diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md index 1848ca38b2..fa3402a679 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md @@ -8,7 +8,7 @@ ms.pagetype: security ms.localizationpriority: medium author: denisebmsft ms.author: deniseb -ms.date: 11/03/2020 +ms.date: 01/21/2021 ms.reviewer: manager: dansimp ms.custom: asr @@ -146,7 +146,7 @@ There is a known issue such that if you change the Exploit Protection settings f ICS is enabled by default in Windows, and ICS must be enabled in order for Application Guard to function correctly. We do not recommend disabling ICS; however, you can disable ICS in part by using a Group Policy and editing registry keys. -1. In the Group Policy setting called, *Prohibit use of Internet Connection Sharing on your DNS domain network*, set it to **Disabled**. +1. In the Group Policy setting, **Prohibit use of Internet Connection Sharing on your DNS domain network**, set it to **Disabled**. 2. Disable IpNat.sys from ICS load as follows:
`System\CurrentControlSet\Services\SharedAccess\Parameters\DisableIpNat = 1` @@ -160,24 +160,24 @@ ICS is enabled by default in Windows, and ICS must be enabled in order for Appli 5. Reboot the device. ### Why doesn't the container fully load when device control policies are enabled? -The whitelisting of these items are required to be allowed in the GPO to ensure AppGuard works properly. +Allow-listed items must be configured as "allowed" in the Group Policy Object ensure AppGuard works properly. Policy: Allow installation of devices that match any of these device IDs -- SCSI\DiskMsft____Virtual_Disk____ -- {8e7bd593-6e6c-4c52-86a6-77175494dd8e}\msvhdhba -- VMS_VSF -- root\Vpcivsp -- root\VMBus -- vms_mp -- VMS_VSP -- ROOT\VKRNLINTVSP -- ROOT\VID -- root\storvsp -- vms_vsmp -- VMS_PP +- `SCSI\DiskMsft____Virtual_Disk____` +- `{8e7bd593-6e6c-4c52-86a6-77175494dd8e}\msvhdhba` +- `VMS_VSF` +- `root\Vpcivsp` +- `root\VMBus` +- `vms_mp` +- `VMS_VSP` +- `ROOT\VKRNLINTVSP` +- `ROOT\VID` +- `root\storvsp` +- `vms_vsmp` +- `VMS_PP` Policy: Allow installation of devices using drivers that match these device setup classes -- {71a27cdd-812a-11d0-bec7-08002be2092f} +- `{71a27cdd-812a-11d0-bec7-08002be2092f}`