deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 05:13:40 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

added WDSC steps

Browse Source
This commit is contained in:
Justin Hall
2018-03-15 10:38:17 -07:00
parent 69ee11b010
commit f28337748a
1 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md
View File

@ -25,15 +25,24 @@ If this happens, see [Troubleshooting](#troubleshooting) for remediation steps.
## How to turn on HVCI in Windows 10 version 1803 ## How to turn on HVCI in Windows 10 version 1803
Beginning with Windows 10, version 1803, HVCI can be enabled using any of these options: Beginning with Windows 10, version 1803, HVCI is enabled automatically on devices that support virtualization based security (VBS). HVCI can also be enabled using any of these options:
- Windows Defender Security Center - [Windows Defender Security Center](#enable-hvci-using-windows-defender-security-center)
- [Group Policy](#enable-hvci-using-group-policy) - [Group Policy](#enable-hvci-using-group-policy)
- Windows Intune (or another MDM provider) - Windows Intune (or another MDM provider)
- [System Center Configuration Manager](https://cloudblogs.microsoft.com/enterprisemobility/2015/10/30/managing-windows-10-device-guard-with-configuration-manager/) - [System Center Configuration Manager](https://cloudblogs.microsoft.com/enterprisemobility/2015/10/30/managing-windows-10-device-guard-with-configuration-manager/)
### Enable HVCI using Windows Defender Security Center
You can use Windows Defender Security Center to enable HVCI on a workgroup computer beginning with Windows 10, version 1803.
1. Click **Start** > **Settings** > **Update & security** > **Windows Security** > **Open Windows Defender Security Center**.
2. In Windows Defender security center, click **Device Security** > **Core isolation** > **Memory integrity**.
### Enable HVCI using Group Policy ### Enable HVCI using Group Policy
You can use Group Policy to enable HVCI across an enterprise.
1. Use Group Policy Editor (gpedit.msc) to either edit an existing GPO or create a new one. 1. Use Group Policy Editor (gpedit.msc) to either edit an existing GPO or create a new one.
2. Navigate to **Computer Configuration** > **Administrative Templates** > **System** > **Device Guard**. 2. Navigate to **Computer Configuration** > **Administrative Templates** > **System** > **Device Guard**.
3. Double-click **Turn on Virtualization Based Security**. 3. Double-click **Turn on Virtualization Based Security**.
@ -41,9 +50,9 @@ Beginning with Windows 10, version 1803, HVCI can be enabled using any of these
![Enable HVCI using Group Policy](images\enable-hvci-gp.png) ![Enable HVCI using Group Policy](images\enable-hvci-gp.png)
5. Click *Ok** to close the editor. 5. Click **Ok** to close the editor.
To apply the new policy on a domain-joined computer, either restart or run `gpupdate \force` in an elevated command prompt. To apply the new policy on a domain-joined computer, either restart or run `gpupdate /force` in an elevated command prompt.
## How to turn on HVCI in Windows 10 Fall Creators Update (version 1709) ## How to turn on HVCI in Windows 10 Fall Creators Update (version 1709)