From 8063c94082fcdab143f9b95542916da843f62482 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 30 Apr 2018 13:55:03 -0700 Subject: [PATCH] update proxy table --- ...ows-defender-advanced-threat-protection.md | 23 ++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md index cd4942e214..e5c1e8c72f 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -85,10 +85,27 @@ For example: netsh winhttp set proxy 10.0.0.6:8080 ## Enable access to Windows Defender ATP service URLs in the proxy server If a proxy or firewall is blocking all traffic by default and allowing only specific domains through or HTTPS scanning (SSL inspection) is enabled, make sure that the following URLs are white-listed to permit communication with Windows Defender ATP service in port 80 and 443: -Service location | .Microsoft.com DNS record +**For Windows 10, version 1607 to Windows 10, version 1709**: + +Service location | Microsoft.com DNS record :---|:--- - US |```*.blob.core.windows.net```
```crl.microsoft.com```
```ctldl.windowsupdate.com```
```us.vortex-win.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
```winatp-gw-eus.microsoft.com``` -Europe |```*.blob.core.windows.net```
```crl.microsoft.com```
```ctldl.windowsupdate.com```
```eu.vortex-win.data.microsoft.com```
```winatp-gw-neu.microsoft.com```
```winatp-gw-weu.microsoft.com```
+Common URLs for all locations | ```*.blob.core.windows.net```
```crl.microsoft.com```
```ctldl.windowsupdate.com``` +US | ```us.vortex-win.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
```winatp-gw-eus.microsoft.com``` +Europe | ```eu.vortex-win.data.microsoft.com```
```winatp-gw-neu.microsoft.com```
```winatp-gw-weu.microsoft.com``` +UK | ```uk.vortex-win.data.microsoft.com```
```winatp-gw-uks.microsoft.com```
```winatp-gw-ukw.microsoft.com``` +AU | ```au.vortex-win.data.microsoft.com```
```winatp-gw-aue.microsoft.com```
```winatp-gw-aus.microsoft.com``` + + +**For Windows 10, version 1803**: + +Service location | Microsoft.com DNS record +:---|:--- +Common URLs for all locations |```*.blob.core.windows.net```
```crl.microsoft.com```
```ctldl.windowsupdate.com```
```events.data.microsoft.com``` +US | ```us-v20.events.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
```winatp-gw-eus.microsoft.com``` +Europe | ```eu-v20.events.data.microsoft.com```
```winatp-gw-neu.microsoft.com```
```winatp-gw-weu.microsoft.com``` +UK | ```uk-v20.events.data.microsoft.com```
```winatp-gw-uks.microsoft.com```
```winatp-gw-ukw.microsoft.com``` +AU | ```au-v20.events.data.microsoft.com```
```winatp-gw-aue.microsoft.com```
```winatp-gw-aus.microsoft.com``` + If a proxy or firewall is blocking anonymous traffic, as Windows Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the above listed URLs.