From ac0de6c9a99f44ece4552743e63203ebd09790d3 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Tue, 7 Mar 2017 14:53:25 -0800 Subject: [PATCH 1/2] edits from leonid --- ...nternet-windows-defender-advanced-threat-protection.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 49287b61de..5e69d804c4 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -45,16 +45,16 @@ Configure a registry-based static proxy to allow only Windows Defender ATP senso The static proxy is configurable through Group Policy (GP). The group policy can be found under: **Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure connected user experiences and telemetry**. -The registry key that this policy sets can be found at: -```HKLM\Software\Policies\Microsoft\Windows\DataCollection TelemetryProxyServer``` +The policy sets two registry values `TelemetryProxyServer` as REG_SZ and `DisableEnterpriseAuthProxy` as REG_DWORD under the registry key `HKLM\Software\Policies\Microsoft\Windows\DisableEnterpriseAuthProxy`. + +The registry value `TelemetryProxyServer` takes the following string format: -The policy and the registry key takes the following string format: ```text : ``` For example: 10.0.0.6:8080 -If the static proxy settings are configured after onboarding, then you must restart the PC to apply the proxy settings. +The registry value `DisableEnterpriseAuthProxy` should be set to 1. ## Configure the proxy server manually using netsh command From 7e613e2743ec476341da59ab3b9c9ce0ca5fe039 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Tue, 7 Mar 2017 15:04:05 -0800 Subject: [PATCH 2/2] updates from dan m. --- ...y-internet-windows-defender-advanced-threat-protection.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 5e69d804c4..8ef29a6be5 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -37,8 +37,8 @@ The WinHTTP configuration setting is independent of the Windows Internet (WinINe - Manual static proxy configuration: - - WinHTTP configured using netsh command - Registry based configuration + - WinHTTP configured using netsh command – Suitable only for desktops in a stable topology (for example: a desktop in a corporate network behind the same proxy) ## Configure the proxy server manually using a registry-based static proxy Configure a registry-based static proxy to allow only Windows Defender ATP sensor to report telemetry and communicate with Windows Defender ATP services if a computer is not be permitted to connect to the Internet. @@ -61,7 +61,8 @@ The registry value `DisableEnterpriseAuthProxy` should be set to 1. Use netsh to configure a system-wide static proxy. > [!NOTE] -> This will affect all applications including Windows services which use WinHTTP with default proxy. +> - This will affect all applications including Windows services which use WinHTTP with default proxy.
+> - Laptops that are changing topology (for example: from office to home) will malfunction with netsh. Use the registry-based static proxy configuration. 1. Open an elevated command-line: