deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 14:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

lint/cleaned enable network protection -- need more work on eg refs

Browse Source
This commit is contained in:
martyav 2019-07-30 15:32:05 -04:00
parent 7b13a3b6a8
commit c9c38758ad
1 changed files with 31 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md
View File

@ -20,18 +20,18 @@ manager: dansimp
**Applies to:** **Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) * [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[Network protection](network-protection-exploit-guard.md) helps to prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet. [Network protection](network-protection.md) helps to prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.
You can [audit network protection](evaluate-network-protection.md) in a test environment to see which apps would be blocked before you enable it. You can [audit network protection](evaluate-network-protection.md) in a test environment to see which apps would be blocked before you enable it.
You can enable network protection by using any of these methods: You can enable network protection by using any of these methods:
- [Microsoft Intune](#intune) * [Microsoft Intune](#intune)
- [Mobile Device Management (MDM)](#mdm) * [Mobile Device Management (MDM)](#mdm)
- [System Center Configuration Manager (SCCM)](#sccm) * [System Center Configuration Manager (SCCM)](#sccm)
- [Group Policy](#group-policy) * [Group Policy](#group-policy)
- [PowerShell](#powershell) * [PowerShell](#powershell)
## Intune ## Intune
@ -72,43 +72,42 @@ You can use the following procedure to enable network protection on domain-joine
3. Expand the tree to **Windows components** > **Windows Defender Antivirus** > **Windows Defender Exploit Guard** > **Network protection**. 3. Expand the tree to **Windows components** > **Windows Defender Antivirus** > **Windows Defender Exploit Guard** > **Network protection**.
4. Double-click the **Prevent users and apps from accessing dangerous websites** setting and set the option to **Enabled**. In the options section, you must specify one of the following: 4. Double-click the **Prevent users and apps from accessing dangerous websites** setting and set the option to **Enabled**. In the options section, you must specify one of the following:
- **Block** - Users will not be able to access malicious IP addresses and domains * **Block** - Users will not be able to access malicious IP addresses and domains
- **Disable (Default)** - The Network protection feature will not work. Users will not be blocked from accessing malicious domains * **Disable (Default)** - The Network protection feature will not work. Users will not be blocked from accessing malicious domains
- **Audit Mode** - If a user visits a malicious IP address or domain, an event will be recorded in the Windows event log but the user will not be blocked from visiting the address. * **Audit Mode** - If a user visits a malicious IP address or domain, an event will be recorded in the Windows event log but the user will not be blocked from visiting the address.
>[!IMPORTANT] > [!IMPORTANT]
>To fully enable network protection, you must set the Group Policy option to **Enabled** and also select **Block** in the options drop-down menu. > To fully enable network protection, you must set the Group Policy option to **Enabled** and also select **Block** in the options drop-down menu.
You can confirm network protection is enabled on a local computer by using Registry editor: You can confirm network protection is enabled on a local computer by using Registry editor:
1. Click **Start** and type **regedit** to open **Registry Editor**. 1. Click **Start** and type **regedit** to open **Registry Editor**.
1. Navigate to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection 1. Navigate to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection
1. Click **EnableNetworkProtection** and confirm the value: 1. Click **EnableNetworkProtection** and confirm the value:
- 0=Off * 0=Off
- 1=On * 1=On
- 2=Audit * 2=Audit
## PowerShell ## PowerShell
1. Type **powershell** in the Start menu, right-click **Windows PowerShell** and click **Run as administrator** 1. Type **powershell** in the Start menu, right-click **Windows PowerShell** and click **Run as administrator**
2. Enter the following cmdlet: 2. Enter the following cmdlet:
``` ```PowerShell
Set-MpPreference -EnableNetworkProtection Enabled Set-MpPreference -EnableNetworkProtection Enabled
``` ```
You can enable the feature in audit mode using the following cmdlet: You can enable the feature in audit mode using the following cmdlet:
``` ```PowerShell
Set-MpPreference -EnableNetworkProtection AuditMode Set-MpPreference -EnableNetworkProtection AuditMode
``` ```
Use `Disabled` instead of `AuditMode` or `Enabled` to turn the feature off. Use `Disabled` instead of `AuditMode` or `Enabled` to turn the feature off.
## Related topics ## Related topics
- [Windows Defender Exploit Guard](windows-defender-exploit-guard.md) * [Windows Defender Exploit Guard](windows-defender-exploit-guard.md)
- [Network protection](network-protection-exploit-guard.md) * [Network protection](network-protection.md)
- [Evaluate network protection](evaluate-network-protection.md) * [Evaluate network protection](evaluate-network-protection.md)
- [Troubleshoot network protection](troubleshoot-np.md) * [Troubleshoot network protection](troubleshoot-np.md)