img src="images/setup.png" alt="Onboard to the Microsoft Defender ATP service" title="Setup the Microsoft Defender ATP service" /> <img src="images/setup.png" alt="Onboard to the Microsoft Defender ATP service" title="Setup the Microsoft Defender ATP service" />
<br/>Phase 2: Setup </a><br> <br/>Phase 2: Set up </a><br>
</td> </td>
<td align="center"> <td align="center">
<a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboarding"> <a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboarding">
@ -180,5 +180,5 @@ how the endpoint security suite should be enabled.
## Next step ## Next step
||| |||
|:-------|:-----| |:-------|:-----|
|![Phase 2: Setup](images/setup.png) <br>[Phase 2: Setup](production-deployment.md) | Setup Microsoft Defender ATP deployment |![Phase 2: Setup](images/setup.png) <br>[Phase 2: Setup](production-deployment.md) | Set up Microsoft Defender ATP deployment

25
windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
View File

@ -1,5 +1,5 @@
--- ---
title: Setup Microsoft Defender ATP deployment title: Set up Microsoft Defender ATP deployment
description: description:
keywords: keywords:
search.product: eADQiWindows 10XVcnh search.product: eADQiWindows 10XVcnh
@ -17,7 +17,7 @@ ms.collection: M365-security-compliance
ms.topic: article ms.topic: article
--- ---
# Setup Microsoft Defender ATP deployment # Set up Microsoft Defender ATP deployment
**Applies to:** **Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
@ -36,7 +36,7 @@ Deploying Microsoft Defender ATP is a three-phase process:
<td align="center"bgcolor="#d5f5e3"> <td align="center"bgcolor="#d5f5e3">
<a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment"> <a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment">
<img src="images/setup.png" alt="Onboard to the Microsoft Defender ATP service" title="Setup" /> <img src="images/setup.png" alt="Onboard to the Microsoft Defender ATP service" title="Setup" />
<br/>Phase 2: Setup </a><br> <br/>Phase 2: Set up </a><br>
</td> </td>
<td align="center"> <td align="center">
<a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboarding"> <a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboarding">
@ -48,7 +48,7 @@ Deploying Microsoft Defender ATP is a three-phase process:
</tr> </tr>
</table> </table>
You are currently in the setup phase. You are currently in the set up phase.
In this deployment scenario, you'll be guided through the steps on: In this deployment scenario, you'll be guided through the steps on:
- Licensing validation - Licensing validation
@ -69,9 +69,9 @@ Checking for the license state and whether it got properly provisioned, can be d
1. Alternately, in the admin center, navigate to **Billing** > **Subscriptions**. 1. Alternately, in the admin center, navigate to **Billing** > **Subscriptions**.
- On the screen you will see all the provisioned licenses and their current **Status**. On the screen you will see all the provisioned licenses and their current **Status**.
![Image of billing licenses](images/atp-billing-subscriptions.png) ![Image of billing licenses](images/atp-billing-subscriptions.png)
## Cloud Service Provider validation ## Cloud Service Provider validation
@ -88,7 +88,7 @@ To gain access into which licenses are provisioned to your company, and to check
## Tenant Configuration ## Tenant Configuration
When accessing [Microsoft Defender Security Center](https://securitycenter.windows.com/) for the first time there will be a setup wizard that will guide you through some initial steps. At the end of the setup wizard there will be a dedicated cloud instance of Microsoft Defender ATP created. The easiest method is to perform these steps from a Windows 10 client machine. When accessing [Microsoft Defender Security Center](https://securitycenter.windows.com/) for the first time there will be a set up wizard that will guide you through some initial steps. At the end of the setup wizard there will be a dedicated cloud instance of Microsoft Defender ATP created. The easiest method is to perform these steps from a Windows 10 client machine.
1. From a web browser, navigate to <https://securitycenter.windows.com>. 1. From a web browser, navigate to <https://securitycenter.windows.com>.
@ -103,7 +103,7 @@ When accessing [Microsoft Defender Security Center](https://securitycenter.windo
4. Set up preferences. 4. Set up preferences.
**Data storage location** - It's important to set this up correctly. Determine where the customer wants to be primarily hosted: US, EU or UK. You cannot change the location after this setup and Microsoft will not transfer the data from the specified geolocation. **Data storage location** - It's important to set this up correctly. Determine where the customer wants to be primarily hosted: US, EU or UK. You cannot change the location after this set up and Microsoft will not transfer the data from the specified geolocation.
**Data retention** - The default is 6 months. **Data retention** - The default is 6 months.
@ -160,11 +160,8 @@ services if a computer is not permitted to connect to the Internet. The static
proxy is configurable through Group Policy (GP). The group policy can be found proxy is configurable through Group Policy (GP). The group policy can be found
under: under:
- Administrative Templates \> Windows Components \> Data Collection and - Administrative Templates \> Windows Components \> Data Collection and Preview Builds \> Configure Authenticated Proxy usage for the Connected User Experience and Telemetry Service
Preview Builds \> Configure Authenticated Proxy usage for the Connected User - Set it to **Enabled** and select **Disable Authenticated Proxy usage**
Experience and Telemetry Service
- Set it to **Enabled** and select **Disable Authenticated Proxy usage**
1. Open the Group Policy Management Console. 1. Open the Group Policy Management Console.
2. Create a policy or edit an existing policy based off the organizational practices. 2. Create a policy or edit an existing policy based off the organizational practices.
@ -261,4 +258,4 @@ You can find the Azure IP range on [Microsoft Azure Datacenter IP Ranges](https:
## Next step ## Next step
||| |||
|:-------|:-----| |:-------|:-----|
|![Phase 3: Onboard](images/onboard.png) <br>[Phase 3: Onboard](onboarding.md) | Onboard devices to the service so the Microsoft Defender ATP service can get sensor data from them |![Phase 3: Onboard](images/onboard.png) <br>[Phase 3: Onboard](onboarding.md) | Onboard devices to the service so the Microsoft Defender ATP service can get sensor data from them