mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-05 00:57:22 +00:00
Merge pull request #2059 from MicrosoftDocs/FromPrivateRepo
From private repo
This commit is contained in:
huypub
GitHub
commit
98a7f9e079
@ -6,6 +6,8 @@
|
||||
## [Scenarios and Capabilities](windows-autopilot-scenarios.md)
|
||||
### [Support for existing devices](existing-devices.md)
|
||||
### [User-driven mode](user-driven.md)
|
||||
#### [Azure Active Directory joined](user-driven-aad.md)
|
||||
#### [Hybrid Azure Active Directory joined](user-driven-hybrid.md)
|
||||
### [Self-deploying mode](self-deploying.md)
|
||||
### [Enrollment status page](enrollment-status.md)
|
||||
### [Windows Autopilot Reset](windows-autopilot-reset.md)
|
||||
|
||||
@ -1,19 +1,35 @@
|
||||
---
|
||||
title: User-driven mode for AAD
|
||||
description: Listing of Autopilot scenarios
|
||||
keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: low
|
||||
ms.sitesec: library
|
||||
ms.pagetype: deploy
|
||||
author: greg-lindsay
|
||||
ms.author: greg-lindsay
|
||||
ms.date: 10/02/2018
|
||||
---
|
||||
|
||||
# Windows Autopilot user-driven mode for Azure Active Directory
|
||||
|
||||
**Applies to: Windows 10**
|
||||
|
||||
PLACEHOLDER. This topic is a placeholder for the AAD-specific instuctions currently in user-driven.md.
|
||||
---
|
||||
title: User-driven mode for AAD
|
||||
description: Listing of Autopilot scenarios
|
||||
keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: low
|
||||
ms.sitesec: library
|
||||
ms.pagetype: deploy
|
||||
author: greg-lindsay
|
||||
ms.author: greg-lindsay
|
||||
ms.date: 11/07/2018
|
||||
---
|
||||
|
||||
# Windows Autopilot user-driven mode for Azure Active Directory join
|
||||
|
||||
**Applies to: Windows 10**
|
||||
|
||||
## Procedures
|
||||
|
||||
In order to perform a user-driven deployment using Windows Autopilot, the following preparation steps need to be completed:
|
||||
|
||||
- Ensure that the users who will be performing user-driven mode deployments are able to join devices to Azure Active Directory. See [Configure device settings](https://docs.microsoft.com/azure/active-directory/device-management-azure-portal#configure-device-settings) in the Azure Active Directory documentation for more information.
|
||||
- Create an Autopilot profile for user-driven mode with the desired settings. In Microsoft Intune, this mode is explicitly chosen when creating the profile. With Microsoft Store for Business and Partner Center, user-driven mode is the default and does not need to be selected.
|
||||
- If using Intune, create a device group in Azure Active Directory and assign the Autopilot profile to that group.
|
||||
|
||||
For each device that will be deployed using user-driven deployment, these additional steps are needed:
|
||||
|
||||
- Ensure that the device has been added to Windows Autopilot. This can be done automatically by an OEM or partner at the time the device is purchased, or it can be done through a manual harvesting process later. See [Adding devices to Windows Autopilot](add-devices.md) for more information.
|
||||
- Ensure an Autopilot profile has been assigned to the device:
|
||||
- If using Intune and Azure Active Directory dynamic device groups, this can be done automatically.
|
||||
- If using Intune and Azure Active Directory static device groups, manually add the device to the device group.
|
||||
- If using other methods (e.g. Microsoft Store for Business or Partner Center), manually assign an Autopilot profile to the device.
|
||||
|
||||
Also see the **Validation** section in the [Windows Autopilot user-driven mode](user-driven.md) topic.
|
||||
|
||||
@ -9,12 +9,31 @@ ms.sitesec: library
|
||||
ms.pagetype: deploy
|
||||
author: greg-lindsay
|
||||
ms.author: greg-lindsay
|
||||
ms.date: 10/02/2018
|
||||
ms.date: 11/07/2018
|
||||
---
|
||||
|
||||
|
||||
# Windows Autopilot user-driven mode for Hybrid Azure Active Directory Join
|
||||
# Windows Autopilot user-driven mode for hybrid Azure Active Directory join
|
||||
|
||||
**Applies to: Windows 10**
|
||||
|
||||
PLACEHOLDER. This topic is a placeholder for the AD-specific (hybrid) instuctions.
|
||||
Windows Autopilot requires that devices be Azure Active Directory joined. If you have an on-premises Active Directory environment and want to also join devices to your on-premises domain, you can accomplish this by configuring Autopilot devices to be [hybrid Azure Active Directory (AAD) joined](https://docs.microsoft.com/azure/active-directory/devices/hybrid-azuread-join-plan).
|
||||
|
||||
## Requirements
|
||||
|
||||
To perform a user-driven hybrid AAD joined deployment using Windows Autopilot:
|
||||
|
||||
- Users must be able to join devices to Azure Active Directory.
|
||||
- A Windows Autopilot profile for user-driven mode must be created and
|
||||
- **Hybrid Azure AD joined** must be specified as the selected option under **Join to Azure AD as** in the Autopilot profile.
|
||||
- If using Intune, a device group in Azure Active Directory must exist with the Windows Autopilot profile assigned to that group.
|
||||
- The device must be running Windows 10, version 1809 or later.
|
||||
- The device must be connected to the Internet and have access to an Active Directory domain controller.
|
||||
- The Intune Connector for Active Directory must be installed.
|
||||
- Note: The Intune Connector will perform an on-prem AD join, therefore users do not need on-prem AD-join permission, assuming the Connector is [configured to perform this action](https://docs.microsoft.com/intune/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit) on the user's behalf.
|
||||
|
||||
## Step by step instructions
|
||||
|
||||
See [Deploy hybrid Azure AD joined devices using Intune and Windows Autopilot](https://docs.microsoft.com/intune/windows-autopilot-hybrid).
|
||||
|
||||
Also see the **Validation** section in the [Windows Autopilot user-driven mode](user-driven.md) topic.
|
||||
@ -8,11 +8,13 @@ ms.localizationpriority: medium
|
||||
ms.sitesec: library
|
||||
ms.pagetype: deploy
|
||||
author: greg-lindsay
|
||||
ms.date: 10/02/2018
|
||||
ms.date: 11/07/2018
|
||||
ms.author: greg-lindsay
|
||||
ms.date: 10/02/2018
|
||||
ms.date: 11/07/2018
|
||||
---
|
||||
|
||||
# Windows Autopilot user-driven mode
|
||||
|
||||
Windows Autopilot user-driven mode is designed to enable new Windows 10 devices to be transformed from their initial state, directly from the factory, into a ready-to-use state without requiring that IT personnel ever touch the device. The process is designed to be simple so that anyone can complete it, enabling devices to be shipped or distributed to the end user directly with simple instructions:
|
||||
|
||||
- Unbox the device, plug it in, and turn it on.
|
||||
@ -24,21 +26,12 @@ After completing those simple steps, the remainder of the process is completely
|
||||
|
||||
Today, Windows Autopilot user-driven mode supports joining devices to Azure Active Directory. Support for Hybrid Azure Active Directory Join (with devices joined to an on-premises Active Directory domain) will be available in a future Windows 10 release. See [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/device-management-introduction) for more information about the differences between these two join options.
|
||||
|
||||
## Step by step
|
||||
## Available user-driven modes
|
||||
|
||||
In order to perform a user-driven deployment using Windows Autopilot, the following preparation steps need to be completed:
|
||||
The following options are available for user-driven deployment:
|
||||
|
||||
- Ensure that the users who will be performing user-driven mode deployments are able to join devices to Azure Active Directory. See [Configure device settings](https://docs.microsoft.com/azure/active-directory/device-management-azure-portal#configure-device-settings) in the Azure Active Directory documentation for more information.
|
||||
- Create an Autopilot profile for user-driven mode with the desired settings. In Microsoft Intune, this mode is explicitly chosen when creating the profile. With Microsoft Store for Business and Partner Center, user-driven mode is the default and does not need to be selected.
|
||||
- If using Intune, create a device group in Azure Active Directory and assign the Autopilot profile to that group.
|
||||
|
||||
For each machine that will be deployed using user-driven deployment, these additional steps are needed:
|
||||
|
||||
- Ensure that the device has been added to Windows Autopilot. This can be done automatically by an OEM or partner at the time the device is purchased, or it can be done through a manual harvesting process later. See [Adding devices to Windows Autopilot](add-devices.md) for more information.
|
||||
- Ensure an Autopilot profile has been assigned to the device:
|
||||
- If using Intune and Azure Active Directory dynamic device groups, this can be done automatically.
|
||||
- If using Intune and Azure Active Directory static device groups, manually add the device to the device group.
|
||||
- If using other methods (e.g. Microsoft Store for Business or Partner Center), manually assign an Autopilot profile to the device.
|
||||
- [Azure Active Directory join](user-driven-aad.md) is available if devices do not need to be joined to an on-prem Active Directory domain.
|
||||
- [Hybrid Azure Active Directory join](user-driven-hybrid.md) is available for devices that must be joined to both Azure Active Directory and your on-prem Active Directory domain.
|
||||
|
||||
## Validation
|
||||
|
||||
|
||||
@ -18,6 +18,7 @@ ms.date: 06/05/2018
|
||||
|
||||
- Windows 10 Enterprise, version 1607 and newer
|
||||
- Windows Server 2016
|
||||
- Windows Server 2019
|
||||
|
||||
If you're looking for content on what each diagnostic data level means and how to configure it in your organization, see [Configure Windows diagnostic data in your organization](configure-windows-diagnostic-data-in-your-organization.md).
|
||||
|
||||
@ -43,6 +44,12 @@ Note that **Get Help** and **Give us Feedback** links no longer work after the W
|
||||
|
||||
We are always striving to improve our documentation and welcome your feedback. You can provide feedback by contacting telmhelp@microsoft.com.
|
||||
|
||||
## What's new in Windows 10, version 1809 Enterprise edition
|
||||
|
||||
Here's a list of changes that were made to this article for Windows 10, version 1809:
|
||||
|
||||
- Added a policy to disable Windows Defender SmartScreen
|
||||
|
||||
## What's new in Windows 10, version 1803 Enterprise edition
|
||||
|
||||
Here's a list of changes that were made to this article for Windows 10, version 1803:
|
||||
@ -99,19 +106,19 @@ The following table lists management options for each setting, beginning with Wi
|
||||
|
||||
| Setting | UI | Group Policy | MDM policy | Registry | Command line |
|
||||
| - | :-: | :-: | :-: | :-: | :-: |
|
||||
| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | |  | | | |
|
||||
| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | |  | |  | |
|
||||
| [2. Cortana and Search](#bkmk-cortana) |  |  |  |  | |
|
||||
| [3. Date & Time](#bkmk-datetime) |  |  | |  | |
|
||||
| [4. Device metadata retrieval](#bkmk-devinst) | |  | |  | |
|
||||
| [5. Find My Device](#find-my-device) | |  | | | |
|
||||
| [6. Font streaming](#font-streaming) | |  | |  | |
|
||||
| [4. Device metadata retrieval](#bkmk-devinst) | |  |  |  | |
|
||||
| [5. Find My Device](#find-my-device) |  |  | |  | |
|
||||
| [6. Font streaming](#font-streaming) | |  |  |  | |
|
||||
| [7. Insider Preview builds](#bkmk-previewbuilds) |  |  |  |  | |
|
||||
| [8. Internet Explorer](#bkmk-ie) |  |  | |  | |
|
||||
| [9. Live Tiles](#live-tiles) | |  | |  | |
|
||||
| [10. Mail synchronization](#bkmk-mailsync) |  | |  |  | |
|
||||
| [11. Microsoft Account](#bkmk-microsoft-account) | |  |  |  | |
|
||||
| [12. Microsoft Edge](#bkmk-edge) |  |  |  |  | |
|
||||
| [13. Network Connection Status Indicator](#bkmk-ncsi) | |  | |  | |
|
||||
| [13. Network Connection Status Indicator](#bkmk-ncsi) | |  |  |  | |
|
||||
| [14. Offline maps](#bkmk-offlinemaps) |  |  | |  | |
|
||||
| [15. OneDrive](#bkmk-onedrive) | |  | |  | |
|
||||
| [16. Preinstalled apps](#bkmk-preinstalledapps) |  | | | |  |
|
||||
@ -142,6 +149,7 @@ The following table lists management options for each setting, beginning with Wi
|
||||
| [21. Teredo](#bkmk-teredo) | |  | |  |  |
|
||||
| [22. Wi-Fi Sense](#bkmk-wifisense) |  |  | |  | |
|
||||
| [23. Windows Defender](#bkmk-defender) | |  |  |  | |
|
||||
| [23.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | |  |  |  | |
|
||||
| [24. Windows Media Player](#bkmk-wmp) |  | | | |  |
|
||||
| [25. Windows Spotlight](#bkmk-spotlight) |  |  |  |  | |
|
||||
| [26. Microsoft Store](#bkmk-windowsstore) | |  | |  | |
|
||||
@ -202,6 +210,63 @@ See the following table for a summary of the management settings for Windows Ser
|
||||
| [21. Teredo](#bkmk-teredo) | |  |
|
||||
| [28. Windows Update](#bkmk-wu) |  | |
|
||||
|
||||
### Settings for Windows Server 2019
|
||||
|
||||
See the following table for a summary of the management settings for Windows Server 2019.
|
||||
|
||||
| Setting | UI | Group Policy | MDM policy | Registry | Command line |
|
||||
| - | :-: | :-: | :-: | :-: | :-: |
|
||||
| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | |  | |  | |
|
||||
| [2. Cortana and Search](#bkmk-cortana) |  |  |  |  | |
|
||||
| [3. Date & Time](#bkmk-datetime) |  |  | |  | |
|
||||
| [4. Device metadata retrieval](#bkmk-devinst) | |  |  |  | |
|
||||
| [5. Find My Device](#find-my-device) |  |  | |  | |
|
||||
| [6. Font streaming](#font-streaming) | |  |  |  | |
|
||||
| [7. Insider Preview builds](#bkmk-previewbuilds) |  |  |  |  | |
|
||||
| [8. Internet Explorer](#bkmk-ie) |  |  | |  | |
|
||||
| [9. Live Tiles](#live-tiles) | |  | |  | |
|
||||
| [10. Mail synchronization](#bkmk-mailsync) |  | |  |  | |
|
||||
| [11. Microsoft Account](#bkmk-microsoft-account) | |  |  |  | |
|
||||
| [12. Microsoft Edge](#bkmk-edge) |  |  |  |  | |
|
||||
| [13. Network Connection Status Indicator](#bkmk-ncsi) | |  |  |  | |
|
||||
| [14. Offline maps](#bkmk-offlinemaps) |  |  | |  | |
|
||||
| [15. OneDrive](#bkmk-onedrive) | |  | |  | |
|
||||
| [16. Preinstalled apps](#bkmk-preinstalledapps) |  | | | |  |
|
||||
| [17. Settings > Privacy](#bkmk-settingssection) | | | | | |
|
||||
| [17.1 General](#bkmk-general) |  |  |  |  | |
|
||||
| [17.2 Location](#bkmk-priv-location) |  |  |  |  | |
|
||||
| [17.3 Camera](#bkmk-priv-camera) |  |  |  |  | |
|
||||
| [17.4 Microphone](#bkmk-priv-microphone) |  |  |  |  | |
|
||||
| [17.5 Notifications](#bkmk-priv-notifications) |  |  | |  | |
|
||||
| [17.6 Speech, inking, & typing](#bkmk-priv-speech) |  |  |  |  | |
|
||||
| [17.7 Account info](#bkmk-priv-accounts) |  |  |  |  | |
|
||||
| [17.8 Contacts](#bkmk-priv-contacts) |  |  |  |  | |
|
||||
| [17.9 Calendar](#bkmk-priv-calendar) |  |  |  |  | |
|
||||
| [17.10 Call history](#bkmk-priv-callhistory) |  |  |  |  | |
|
||||
| [17.11 Email](#bkmk-priv-email) |  |  |  |  | |
|
||||
| [17.12 Messaging](#bkmk-priv-messaging) |  |  |  |  | |
|
||||
| [17.13 Phone calls](#bkmk-priv-phone-calls) |  |  |  |  | |
|
||||
| [17.14 Radios](#bkmk-priv-radios) |  |  |  |  | |
|
||||
| [17.15 Other devices](#bkmk-priv-other-devices) |  |  |  |  | |
|
||||
| [17.16 Feedback & diagnostics](#bkmk-priv-feedback) |  |  |  |  | |
|
||||
| [17.17 Background apps](#bkmk-priv-background) |  |  |  | | |
|
||||
| [17.18 Motion](#bkmk-priv-motion) |  |  |  |  | |
|
||||
| [17.19 Tasks](#bkmk-priv-tasks) |  |  |  |  | |
|
||||
| [17.20 App Diagnostics](#bkmk-priv-diag) |  |  |  |  | |
|
||||
| [18. Software Protection Platform](#bkmk-spp) | |  |  |  | |
|
||||
| [19. Storage Health](#bkmk-storage-health) | |  | | | |
|
||||
| [20. Sync your settings](#bkmk-syncsettings) |  |  |  |  | |
|
||||
| [21. Teredo](#bkmk-teredo) | |  | |  |  |
|
||||
| [22. Wi-Fi Sense](#bkmk-wifisense) |  |  | |  | |
|
||||
| [23. Windows Defender](#bkmk-defender) | |  |  |  | |
|
||||
| [23.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | |  |  |  | |
|
||||
| [24. Windows Media Player](#bkmk-wmp) |  | | | |  |
|
||||
| [25. Windows Spotlight](#bkmk-spotlight) |  |  |  |  | |
|
||||
| [26. Microsoft Store](#bkmk-windowsstore) | |  | |  | |
|
||||
| [26.1 Apps for websites](#bkmk-apps-for-websites) | |  | | |
|
||||
| [27. Windows Update Delivery Optimization](#bkmk-updates) |  |  |  |  | |
|
||||
| [28. Windows Update](#bkmk-wu) |  |  |  | | |
|
||||
|
||||
## How to configure each setting
|
||||
|
||||
Use the following sections for more information about how to configure each setting.
|
||||
@ -336,9 +401,17 @@ After that, configure the following:
|
||||
|
||||
### <a href="" id="bkmk-devinst"></a>4. Device metadata retrieval
|
||||
|
||||
To prevent Windows from retrieving device metadata from the Internet, apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Device Installation** > **Prevent device metadata retrieval from the Internet**.
|
||||
To prevent Windows from retrieving device metadata from the Internet:
|
||||
|
||||
You can also create a new REG\_DWORD registry setting named **PreventDeviceMetadataFromNetwork** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Device Metadata** and set it to 1 (one).
|
||||
- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Device Installation** > **Prevent device metadata retrieval from the Internet**.
|
||||
|
||||
-or -
|
||||
|
||||
- Create a new REG\_DWORD registry setting named **PreventDeviceMetadataFromNetwork** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Device Metadata** and set it to 1 (one).
|
||||
|
||||
-or -
|
||||
|
||||
- Apply the DeviceInstallation/PreventDeviceMetadataFromNetwork MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork).
|
||||
|
||||
### <a href="" id="find-my-device"></a>5. Find My Device
|
||||
|
||||
@ -608,7 +681,7 @@ You can turn off NCSI by doing one of the following:
|
||||
|
||||
- Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Internet Communication Management** > **Internet Communication Settings** > **Turn off Windows Network Connectivity Status Indicator active tests**
|
||||
|
||||
- In Windows 10, version 1703 and later, apply the Connectivity/DisallowNetworkConnectivityActiveTests MDM policy.
|
||||
- In Windows 10, version 1703 and later, apply the Connectivity/DisallowNetworkConnectivityActiveTests MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) with a value of 1.
|
||||
|
||||
> [!NOTE]
|
||||
> After you apply this policy, you must restart the device for the policy setting to take effect.
|
||||
@ -879,31 +952,13 @@ To turn off **Turn on SmartScreen Filter to check web content (URLs) that Micros
|
||||
|
||||
-or-
|
||||
|
||||
- In Windows Server 2016, apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Edge** > **Configure SmartScreen Filter**.
|
||||
In Windows 10, version 1703, apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Edge** > **Configure Windows Defender SmartScreen Filter**.
|
||||
|
||||
In Windows Server 2016, apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **File Explorer** > **Configure Windows SmartScreen**.
|
||||
In Windows 10, version 1703 , apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **File Explorer** > **Configure Windows Defender SmartScreen**.
|
||||
|
||||
-or-
|
||||
|
||||
- Apply the Browser/AllowSmartScreen MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is turned off and 1 is turned on.
|
||||
|
||||
-or-
|
||||
|
||||
- Create a provisioning package, using:
|
||||
|
||||
- For Internet Explorer: **Runtime settings** > **Policies** > **Browser** > **AllowSmartScreen**
|
||||
|
||||
- For Microsoft Edge: **Runtime settings** > **Policies** > **MicrosoftEdge** > **AllowSmartScreen**
|
||||
- For Internet Explorer: **Runtime settings > Policies > Browser > AllowSmartScreen**
|
||||
- For Microsoft Edge: **Runtime settings > Policies > MicrosoftEdge > AllowSmartScreen**
|
||||
|
||||
-or-
|
||||
|
||||
- Create a REG\_DWORD registry setting named **EnableWebContentEvaluation** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AppHost** with a value of 0 (zero).
|
||||
|
||||
-or-
|
||||
|
||||
- Create a REG\_DWORD registry setting named **EnableSmartScreen** in **HKEY\_LOCAL\_MACHINE\\Sofware\\Policies\\Microsoft\\Windows\\System** with a value of 0 (zero).
|
||||
- Create a REG_DWORD registry setting named **EnableWebContentEvaluation** in **HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost** with a value of 0 (zero).
|
||||
|
||||
To turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**:
|
||||
|
||||
@ -1793,6 +1848,36 @@ For Windows 10 only, you can stop Enhanced Notifications:
|
||||
|
||||
You can also use the registry to turn off Malicious Software Reporting Tool diagnostic data by setting the REG\_DWORD value **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\MRT\\DontReportInfectionInformation** to 1.
|
||||
|
||||
### <a href="" id="bkmk-defender-smartscreen"></a>23.1 Windows Defender SmartScreen
|
||||
|
||||
To disable Windows Defender Smartscreen:
|
||||
|
||||
- In Group Policy, configure - **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure Windows Defender SmartScreen** : **Disable**
|
||||
|
||||
-or-
|
||||
|
||||
- **Computer Configuration > Administrative Templates > Windows Components > File Explorer > Configure Windows Defender SmartScreen** : **Disable**
|
||||
|
||||
-and-
|
||||
|
||||
- **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure app install control** : **Enable**
|
||||
|
||||
-or-
|
||||
|
||||
- Create a REG_DWORD registry setting named **EnableSmartScreen** in **HKEY_LOCAL_MACHINE\Sofware\Policies\Microsoft\Windows\System** with a value of 0 (zero).
|
||||
|
||||
-and-
|
||||
|
||||
- Create a REG_DWORD registry setting named **ConfigureAppInstallControlEnabled** in **HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen** with a value of 1.
|
||||
|
||||
-and-
|
||||
|
||||
- Create a SZ registry setting named **ConfigureAppInstallControl** in **HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen** with a value of **Anywhere**.
|
||||
|
||||
-or-
|
||||
|
||||
- Apply the Browser/AllowSmartScreen MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is turned off and 1 is turned on.
|
||||
|
||||
### <a href="" id="bkmk-wmp"></a>24. Windows Media Player
|
||||
|
||||
To remove Windows Media Player on Windows 10:
|
||||
|
||||
@ -145,13 +145,9 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
|
||||
|
||||
## Certificates
|
||||
|
||||
The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible to [turn off traffic to this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update), but that is not recommended because when root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses.
|
||||
The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible to [turn off traffic to this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update), but that is not recommended because when root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses.
|
||||
|
||||
| Source process | Protocol | Destination | Applies from Windows 10 version |
|
||||
|----------------|----------|------------|----------------------------------|
|
||||
| svchost | HTTP | ctldl.windowsupdate.com | 1709 |
|
||||
|
||||
The following endpoints are used to download certificates that are publicly known to be fraudulent.
|
||||
Additionally, it is used to download certificates that are publicly known to be fraudulent.
|
||||
These settings are critical for both Windows security and the overall security of the Internet.
|
||||
We do not recommend blocking this endpoint.
|
||||
If traffic to this endpoint is turned off, Windows no longer automatically downloads certificates known to be fraudulent, which increases the attack vector on the device.
|
||||
|
||||
@ -63,8 +63,8 @@ To further reinforce the security perimeter of your network, Windows Defender AT
|
||||
|
||||
<a name="edr"></a>
|
||||
|
||||
**[Endpoint protection and response](windows-defender-atp/overview-endpoint-detection-response.md)**<br>
|
||||
Endpoint protection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars.
|
||||
**[Endpoint detection and response](windows-defender-atp/overview-endpoint-detection-response.md)**<br>
|
||||
Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars.
|
||||
|
||||
- [Alerts](windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md)
|
||||
- [Historical endpoint data](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#machine-timeline)
|
||||
|
||||
@ -1,14 +1,14 @@
|
||||
---
|
||||
title: Top scoring in industry antivirus tests
|
||||
description: Windows Defender Antivirus consistently achieves high scores in independent tests. View the latest scores and analysis.
|
||||
keywords: security, malware, av-comparatives, av-test, av, antivirus
|
||||
keywords: security, malware, av-comparatives, av-test, av, antivirus, windows, defender, scores
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: secure
|
||||
ms.sitesec: library
|
||||
ms.localizationpriority: medium
|
||||
ms.author: ellevin
|
||||
author: levinec
|
||||
ms.date: 09/05/2018
|
||||
ms.date: 11/07/2018
|
||||
---
|
||||
|
||||
# Top scoring in industry antivirus tests
|
||||
@ -18,18 +18,16 @@ ms.date: 09/05/2018
|
||||
We want to be transparent and have gathered top industry reports that demonstrate our enterprise antivirus capabilities. Note that these tests only provide results for antivirus and do not test for additional security protections.
|
||||
|
||||
In the real world, millions of devices are protected from cyberattacks every day, sometimes [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign?ocid=cx-docs-avreports). Windows Defender Antivirus is part of the [next generation](https://www.youtube.com/watch?v=Xy3MOxkX_o4) Windows Defender Advanced Threat Protection ([Windows Defender ATP](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports)) security stack which addresses the latest and most sophisticated threats today. In many cases, customers might not even know they were protected. That's because Windows Defender Antivirus detects and stops malware at first sight by using [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering?ocid=cx-docs-avreports), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak?ocid=cx-docs-avreports), behavioral analysis, and other advanced technologies.
|
||||
|
||||
> [!TIP]
|
||||
> Learn why [Windows Defender Antivirus is the most deployed in the enterprise](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise?ocid=cx-docs-avreports).
|
||||
|
||||
<br></br><br></br>
|
||||
|
||||
|
||||
## AV-TEST: Perfect protection score of 6.0/6.0 in the latest test
|
||||
|
||||
The AV-TEST Product Review and Certification Report tests on three categories: protection, performance, and usability. The scores listed below are for the Protection category which has two scores: Real-World Testing and the AV-TEST reference set (known as "Prevalent Malware").
|
||||
> [!NOTE]
|
||||
> [Download our latest analysis: Examining the AV-TEST July-August results](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2IL3Y)
|
||||
|
||||
### July-August 2018 AV-TEST Business User test: [Protection score 6.0/6.0](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/august-2018/microsoft-windows-defender-antivirus-4.12--4.18-183212/) | [Analysis](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2IL3Y) <sup>**Latest**</sup>
|
||||
### July-August 2018 AV-TEST Business User test: [Protection score 6.0/6.0](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/august-2018/microsoft-windows-defender-antivirus-4.12--4.18-183212/) | [Analysis](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2IL3Y)
|
||||
|
||||
Windows Defender Antivirus achieved an overall Protection score of 6.0/6.0, detecting 100% of 20,022 malware samples. With the latest results, Windows Defender Antivirus has achieved 100% on 14 of the 16 most recent antivirus tests (combined "Real-World" and "Prevalent malware").
|
||||
|
||||
|
||||
@ -54,14 +54,11 @@ Some actor profiles include a link to download a more comprehensive threat intel
|
||||
The detailed alert profile helps you understand who the attackers are, who they target, what techniques, tools, and procedures (TTPs) they use, which geolocations they are active in, and finally, what recommended actions you may take. In many cases, you can download a more detailed Threat Intelligence report about this attacker or campaign for offline reading.
|
||||
|
||||
## Alert process tree
|
||||
The **Alert process tree** takes alert triage and investigation to the next level, displaying the alert and related evidence, together with other events that occurred within the same execution context and time. This rich triage context of the alert and surrounding events is available on the alert page.
|
||||
The **Alert process tree** takes alert triage and investigation to the next level, displaying the aggregated alert and surrounding evidence that occurred within the same execution context and time period. This rich triage and investigation context is available on the alert page.
|
||||
|
||||
|
||||
|
||||
The **Alert process tree** expands to display the execution path of the alert, its evidence, and related events that occurred in the minutes - before and after - the alert.
|
||||
|
||||
The alert and related events or evidence have circles with thunderbolt icons inside them.
|
||||
|
||||
The **Alert process tree** expands to display the execution path of the alert and related evidence that occurred around the same period. Items marked with a thunderbolt icon should be given priority during investigation.
|
||||
|
||||
>[!NOTE]
|
||||
>The alert process tree might not be available in some alerts.
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
ms.author: macapara
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
ms.date: 10/26/2018
|
||||
ms.date: 11/07/2018
|
||||
---
|
||||
|
||||
# Windows Defender Advanced Threat Protection
|
||||
@ -76,8 +76,8 @@ To further reinforce the security perimeter of your network, Windows Defender AT
|
||||
|
||||
<a name="edr"></a>
|
||||
|
||||
**[Endpoint protection and response](overview-endpoint-detection-response.md)**<br>
|
||||
Endpoint protection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars.
|
||||
**[Endpoint detection and response](overview-endpoint-detection-response.md)**<br>
|
||||
Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars.
|
||||
|
||||
<a name="ai"></a>
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user