deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-07 18:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

revised requirements

Browse Source
This commit is contained in:
Justin Hall 2018-05-01 10:55:21 -07:00
parent 15f69cef8a
commit 76236dc81b
2 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
View File

@ -194,15 +194,12 @@ With this rule, admins can prevent unsigned or untrusted executable files from r
## Requirements
The following requirements must be met before Attack surface reduction will work:
Attack surface reduction requires Microsoft 365 E5 and Windows Defender AV real-time protection.
Windows 10 version | Windows Defender Antivirus
- | -
Insider Preview build 16232 or later (dated July 1, 2017 or later) | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled
## Review Attack surface reduction events in Windows Event Viewer
You can review the Windows event log to see events that are created when an Attack surface reduction rule is triggered (or audited):

24
windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
View File

@ -59,7 +59,13 @@ You can use the Windows Defender ATP console to obtain detailed reporting into e
## Requirements
Each of the features in Windows Defender EG have slightly different requirements:
The following table lists requirements for each feature in Windows Defender EG.
**Legend**<br/>
![not supported](./images/ball_empty.png) Not supported<br/>
![supported](./images/ball_50.png) Supported<br/>
![supported, enhanced](./images/ball_75.png) Includes advanced exploit protection for the kernel mode via [HVCI] (https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity)<br/>
![supported, full reporting](./images/ball_full.png) Includes automated reporting into the Windows Defender ATP console<br/>
| Feature | Windows 10 Home | Windows 10 Professional | Windows 10 E3 | Windows 10 E5 |
| ----------------- | :------------------------------------: | :---------------------------: | :-------------------------: | :--------------------------------------: |
@ -68,20 +74,14 @@ Each of the features in Windows Defender EG have slightly different requirements
| Network protection | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
| Controlled folder access | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
> [!NOTE]
> ![supported, enhanced](./images/ball_75.png) Exploit Protection - On Windows 10 E3, includes advanced exploit protection for the kernel mode via [HVCI] (https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity).<br/>
> ![supported, full reporting](./images/ball_full.png) On Windows 10 E5, includes automated reporting into the Windows Defender ATP console.
The following table lists which features in Windows Defender EG require enabling [real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) from Windows Defender Antivirus.
| Feature | [Windows Defender Antivirus](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
| Feature | Real-time protection |
|-----------------| ------------------------------------ |
| Exploit protection | No requirement |
| Attack surface reduction | [Real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled |
| Network protection | [Real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled |
| Controlled folder access | [Real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled |
> [!NOTE]
> Each feature's requirements are further described in the individual topics in this library.
| Attack surface reduction | Must be enabled |
| Network protection | Must be enabled |
| Controlled folder access | Must be enabled |
## In this library