diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md
index 9c6868f35a..93479ddd8a 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md
@@ -1,5 +1,5 @@
 ---
-title: Turn network protection on
+title: Turn on network protection 
 description: Enable Network protection with Group Policy, PowerShell, or MDM CSPs
 keywords: ANetwork protection, exploits, malicious website, ip, domain, domains, enable, turn on
 search.product: eADQiWindows 10XVcnh
@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 03/27/2019
+ms.date: 03/28/2019
 ---
 
 # Enable network protection
@@ -24,14 +24,25 @@ ms.date: 03/27/2019
 You can [audit network protection](evaluate-network-protection.md) in a test environment to see which apps would be blocked before you enable it.  
 You can enable network protection by using any of the these methods:
 
+- Intune 
 - MDM
 - Group Policy
 - PowerShell cmdlets
 
+## Intune
+
+1. Sign in to the [Azure portal](https://portal.azure.com) and open Intune.
+1. Click **Device configuration** > **Profiles** > **Create profile**.
+1. Name the profile, choose **Windows 10 and later** and **Endpoint protection**.
+   ![Create endpoint protection profile](images/create-endpoint-protection-profile.png) 
+1. Click **Configure** > **Windows Defender Exploit Guard** > **Network filtering** > **Enable**.  
+   ![Enable network protection in Intune](images/enable-np-intune.png)
+1. Click **OK** to save each open blade and click **Create**. 
+1. Click the profile **Assignments**, assign to **All Users & All Devices**, and click **Save**.
 
 ## MDM
 
-Use the [./Vendor/MSFT/Policy/Config/Defender/EnableNetworkProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-enablenetworkprotection) configuration service provider (CSP) to enable and configure network protection.
+Use the [./Vendor/MSFT/Policy/Config/Defender/EnableNetworkProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-enablenetworkprotection) configuration service provider (CSP) to enable or disable network protection or enable audit mode.
 
 ## Group Policy