From 62952b92031345f17ea757a00392ce70601ca97f Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 13 Nov 2018 17:26:14 -0800 Subject: [PATCH 1/2] add azure ip address range --- .../threat-protection/windows-defender-atp/TOC.md | 2 +- ...-windows-defender-advanced-threat-protection.md | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md index f05f3f551f..b57148d27e 100644 --- a/windows/security/threat-protection/windows-defender-atp/TOC.md +++ b/windows/security/threat-protection/windows-defender-atp/TOC.md @@ -181,7 +181,7 @@ ##### [Network firewall](../windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md) #### [Evaluate next generation protection](../windows-defender-antivirus/evaluate-windows-defender-antivirus.md) -### [Access the Windows Security app](community-windows-defender-advanced-threat-protection.md) +### [Access the Windows Defender Security Center Community Center](community-windows-defender-advanced-threat-protection.md) ## [Configure and manage capabilities](onboard.md) ### [Configure attack surface reduction](configure-attack-surface-reduction.md) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md index c7d9e056c4..28076a7e43 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -98,8 +98,22 @@ United Kingdom | ```uk.vortex-win.data.microsoft.com```
```uk-v20.events.dat United States | ```us.vortex-win.data.microsoft.com```
```us-v20.events.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
```winatp-gw-eus.microsoft.com``` + If a proxy or firewall is blocking anonymous traffic, as Windows Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the above listed URLs. +### IP range +You'll need to whitelist the following Azure IP addresses/ranges published on [Microsoft Azure Datacenter IP Ranges](https://www.microsoft.com/en-us/download/details.aspx?id=41653). + +The Windows Defender ATP service is deployed in the following regions: +- \+\ +- \+\ +- \+\ +- \+\ +- \+\ +- \+\ +- \+\ + + ## Verify client connectivity to Windows Defender ATP service URLs From 7b09c561a974c2cda78f3fd5c3ebdd7b3830f87d Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 14 Nov 2018 13:10:50 -0800 Subject: [PATCH 2/2] update azure ip range --- ...-windows-defender-advanced-threat-protection.md | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 28076a7e43..2609656756 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -11,7 +11,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: medium -ms.date: 09/12/2018 +ms.date: 11/14/2018 --- @@ -101,10 +101,11 @@ United States | ```us.vortex-win.data.microsoft.com```
```us-v20.events.data If a proxy or firewall is blocking anonymous traffic, as Windows Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the above listed URLs. -### IP range -You'll need to whitelist the following Azure IP addresses/ranges published on [Microsoft Azure Datacenter IP Ranges](https://www.microsoft.com/en-us/download/details.aspx?id=41653). +## Windows Defender ATP service backend IP range +If you network devices don't support the URLs white-listed in the prior section, you can use the following information. + +Windows Defender ATP is built on Azure cloud, deployed in the following regions: -The Windows Defender ATP service is deployed in the following regions: - \+\ - \+\ - \+\ @@ -114,6 +115,11 @@ The Windows Defender ATP service is deployed in the following regions: - \+\ +You can find the Azure IP range on [Microsoft Azure Datacenter IP Ranges](https://www.microsoft.com/en-us/download/details.aspx?id=41653). + +>[!NOTE] +> As a cloud-based solution, the IP range can change. It's recommended you move to DNS resolving setting. + ## Verify client connectivity to Windows Defender ATP service URLs