diff --git a/browsers/edge/includes/allow-address-bar-suggestions-include.md b/browsers/edge/includes/allow-address-bar-suggestions-include.md index f075672055..4c5c1fe4dd 100644 --- a/browsers/edge/includes/allow-address-bar-suggestions-include.md +++ b/browsers/edge/includes/allow-address-bar-suggestions-include.md @@ -20,7 +20,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |-----------------------------------------|:---:|:--------:|---------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------:| -| Disabled | 0 | 0 | Prevented. Hide the Address bar drop-down list and disable the *Show search and site suggestions as I type* toggle in Settings. | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented. Hide the Address bar drop-down list and disable the *Show search and site suggestions as I type* toggle in Settings. | ![Most restricted value](../images/check-gn.png) | | Enabled or not configured **(default)** | 1 | 1 | Allowed. Show the Address bar drop-down list and make it available. | | --- diff --git a/browsers/edge/includes/allow-clearing-browsing-data-include.md b/browsers/edge/includes/allow-clearing-browsing-data-include.md index ec7ff3d7af..64bd285ba5 100644 --- a/browsers/edge/includes/allow-clearing-browsing-data-include.md +++ b/browsers/edge/includes/allow-clearing-browsing-data-include.md @@ -20,7 +20,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |------------------------------------------|:---:|:--------:|------------------------------------------------------------------------------|:------------------------------------------------:| | Disabled or not configured **(default)** | 0 | 0 | Prevented. Users can configure the *Clear browsing data* option in Settings. | | -| Enabled | 1 | 1 | Allowed. Clear the browsing data upon exit automatically. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Allowed. Clear the browsing data upon exit automatically. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/allow-config-updates-books-include.md b/browsers/edge/includes/allow-config-updates-books-include.md index fca13de5c1..49a95f52da 100644 --- a/browsers/edge/includes/allow-config-updates-books-include.md +++ b/browsers/edge/includes/allow-config-updates-books-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------------------------|:---:|:--------:|---------------------------------------------------------------------------------------------|:------------------------------------------------:| -| Disabled | 0 | 0 | Prevented. | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented. | ![Most restricted value](../images/check-gn.png) | | Enabled or not configured
**(default)** | 1 | 1 | Allowed. Microsoft Edge updates the configuration data for the Books Library automatically. | | --- diff --git a/browsers/edge/includes/allow-cortana-include.md b/browsers/edge/includes/allow-cortana-include.md index 87550112f5..2344e1dd4c 100644 --- a/browsers/edge/includes/allow-cortana-include.md +++ b/browsers/edge/includes/allow-cortana-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------|:---:|:--------:|------------------------------------------------------------------|:------------------------------------------------:| -| Disabled | 0 | 0 | Prevented. Users can still search to find items on their device. | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented. Users can still search to find items on their device. | ![Most restricted value](../images/check-gn.png) | | Enabled
**(default)** | 1 | 1 | Allowed. | | --- diff --git a/browsers/edge/includes/allow-dev-tools-include.md b/browsers/edge/includes/allow-dev-tools-include.md index 7370de307b..d23b42dea1 100644 --- a/browsers/edge/includes/allow-dev-tools-include.md +++ b/browsers/edge/includes/allow-dev-tools-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------|:---:|:--------:|-------------|:------------------------------------------------:| -| Disabled | 0 | 0 | Prevented | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Allowed | | --- diff --git a/browsers/edge/includes/allow-enable-book-library-include.md b/browsers/edge/includes/allow-enable-book-library-include.md index d892c3d905..ca38514f37 100644 --- a/browsers/edge/includes/allow-enable-book-library-include.md +++ b/browsers/edge/includes/allow-enable-book-library-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|-----------------------------------------------------------------------|:------------------------------------------------:| -| Disabled or not configured
**(default)** | 0 | 0 | Show the Books Library only in countries or regions where supported. | ![Most restricted value](/images/check-gn.png) | +| Disabled or not configured
**(default)** | 0 | 0 | Show the Books Library only in countries or regions where supported. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Show the Books Library, regardless of the device’s country or region. | | --- diff --git a/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md b/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md index 30259b83ac..bf40a1e858 100644 --- a/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md +++ b/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|-----------------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------:| -| Disabled or not configured
**(default)** | 0 | 0 | Gather and send only basic diagnostic data. | ![Most restricted value](/images/check-gn.png) | +| Disabled or not configured
**(default)** | 0 | 0 | Gather and send only basic diagnostic data. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Gather all diagnostic data. For this policy to work correctly, you must set the diagnostic data in *Settings > Diagnostics & feedback* to **Full**. | | --- diff --git a/browsers/edge/includes/allow-full-screen-include.md b/browsers/edge/includes/allow-full-screen-include.md index ba637f1429..286ac8e876 100644 --- a/browsers/edge/includes/allow-full-screen-include.md +++ b/browsers/edge/includes/allow-full-screen-include.md @@ -20,7 +20,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------|:---:|:--------:|-------------|:------------------------------------------------:| -| Disabled | 0 | 0 | Prevented | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented | ![Most restricted value](../images/check-gn.png) | | Enabled
**(default)** | 1 | 1 | Allowed | | --- diff --git a/browsers/edge/includes/allow-inprivate-browsing-include.md b/browsers/edge/includes/allow-inprivate-browsing-include.md index f43aab10d5..bce38eb870 100644 --- a/browsers/edge/includes/allow-inprivate-browsing-include.md +++ b/browsers/edge/includes/allow-inprivate-browsing-include.md @@ -20,7 +20,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------------------------|:---:|:--------:|-------------|:------------------------------------------------:| -| Disabled | 0 | 0 | Prevented | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented | ![Most restricted value](../images/check-gn.png) | | Enabled or not configured
**(default)** | 1 | 1 | Allowed | | --- diff --git a/browsers/edge/includes/allow-microsoft-compatibility-list-include.md b/browsers/edge/includes/allow-microsoft-compatibility-list-include.md index 5b39b04e69..8da879cdd9 100644 --- a/browsers/edge/includes/allow-microsoft-compatibility-list-include.md +++ b/browsers/edge/includes/allow-microsoft-compatibility-list-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------------------------|:---:|:--------:|-------------|:------------------------------------------------:| -| Disabled | 0 | 0 | Prevented | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented | ![Most restricted value](../images/check-gn.png) | | Enabled or not configured
**(default)** | 1 | 1 | Allowed | | --- diff --git a/browsers/edge/includes/allow-prelaunch-include.md b/browsers/edge/includes/allow-prelaunch-include.md index 4783fabcdc..0aad17ca17 100644 --- a/browsers/edge/includes/allow-prelaunch-include.md +++ b/browsers/edge/includes/allow-prelaunch-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------------------------|:---:|:--------:|-------------|:-------------------------------------------------:| -| Disabled | 0 | 0 | Prevented | ![Most restrictive value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented | ![Most restrictive value](../images/check-gn.png) | | Enabled or not configured
**(default)** | 1 | 1 | Allowed | | --- diff --git a/browsers/edge/includes/allow-printing-include.md b/browsers/edge/includes/allow-printing-include.md index 6e90a9ba1e..dd60c9aaba 100644 --- a/browsers/edge/includes/allow-printing-include.md +++ b/browsers/edge/includes/allow-printing-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------------------------|:---:|:--------:|-------------|:-------------------------------------------------:| -| Disabled | 0 | 0 | Prevented | ![Most restrictive value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented | ![Most restrictive value](../images/check-gn.png) | | Enabled or not configured
**(default)** | 1 | 1 | Allowed | | --- diff --git a/browsers/edge/includes/allow-saving-history-include.md b/browsers/edge/includes/allow-saving-history-include.md index 4e73c88d31..49913f23c9 100644 --- a/browsers/edge/includes/allow-saving-history-include.md +++ b/browsers/edge/includes/allow-saving-history-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------------------------|:---:|:--------:|-------------|:------------------------------------------------:| -| Disabled | 0 | 0 | Prevented | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented | ![Most restricted value](../images/check-gn.png) | | Enabled or not configured
**(default)** | 1 | 1 | Allowed | | --- diff --git a/browsers/edge/includes/allow-search-engine-customization-include.md b/browsers/edge/includes/allow-search-engine-customization-include.md index f20a225e30..6c1fb2e5db 100644 --- a/browsers/edge/includes/allow-search-engine-customization-include.md +++ b/browsers/edge/includes/allow-search-engine-customization-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------------------------|:---:|:--------:|-------------|:------------------------------------------------:| -| Disabled | 0 | 0 | Prevented | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented | ![Most restricted value](../images/check-gn.png) | | Enabled or not configured
**(default)** | 1 | 1 | Allowed | | --- diff --git a/browsers/edge/includes/allow-shared-folder-books-include.md b/browsers/edge/includes/allow-shared-folder-books-include.md index a08c2cba46..712fba9532 100644 --- a/browsers/edge/includes/allow-shared-folder-books-include.md +++ b/browsers/edge/includes/allow-shared-folder-books-include.md @@ -20,12 +20,12 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------:| -| Disabled or not configured
**(default)** | 0 | 0 | Prevented. Microsoft Edge downloads book files to a per-user folder for each user. | ![Most restricted value](/images/check-gn.png) | +| Disabled or not configured
**(default)** | 0 | 0 | Prevented. Microsoft Edge downloads book files to a per-user folder for each user. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Allowed. Microsoft Edge downloads book files to a shared folder. For this policy to work correctly, you must also enable the **Allow a Windows app to share application data between users** group policy, which you can find:

**Computer Configuration\\Administrative Templates\\Windows Components\\App Package Deployment\\**

Also, the users must be signed in with a school or work account. | | --- -![Allow a shared books folder](/images/allow-shared-books-folder_sm.png) +![Allow a shared books folder](../images/allow-shared-books-folder_sm.png) ### ADMX info and settings diff --git a/browsers/edge/includes/allow-sideloading-extensions-include.md b/browsers/edge/includes/allow-sideloading-extensions-include.md index 07d1c525e6..0c1108d2d5 100644 --- a/browsers/edge/includes/allow-sideloading-extensions-include.md +++ b/browsers/edge/includes/allow-sideloading-extensions-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |----------------------------|:---:|:--------:|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------:| -| Disabled or not configured | 0 | 0 | Prevented. Disabling does not prevent sideloading of extensions using Add-AppxPackage via PowerShell. To prevent this, you must enable the **Allows development of Windows Store apps and installing them from an integrated development environment (IDE)** group policy, which you can find:

**Computer Configuration\\Administrative Templates\\Windows Components\\App Package Deployment\\**

For the MDM setting, set the **ApplicationManagement/AllowDeveloperUnlock** policy to 1 (enabled). | ![Most restricted value](/images/check-gn.png) | +| Disabled or not configured | 0 | 0 | Prevented. Disabling does not prevent sideloading of extensions using Add-AppxPackage via PowerShell. To prevent this, you must enable the **Allows development of Windows Store apps and installing them from an integrated development environment (IDE)** group policy, which you can find:

**Computer Configuration\\Administrative Templates\\Windows Components\\App Package Deployment\\**

For the MDM setting, set the **ApplicationManagement/AllowDeveloperUnlock** policy to 1 (enabled). | ![Most restricted value](../images/check-gn.png) | | Enabled
**(default)** | 1 | 1 | Allowed. | | --- diff --git a/browsers/edge/includes/allow-tab-preloading-include.md b/browsers/edge/includes/allow-tab-preloading-include.md index ee7f9516ad..b6ba4f0e8e 100644 --- a/browsers/edge/includes/allow-tab-preloading-include.md +++ b/browsers/edge/includes/allow-tab-preloading-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------------------------|:---:|:--------:|-------------------------------------------|:------------------------------------------------:| -| Disabled | 0 | 0 | Prevented. | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented. | ![Most restricted value](../images/check-gn.png) | | Enabled or not configured
**(default)** | 1 | 1 | Allowed. Preload Start and New Tab pages. | | --- diff --git a/browsers/edge/includes/always-enable-book-library-include.md b/browsers/edge/includes/always-enable-book-library-include.md index 07520e5e81..5edf01302b 100644 --- a/browsers/edge/includes/always-enable-book-library-include.md +++ b/browsers/edge/includes/always-enable-book-library-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|-----------------------------------------------------------------------|:------------------------------------------------:| -| Disabled or not configured
**(default)** | 0 | 0 | Show the Books Library only in countries or regions where supported. | ![Most restricted value](/images/check-gn.png) | +| Disabled or not configured
**(default)** | 0 | 0 | Show the Books Library only in countries or regions where supported. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Show the Books Library, regardless of the device’s country or region. | | --- diff --git a/browsers/edge/includes/configure-additional-search-engines-include.md b/browsers/edge/includes/configure-additional-search-engines-include.md index eded5c46f3..be90043b57 100644 --- a/browsers/edge/includes/configure-additional-search-engines-include.md +++ b/browsers/edge/includes/configure-additional-search-engines-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------:| -| Disabled or not configured
**(default)** | 0 | 0 | Prevented. Use the search engine specified in App settings.

If you enabled this policy and now want to disable it, all previously configured search engines get removed. | ![Most restricted value](/images/check-gn.png) | +| Disabled or not configured
**(default)** | 0 | 0 | Prevented. Use the search engine specified in App settings.

If you enabled this policy and now want to disable it, all previously configured search engines get removed. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Allowed. Add up to five additional search engines and set any one of them as the default.

For each search engine added you must specify a link to the OpenSearch XML file that contains, at a minimum, the short name and URL template (HTTPS) of the search engine. For more information about creating the OpenSearch XML file, see [Search provider discovery](https://developer.microsoft.com/en-us/microsoft-edge/platform/documentation/dev-guide/browser/search-provider-discovery/). | | --- diff --git a/browsers/edge/includes/configure-adobe-flash-click-to-run-include.md b/browsers/edge/includes/configure-adobe-flash-click-to-run-include.md index 7c438030e5..a1ee2cc569 100644 --- a/browsers/edge/includes/configure-adobe-flash-click-to-run-include.md +++ b/browsers/edge/includes/configure-adobe-flash-click-to-run-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------------------------|:---:|:--------:|--------------------------------------------------------------------------|:------------------------------------------------:| | Disabled | 0 | 0 | Load and run Adobe Flash content automatically. | | -| Enabled or not configured
**(default)** | 1 | 1 | Do not load or run Adobe Flash content and require action from the user. | ![Most restricted value](/images/check-gn.png) | +| Enabled or not configured
**(default)** | 1 | 1 | Do not load or run Adobe Flash content and require action from the user. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/configure-autofill-include.md b/browsers/edge/includes/configure-autofill-include.md index a7ff9c2481..18e02058ad 100644 --- a/browsers/edge/includes/configure-autofill-include.md +++ b/browsers/edge/includes/configure-autofill-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------|:-----:|:--------:|-----------------------------------|:------------------------------------------------:| | Not configured
**(default)** | Blank | Blank | Users can choose to use Autofill. | | -| Disabled | 0 | no | Prevented. | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | no | Prevented. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | yes | Allowed. | | --- diff --git a/browsers/edge/includes/configure-browser-telemetry-for-m365-analytics-include.md b/browsers/edge/includes/configure-browser-telemetry-for-m365-analytics-include.md index 48a83c90eb..1f55150328 100644 --- a/browsers/edge/includes/configure-browser-telemetry-for-m365-analytics-include.md +++ b/browsers/edge/includes/configure-browser-telemetry-for-m365-analytics-include.md @@ -29,7 +29,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|-----------------------------------------|:------------------------------------------------:| -| Disabled or not configured
**(default)** | 0 | 0 | No data collected or sent | ![Most restricted value](/images/check-gn.png) | +| Disabled or not configured
**(default)** | 0 | 0 | No data collected or sent | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Send intranet history only | | | Enabled | 2 | 2 | Send Internet history only | | | Enabled | 3 | 3 | Send both intranet and Internet history | | diff --git a/browsers/edge/includes/configure-cookies-include.md b/browsers/edge/includes/configure-cookies-include.md index df7adb9aab..a8a8fd2d5f 100644 --- a/browsers/edge/includes/configure-cookies-include.md +++ b/browsers/edge/includes/configure-cookies-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|-----------------------------------------------|:------------------------------------------------:| -| Enabled | 0 | 0 | Block all cookies from all sites. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 0 | 0 | Block all cookies from all sites. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Block only cookies from third party websites. | | | Disabled or not configured
**(default)** | 2 | 2 | Allow all cookies from all sites. | | diff --git a/browsers/edge/includes/configure-do-not-track-include.md b/browsers/edge/includes/configure-do-not-track-include.md index 793e75ded8..7e0f59943e 100644 --- a/browsers/edge/includes/configure-do-not-track-include.md +++ b/browsers/edge/includes/configure-do-not-track-include.md @@ -20,7 +20,7 @@ ms.topic: include |---------------------------------|:-----:|:--------:|---------------------------------------------------------------------------------------------------------|:------------------------------------------------:| | Not configured
**(default)** | Blank | Blank | Do not send tracking information but let users choose to send tracking information to sites they visit. | | | Disabled | 0 | 0 | Never send tracking information. | | -| Enabled | 1 | 1 | Send tracking information. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Send tracking information. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/configure-kiosk-mode-supported-values-include.md b/browsers/edge/includes/configure-kiosk-mode-supported-values-include.md index 94d35f50ca..2d6285a59d 100644 --- a/browsers/edge/includes/configure-kiosk-mode-supported-values-include.md +++ b/browsers/edge/includes/configure-kiosk-mode-supported-values-include.md @@ -9,9 +9,9 @@ ms.topic: include --- -| | | -|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| **Single-app**

![thumbnail](/images/Picture1-sm.png)

**Digital/interactive signage**

Displays a specific site in full-screen mode, running Microsoft Edge InPrivate protecting user data.

**Policy setting** = Not configured (0 default)

|

 

![thumbnail](/images/Picture2-sm.png)

Public browsing

Runs a limited multi-tab version of Microsoft Edge, protecting user data. Microsoft Edge is the only app users can use on the device, preventing them from customizing Microsoft Edge. Users can only browse publically or end their browsing session.

The single-app public browsing mode is the only kiosk mode that has an End session button. Microsoft Edge also resets the session after a specified time of user inactivity. Both restart Microsoft Edge and clear the user’s session.

Example. A public library or hotel concierge desk are two examples of public browsing that provides access to Microsoft Edge and other apps.

Policy setting = Enabled (1) | -| **Multi-app**

![thumbnail](/images/Picture5-sm.png)

**Normal browsing**

Runs a full-version of Microsoft Edge with all browsing features and preserves the user data and state between sessions.

Some features may not work depending on what other apps you have configured in assigned access. For example, installing extensions or books from the Microsoft store are not allowed if the store is not available. Also, if Internet Explorer 11 is set up in assigned access, you can enable [EnterpriseModeSiteList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-enterprisemodesitelist) to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support.

**Policy setting** = Not configured (0 default) |

 

![thumbnail](/images/Picture6-sm.png)

Public browsing

Runs a multi-tab version of Microsoft Edge InPrivate with a tailored experience for kiosks that runs in full-screen mode. Users can open and close Microsoft Edge and launch other apps if allowed by assigned access. Instead of an End session button to clear their browsing session, the user closes Microsoft Edge normally.

In this configuration, Microsoft Edge can interact with other applications. For example, if Internet Explorer 11 is set up in multi-app assigned access, you can enable [EnterpriseModeSiteList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-enterprisemodesitelist) to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support.

Example. A public library or hotel concierge desk are two examples of public browsing that provides access to Microsoft Edge and other apps.

Policy setting = Enabled (1) | +| | | +|----------|------| +|**Single-app**

![thumbnail](../images/Picture1-sm.png)

**Digital/interactive signage**

Displays a specific site in full-screen mode, running Microsoft Edge InPrivate protecting user data.

**Policy setting** = Not configured (0 default)

|

 

![thumbnail](../images/Picture2-sm.png)

Public browsing

Runs a limited multi-tab version of Microsoft Edge, protecting user data. Microsoft Edge is the only app users can use on the device, preventing them from customizing Microsoft Edge. Users can only browse publically or end their browsing session.

The single-app public browsing mode is the only kiosk mode that has an End session button. Microsoft Edge also resets the session after a specified time of user inactivity. Both restart Microsoft Edge and clear the user’s session.

Example. A public library or hotel concierge desk are two examples of public browsing that provides access to Microsoft Edge and other apps.

Policy setting = Enabled (1) | +| **Multi-app**

![thumbnail](../images/Picture5-sm.png)

**Normal browsing**

Runs a full-version of Microsoft Edge with all browsing features and preserves the user data and state between sessions.

Some features may not work depending on what other apps you have configured in assigned access. For example, installing extensions or books from the Microsoft store are not allowed if the store is not available. Also, if Internet Explorer 11 is set up in assigned access, you can enable [EnterpriseModeSiteList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-enterprisemodesitelist) to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support.

**Policy setting** = Not configured (0 default) |

 

![thumbnail](../images/Picture6-sm.png)

Public browsing

Runs a multi-tab version of Microsoft Edge InPrivate with a tailored experience for kiosks that runs in full-screen mode. Users can open and close Microsoft Edge and launch other apps if allowed by assigned access. Instead of an End session button to clear their browsing session, the user closes Microsoft Edge normally.

In this configuration, Microsoft Edge can interact with other applications. For example, if Internet Explorer 11 is set up in multi-app assigned access, you can enable [EnterpriseModeSiteList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-enterprisemodesitelist) to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support.

Example. A public library or hotel concierge desk are two examples of public browsing that provides access to Microsoft Edge and other apps.

Policy setting = Enabled (1) | --- diff --git a/browsers/edge/includes/configure-password-manager-include.md b/browsers/edge/includes/configure-password-manager-include.md index d00435cb52..4b6365e007 100644 --- a/browsers/edge/includes/configure-password-manager-include.md +++ b/browsers/edge/includes/configure-password-manager-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |--------------------------|:-----:|:--------:|--------------------------------------------------------|:------------------------------------------------:| | Not configured | Blank | Blank | Users can choose to save and manage passwords locally. | | -| Disabled | 0 | no | Not allowed. | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | no | Not allowed. | ![Most restricted value](../images/check-gn.png) | | Enabled
**(default)** | 1 | yes | Allowed. | | --- diff --git a/browsers/edge/includes/configure-pop-up-blocker-include.md b/browsers/edge/includes/configure-pop-up-blocker-include.md index 686626f719..69b8c53e36 100644 --- a/browsers/edge/includes/configure-pop-up-blocker-include.md +++ b/browsers/edge/includes/configure-pop-up-blocker-include.md @@ -20,7 +20,7 @@ ms.topic: include |---------------------------|:-----:|:--------:|-------------------------------------------------|:------------------------------------------------:| | Not configured | Blank | Blank | Users can choose to use Pop-up Blocker. | | | Disabled
**(default)** | 0 | 0 | Turned off. Allow pop-up windows to open. | | -| Enabled | 1 | 1 | Turned on. Prevent pop-up windows from opening. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Turned on. Prevent pop-up windows from opening. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/configure-search-suggestions-address-bar-include.md b/browsers/edge/includes/configure-search-suggestions-address-bar-include.md index 1ce9d5cd0a..a3510a557c 100644 --- a/browsers/edge/includes/configure-search-suggestions-address-bar-include.md +++ b/browsers/edge/includes/configure-search-suggestions-address-bar-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------|:-----:|:--------:|---------------------------------------------|:------------------------------------------------:| | Not configured
**(default)** | Blank | Blank | Users can choose to see search suggestions. | | -| Disabled | 0 | 0 | Prevented. Hide the search suggestions. | ![Most restricted value](/images/check-gn.png) | +| Disabled | 0 | 0 | Prevented. Hide the search suggestions. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Allowed. Show the search suggestions. | | --- diff --git a/browsers/edge/includes/configure-windows-defender-smartscreen-include.md b/browsers/edge/includes/configure-windows-defender-smartscreen-include.md index 2ac6bed0d3..f842745478 100644 --- a/browsers/edge/includes/configure-windows-defender-smartscreen-include.md +++ b/browsers/edge/includes/configure-windows-defender-smartscreen-include.md @@ -20,13 +20,13 @@ ms.topic: include |----------------|:-----:|:--------:|-----------------------------------------------------------------------------------------------|:------------------------------------------------:| | Not configured | Blank | Blank | Users can choose to use Windows Defender SmartScreen. | | | Disabled | 0 | 0 | Turned off. Do not protect users from potential threats and prevent users from turning it on. | | -| Enabled | 1 | 1 | Turned on. Protect users from potential threats and prevent users from turning it off. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Turned on. Protect users from potential threats and prevent users from turning it off. | ![Most restricted value](../images/check-gn.png) | --- To verify Windows Defender SmartScreen is turned off (disabled): 1. Click or tap **More** (…) and select **Settings** > **View Advanced settings**. -2. Verify the setting **Help protect me from malicious sites and download with SmartScreen Filter** is disabled.

![Verify that Windows Defender SmartScreen is turned off (disabled)](/images/allow-smart-screen-validation.PNG) +2. Verify the setting **Help protect me from malicious sites and download with SmartScreen Filter** is disabled.

![Verify that Windows Defender SmartScreen is turned off (disabled)](../images/allow-smart-screen-validation.PNG) ### ADMX info and settings diff --git a/browsers/edge/includes/disable-lockdown-of-start-pages-include.md b/browsers/edge/includes/disable-lockdown-of-start-pages-include.md index a3ac6f4795..c95b9faf73 100644 --- a/browsers/edge/includes/disable-lockdown-of-start-pages-include.md +++ b/browsers/edge/includes/disable-lockdown-of-start-pages-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |----------------|:---:|:--------:|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------:| -| Not configured | 0 | 0 | Locked. Start pages configured in either the Configure Open Microsoft Edge With policy and Configure Start Pages policy are not editable. | ![Most restricted value](/images/check-gn.png) | +| Not configured | 0 | 0 | Locked. Start pages configured in either the Configure Open Microsoft Edge With policy and Configure Start Pages policy are not editable. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Unlocked. Users can make changes to all configured start pages.

When you enable this policy and define a set of URLs in the Configure Start Pages policy, Microsoft Edge uses the URLs defined in the Configure Open Microsoft Edge With policy. | | --- diff --git a/browsers/edge/includes/do-not-sync-include.md b/browsers/edge/includes/do-not-sync-include.md index 9220d8aeff..0adc074785 100644 --- a/browsers/edge/includes/do-not-sync-include.md +++ b/browsers/edge/includes/do-not-sync-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|--------------------------------------------------------------------------------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | 0 | 0 | Allowed/turned on. Users can choose what to sync to their device. | | -| Enabled | 2 | 2 | Prevented/turned off. Disables the *Sync your Settings* toggle and prevents syncing. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 2 | 2 | Prevented/turned off. Disables the *Sync your Settings* toggle and prevents syncing. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/keep-fav-sync-ie-edge-include.md b/browsers/edge/includes/keep-fav-sync-ie-edge-include.md index b9747450d8..a7ff412c85 100644 --- a/browsers/edge/includes/keep-fav-sync-ie-edge-include.md +++ b/browsers/edge/includes/keep-fav-sync-ie-edge-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|------------------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | 0 | 0 | Turned off/not syncing | | -| Enabled | 1 | 1 | Turned on/syncing | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Turned on/syncing | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/prevent-access-about-flag-include.md b/browsers/edge/includes/prevent-access-about-flag-include.md index 93304f083b..31f94d4c49 100644 --- a/browsers/edge/includes/prevent-access-about-flag-include.md +++ b/browsers/edge/includes/prevent-access-about-flag-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|-------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | 0 | 0 | Allowed | | -| Enabled | 1 | 1 | Prevented | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Prevented | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/prevent-bypassing-win-defender-files-include.md b/browsers/edge/includes/prevent-bypassing-win-defender-files-include.md index 2b060c7550..301dd68424 100644 --- a/browsers/edge/includes/prevent-bypassing-win-defender-files-include.md +++ b/browsers/edge/includes/prevent-bypassing-win-defender-files-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|---------------------------------------------------------------------------------------------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | 0 | 0 | Allowed/turned off. Users can ignore the warning and continue to download the unverified file(s). | | -| Enabled | 1 | 1 | Prevented/turned on. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Prevented/turned on. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/prevent-bypassing-win-defender-sites-include.md b/browsers/edge/includes/prevent-bypassing-win-defender-sites-include.md index 6205a87584..04339b930a 100644 --- a/browsers/edge/includes/prevent-bypassing-win-defender-sites-include.md +++ b/browsers/edge/includes/prevent-bypassing-win-defender-sites-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|----------------------------------------------------------------------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | 0 | 0 | Allowed/turned off. Users can ignore the warning and continue to the site. | | -| Enabled | 1 | 1 | Prevented/turned on. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Prevented/turned on. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/prevent-certificate-error-overrides-include.md b/browsers/edge/includes/prevent-certificate-error-overrides-include.md index ac77b6172a..a776bb08b6 100644 --- a/browsers/edge/includes/prevent-certificate-error-overrides-include.md +++ b/browsers/edge/includes/prevent-certificate-error-overrides-include.md @@ -18,7 +18,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|---------------------------------------------------------------------------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | 0 | 0 | Allowed/turned on. Override the security warning to sites that have SSL errors. | | -| Enabled | 1 | 1 | Prevented/turned on. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Prevented/turned on. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/prevent-changes-to-favorites-include.md b/browsers/edge/includes/prevent-changes-to-favorites-include.md index dbbcc9e0c9..de0f5e7ac7 100644 --- a/browsers/edge/includes/prevent-changes-to-favorites-include.md +++ b/browsers/edge/includes/prevent-changes-to-favorites-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|-----------------------------------------------------------------------------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | 0 | 0 | Allowed/unlocked. Users can add, import, and make changes to the Favorites list. | | -| Enabled | 1 | 1 | Prevented/locked down. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Prevented/locked down. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/prevent-first-run-webpage-open-include.md b/browsers/edge/includes/prevent-first-run-webpage-open-include.md index 9e693510a8..0e3e9fa8b1 100644 --- a/browsers/edge/includes/prevent-first-run-webpage-open-include.md +++ b/browsers/edge/includes/prevent-first-run-webpage-open-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|--------------------------------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | 0 | 0 | Allowed. Load the First Run webpage. | | -| Enabled | 1 | 1 | Prevented. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Prevented. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/prevent-live-tile-pinning-start-include.md b/browsers/edge/includes/prevent-live-tile-pinning-start-include.md index ac35679bf6..bfc0e23f6b 100644 --- a/browsers/edge/includes/prevent-live-tile-pinning-start-include.md +++ b/browsers/edge/includes/prevent-live-tile-pinning-start-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|--------------------------------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | 0 | 0 | Collect and send Live Tile metadata. | | -| Enabled | 1 | 1 | Do not collect data. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Do not collect data. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/prevent-localhost-address-for-webrtc-include.md b/browsers/edge/includes/prevent-localhost-address-for-webrtc-include.md index fd33129000..407dd4c596 100644 --- a/browsers/edge/includes/prevent-localhost-address-for-webrtc-include.md +++ b/browsers/edge/includes/prevent-localhost-address-for-webrtc-include.md @@ -19,7 +19,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|---------------------------------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | 0 | 0 | Allowed. Show localhost IP addresses. | | -| Enabled | 1 | 1 | Prevented. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Prevented. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/provision-favorites-include.md b/browsers/edge/includes/provision-favorites-include.md index 75062bb691..0df09c2d46 100644 --- a/browsers/edge/includes/provision-favorites-include.md +++ b/browsers/edge/includes/provision-favorites-include.md @@ -23,7 +23,7 @@ ms.topic: include | Group Policy | Description | Most restricted | |---------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------:| | Disabled or not configured
**(default)** | Users can customize the favorites list, such as adding folders, or adding and removing favorites. | | -| Enabled | Define a default list of favorites in Microsoft Edge. In this case, the Save a Favorite, Import settings, and context menu options (such as Create a new folder) are turned off.

To define a default list of favorites, do the following:

  1. In the upper-right corner of Microsoft Edge, click the ellipses (**...**) and select **Settings**.
  2. Click **Import from another browser**, click **Export to file** and save the file.
  3. In the **Options** section of the Group Policy Editor, provide the location that points the file with the list of favorites to provision. Specify the URL as:
| ![Most restricted value](/images/check-gn.png) | +| Enabled | Define a default list of favorites in Microsoft Edge. In this case, the Save a Favorite, Import settings, and context menu options (such as Create a new folder) are turned off.

To define a default list of favorites, do the following:

  1. In the upper-right corner of Microsoft Edge, click the ellipses (**...**) and select **Settings**.
  2. Click **Import from another browser**, click **Export to file** and save the file.
  3. In the **Options** section of the Group Policy Editor, provide the location that points the file with the list of favorites to provision. Specify the URL as:
| ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/send-all-intranet-sites-ie-include.md b/browsers/edge/includes/send-all-intranet-sites-ie-include.md index ebb90441ae..af93dd7bba 100644 --- a/browsers/edge/includes/send-all-intranet-sites-ie-include.md +++ b/browsers/edge/includes/send-all-intranet-sites-ie-include.md @@ -22,7 +22,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------:| -| Disabled or not configured
**(default)** | 0 | 0 | All sites, including intranet sites, open in Microsoft Edge automatically. | ![Most restricted value](/images/check-gn.png) | +| Disabled or not configured
**(default)** | 0 | 0 | All sites, including intranet sites, open in Microsoft Edge automatically. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Only intranet sites open in Internet Explorer 11 automatically.

Enabling this policy opens all intranet sites in IE11 automatically, even if the users have Microsoft Edge as their default browser.

  1. In Group Policy Editor, navigate to:

    **Computer Configuration\\Administrative Templates\\Windows Components\\File Explorer\\Set a default associations configuration file**

  2. Click **Enable** and then refresh the policy to view the affected sites in Microsoft Edge.

    A message opens stating that the page needs to open in IE. At the same time, the page opens in IE11 automatically; in a new frame if it is not yet running, or in a new tab.

| | --- diff --git a/browsers/edge/includes/set-default-search-engine-include.md b/browsers/edge/includes/set-default-search-engine-include.md index 06b6b084e5..f42c5e8873 100644 --- a/browsers/edge/includes/set-default-search-engine-include.md +++ b/browsers/edge/includes/set-default-search-engine-include.md @@ -20,7 +20,7 @@ ms.topic: include |---------------------------------|:-----:|:--------:|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------:| | Not configured
**(default)** | Blank | Blank | Use the search engine specified in App settings. If you don't configure this policy and disable the [Allow search engine customization](../group-policies/search-engine-customization-gp.md#allow-search-engine-customization) policy, users cannot make changes. | | | Disabled | 0 | 0 | Remove or don't use the policy-set search engine and use the search engine for the market, letting users make changes. | | -| Enabled | 1 | 1 | Use the policy-set search engine specified in the OpenSearch XML file, preventing users from making changes.

Specify a link to the OpenSearch XML file that contains, at a minimum, the short name and the URL template (HTTPS) of the search engine. For more information about creating the OpenSearch XML file, see [Search provider discovery](https://docs.microsoft.com/microsoft-edge/dev-guide/browser/search-provider-discovery). Use this format to specify the link you want to add.

If you want your users to use the default Microsoft Edge settings for each market, then set the string to **EDGEDEFAULT**.

If you would like your users to use Microsoft Bing as the default search engine, then set the string to **EDGEBING**. | ![Most restricted value](/images/check-gn.png) | +| Enabled | 1 | 1 | Use the policy-set search engine specified in the OpenSearch XML file, preventing users from making changes.

Specify a link to the OpenSearch XML file that contains, at a minimum, the short name and the URL template (HTTPS) of the search engine. For more information about creating the OpenSearch XML file, see [Search provider discovery](https://docs.microsoft.com/microsoft-edge/dev-guide/browser/search-provider-discovery). Use this format to specify the link you want to add.

If you want your users to use the default Microsoft Edge settings for each market, then set the string to **EDGEDEFAULT**.

If you would like your users to use Microsoft Bing as the default search engine, then set the string to **EDGEBING**. | ![Most restricted value](../images/check-gn.png) | --- diff --git a/browsers/edge/includes/show-message-opening-sites-ie-include.md b/browsers/edge/includes/show-message-opening-sites-ie-include.md index 6601f43c65..418034e68a 100644 --- a/browsers/edge/includes/show-message-opening-sites-ie-include.md +++ b/browsers/edge/includes/show-message-opening-sites-ie-include.md @@ -21,7 +21,7 @@ ms.topic: include | Group Policy | MDM | Registry | Description | Most restricted | |---------------------------------------------|:---:|:--------:|--------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------:| -| Disabled or not configured
**(default)** | 0 | 0 | No additional message displays. | ![Most restricted value](/images/check-gn.png) | +| Disabled or not configured
**(default)** | 0 | 0 | No additional message displays. | ![Most restricted value](../images/check-gn.png) | | Enabled | 1 | 1 | Show an additional message stating that a site has opened in IE11. | | | Enabled | 2 | 2 | Show an additional message with a *Keep going in Microsoft Edge* link to allow users to open the site in Microsoft Edge. | | diff --git a/browsers/includes/interoperability-goals-enterprise-guidance.md b/browsers/includes/interoperability-goals-enterprise-guidance.md index 6c3e1563c8..fffc2e5480 100644 --- a/browsers/includes/interoperability-goals-enterprise-guidance.md +++ b/browsers/includes/interoperability-goals-enterprise-guidance.md @@ -27,7 +27,7 @@ You must continue using IE11 if web apps use any of the following: If you have uninstalled IE11, you can download it from the Microsoft Store or the [Internet Explorer 11 download page](https://go.microsoft.com/fwlink/p/?linkid=290956). Alternatively, you can use Enterprise Mode with Microsoft Edge to transition only the sites that need these technologies to load in IE11. >[!TIP] ->If you want to use Group Policy to set Internet Explorer as your default browser, you can find the info here, [Set the default browser using Group Policy](https://go.microsoft.com/fwlink/p/?LinkId=620714). +>If you want to use Group Policy to set Internet Explorer as your default browser, you can find the info here, [Set the default browser using Group Policy](https://go.microsoft.com/fwlink/p/?LinkId=620714). |Technology |Why it existed |Why we don't need it anymore | @@ -35,5 +35,7 @@ If you have uninstalled IE11, you can download it from the Microsoft Store or th |ActiveX |ActiveX is a binary extension model introduced in 1996 which allowed developers to embed native Windows technologies (COM/OLE) in web pages. These controls can be downloaded and installed from a site and were subsequently loaded in-process and rendered in Internet Explorer. | | |Browser Helper Objects (BHO) |BHOs are a binary extension model introduced in 1997 which enabled developers to write COM objects that were loaded in-process with the browser and could perform actions on available windows and modules. A common use was to build toolbars that installed into Internet Explorer. | | |Document modes | Starting with IE8, Internet Explorer introduced a new “document mode” with every release. These document modes could be requested via the x-ua-compatible header to put the browser into a mode which emulates legacy versions. |Similar to other modern browsers, Microsoft Edge has a single “living” document mode. To minimize the compatibility burden, we test features behind switches in about:flags until stable and ready to be turned on by default. | + + --- diff --git a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md index 87fc6dcbbf..0cb4397945 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md @@ -21,12 +21,12 @@ ms.date: 04/11/2019 **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -[!include[Prerelease information](prerelease.md)] +[!Include[Prerelease information](prerelease.md)] >[!NOTE] -> Secure score is now part of Threat & Vulnerability Management as Configuration score. We’ll keep the secure score page available for a few weeks. View the [Secure score](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. +> Secure score is now part of Threat & Vulnerability Management as Configuration score. The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. -The Microsoft Defender Advanced Threat Protection Configuration score gives you visibility and control over your organization's security posture based on security best practices. +The Microsoft Defender Advanced Threat Protection Configuration score gives you visibility and control over the security posture of your organization based on security best practices. Your configuration score widget shows the collective security configuration state of your machines across the following categories: - Application @@ -37,18 +37,18 @@ Your configuration score widget shows the collective security configuration stat ## How it works -What you'll see in the configuration score widget is the product of meticulous and ongoing vulnerability discovery process aggregated with configuration discovery assessments that continuously: +The data in the configuration score widget is the product of meticulous and ongoing vulnerability discovery process aggregated with configuration discovery assessments that continuously: - Compare collected configurations to the collected benchmarks to discover misconfigured assets - Map configurations to vulnerabilities that can be remediated or partially remediated (risk reduction) by remediating the misconfiguration - Collect and maintain best practice configuration benchmarks (vendors, security feeds, internal research teams) - Collect and monitor changes of security control configuration state from all assets -From the widget, you'd be able to see which security aspect require attention. You can click the configuration score categories and it will take you to the **Security recommendations** page to see more details and understand the context of the issue. From there, you can take action based on security benchmarks. +From the widget, you'd be able to see which security aspect requires attention. You can click the configuration score categories and it will take you to the **Security recommendations** page to see more details and understand the context of the issue. From there, you can act on them based on security benchmarks. ## Improve your configuration score -The goal is to improve your configuration score by remediating the issues in the security recommendations list. You can filter the view based on: -- **Related component** - **Accounts**, **Application**, **Network**, **OS**, or **Security controls** -- **Remediation type** - **Configuration change** or **Software update** +The goal is to remediate the issues in the security recommendations list to improve your configuration score. You can filter the view based on: +- **Related component** — **Accounts**, **Application**, **Network**, **OS**, or **Security controls** +- **Remediation type** — **Configuration change** or **Software update** ## Related topics - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/event-hub-resource-id.png b/windows/security/threat-protection/microsoft-defender-atp/images/event-hub-resource-id.png new file mode 100644 index 0000000000..a83123905f Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/event-hub-resource-id.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/machine-info-datatype-example.png b/windows/security/threat-protection/microsoft-defender-atp/images/machine-info-datatype-example.png new file mode 100644 index 0000000000..41c451506b Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/machine-info-datatype-example.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/storage-account-event-schema.png b/windows/security/threat-protection/microsoft-defender-atp/images/storage-account-event-schema.png new file mode 100644 index 0000000000..d9409e3ab1 Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/storage-account-event-schema.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/storage-account-resource-id.png b/windows/security/threat-protection/microsoft-defender-atp/images/storage-account-resource-id.png new file mode 100644 index 0000000000..cbd0d20303 Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/storage-account-resource-id.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-top-vulnerable-software.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-top-vulnerable-software.png new file mode 100644 index 0000000000..3ef800afac Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-top-vulnerable-software.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-vuln-globalsearch.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-vuln-globalsearch.png new file mode 100644 index 0000000000..76af989b3f Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-vuln-globalsearch.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-weaknesses-menu.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-weaknesses-menu.png new file mode 100644 index 0000000000..e210b07bf4 Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-weaknesses-menu.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md index 5cdc7994a1..c026aa3f0a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md @@ -142,13 +142,13 @@ You can also use the [Artifact timeline](investigate-alerts.md#artifact-timeline ### Security recommendations -**Security recommendations** are generated from Microsoft Defender ATP's [Threat & Vulnerability Management](tvm-dashboard-insights.md) capability. Selecting a recommendation will show a panel where you can view relevant details such as description of the recommendation and the potential risks associated with not enacting it. +**Security recommendations** are generated from Microsoft Defender ATP's [Threat & Vulnerability Management](tvm-dashboard-insights.md) capability. Selecting a recommendation will show a panel where you can view relevant details such as description of the recommendation and the potential risks associated with not enacting it. See [Security recommendation](tvm-security-recommendation.md) for details. ![Image of security recommendations tab](images/security-recommendations-machine.png) ### Software inventory -The **Software inventory** section lets you view software on the device, along with any weaknesses or threats. Selecting the name of the software will take you to the software details page where you can view security recommendations, discovered vulnerabilities, installed machines, and version distribution. +The **Software inventory** section lets you view software on the device, along with any weaknesses or threats. Selecting the name of the software will take you to the software details page where you can view security recommendations, discovered vulnerabilities, installed machines, and version distribution. See [Software inventory](tvm-software-inventory.md) for details ![Image of software inventory tab](images/software-inventory-machine.png) @@ -166,3 +166,5 @@ The **Discovered vulnerabilities** section shows the name, severity, and threat - [Investigate an IP address associated with a Microsoft Defender ATP alert](investigate-ip.md) - [Investigate a domain associated with a Microsoft Defender ATP alert](investigate-domain.md) - [Investigate a user account in Microsoft Defender ATP](investigate-user.md) +- [Security recommendation](tvm-security-recommendation.md) +- [Software inventory](tvm-software-inventory.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md index c5abbcade3..22efe55158 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md @@ -22,8 +22,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -[!include[Prerelease information](prerelease.md)] - + The machines status report provides high-level information about the devices in your organization. The report includes trending information showing the sensor health state, antivirus status, OS platforms, and Windows 10 versions. The dashboard is structured into two sections: diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 4e503d2f19..943ceaf25d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -62,8 +62,8 @@ Microsoft Defender ATP’s Threat & Vulnerability Management allows security adm ## Related topics - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) - [Configuration score](configuration-score.md) -- [Scenarios](threat-and-vuln-mgt-scenarios.md) - [Security recommendations](tvm-security-recommendation.md) - [Remediation](tvm-remediation.md) - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md new file mode 100644 index 0000000000..74282e67bc --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md @@ -0,0 +1,89 @@ +--- +title: Stream Microsoft Defender Advanced Threat Protection events. +description: Learn how to configure Microsoft Defender ATP to stream Advanced Hunting events to your Event Hub. +keywords: raw data export, streaming API, API, Azure Event Hubs, Azure storage, storage account, Advanced Hunting, raw data sharing +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: article +--- + +# Configure Microsoft Defender ATP to stream Advanced Hunting events to your Azure Event Hubs + +**Applies to:** + +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) + +## Before you begin: + +1. Create an [event hub](https://docs.microsoft.com/en-us/azure/event-hubs/) in your tenant. +2. Log in to your [Azure tenant](https://ms.portal.azure.com/), go to **Subscriptions > Your subscription > Resource Providers > Register to **Microsoft.insights****. + +## Enable raw data streaming: + +1. Log in to [Microsoft Defender Security Center](https://securitycenter.windows.com) with a Global Admin user. +2. Go to [Data export settings page](https://securitycenter.windows.com/interoperability/dataexport) on Microsoft Defender Security Center. +3. Click on **Add data export settings**. +4. Choose a name for your new settings. +5. Choose **Forward events to Azure Event Hubs**. +6. Type your **Event Hubs name** and your **Event Hubs resource ID**. + In order to get your **Event Hubs resource ID**, go to your Azure Event Hubs namespace page on [Azure](https://ms.portal.azure.com/) > properties tab > copy the text under **Resource ID**: + + ![Image of event hub resource Id](images/event-hub-resource-id.png) + +7. Choose the events you want to stream and click **Save**. + +## The schema of the events in Azure Event Hubs: + +``` +{ + "records": [ + { + "time": "" + "tenantId": "" + "category": "" + "properties": { } + } + ... + ] +} +``` + +- Each event hub message in Azure Event Hubs contains list of records. +- Each record contains the event name, the time Microsoft Defender ATP received the event, the tenant it belongs (you will only get events from your tenant), and the event in JSON format in a property called "**properties**". +- For more information about the schema of Microsoft Defender ATP events, see [Advanced Hunting overview](overview-hunting.md). + +## Data types mapping: + +To get the data types for event properties do the following: + +1. Log in to [Microsoft Defender Security Center](https://securitycenter.windows.com) and go to [Advanced Hunting page](https://securitycenter.windows.com/hunting-package). +2. Run the following query to get the data types mapping for each event: + +``` +{EventType} +| getschema +| project ColumnName, ColumnType + +``` + +- Here is an example for Machine Info event: + +![Image of event hub resource Id](images/machine-info-datatype-example.png) + +## Related topics +- [Overview of Advanced Hunting](overview-hunting.md) +- [Microsoft Defender ATP streaming API](raw-data-export.md) +- [Stream Microsoft Defender ATP events to your Azure storage account](raw-data-export-storage.md) +- [Azure Event Hubs documentation](https://docs.microsoft.com/en-us/azure/event-hubs/) diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md new file mode 100644 index 0000000000..1cea01f7d1 --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md @@ -0,0 +1,89 @@ +--- +title: Stream Microsoft Defender Advanced Threat Protection events. +description: Learn how to configure Microsoft Defender ATP to stream Advanced Hunting events to your Storage account. +keywords: raw data export, streaming API, API, Event Hubs, Azure storage, storage account, Advanced Hunting, raw data sharing +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: article +--- + +# Configure Microsoft Defender ATP to stream Advanced Hunting events to your Storage account + +**Applies to:** + +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) + +## Before you begin: + +1. Create a [Storage account](https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview) in your tenant. +2. Log in to your [Azure tenant](https://ms.portal.azure.com/), go to **Subscriptions > Your subscription > Resource Providers > Register to **Microsoft.insights****. + +## Enable raw data streaming: + +1. Log in to [Microsoft Defender ATP portal](https://securitycenter.windows.com) with Global Admin user. +2. Go to [Data export settings page](https://securitycenter.windows.com/interoperability/dataexport) on Microsoft Defender Security Center. +3. Click on **Add data export settings**. +4. Choose a name for your new settings. +5. Choose **Forward events to Azure Storage**. +6. Type your **Storage Account Resource Id**. In order to get your **Storage Account Resource Id**, go to your Storage account page on [Azure portal](https://ms.portal.azure.com/) > properties tab > copy the text under **Storage account resource ID**: + + ![Image of event hub resource Id](images/storage-account-resource-id.png) + +7. Choose the events you want to stream and click **Save**. + +## The schema of the events in the Storage account: + +- A blob container will be created for each event type: + +![Image of event hub resource Id](images/storage-account-event-schema.png) + +- The schema of each row in a blob is the following JSON: + +``` +{ + "time": "" + "tenantId": "" + "category": "" + "properties": { } +} +``` + +- Each blob contains multiple rows. +- Each row contains the event name, the time Microsoft Defender ATP received the event, the tenant it belongs (you will only get events from your tenant), and the event in JSON format in a property called "properties". +- For more information about the schema of Microsoft Defender ATP events, see [Advanced Hunting overview](overview-hunting.md). + +## Data types mapping: + +In order to get the data types for our events properties do the following: + +1. Log in to [Microsoft Defender Security Center](https://securitycenter.windows.com) and go to [Advanced Hunting page](https://securitycenter.windows.com/hunting-package). +2. Run the following query to get the data types mapping for each event: + +``` +{EventType} +| getschema +| project ColumnName, ColumnType + +``` + +- Here is an example for Machine Info event: + +![Image of event hub resource ID](images/machine-info-datatype-example.png) + +## Related topics +- [Overview of Advanced Hunting](overview-hunting.md) +- [Microsoft Defender Advanced Threat Protection Streaming API](raw-data-export.md) +- [Stream Microsoft Defender Advanced Threat Protection events to your Azure storage account](raw-data-export-storage.md) +- [Azure Storage Account documentation](https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview) diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md new file mode 100644 index 0000000000..1349b4a57b --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md @@ -0,0 +1,43 @@ +--- +title: Stream Microsoft Defender Advanced Threat Protection event +description: Learn how to configure Microsoft Defender ATP to stream Advanced Hunting events to Event Hubs or Azure storage account +keywords: raw data export, streaming API, API, Event hubs, Azure storage, storage account, Advanced Hunting, raw data sharing +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: article +--- + +# Raw Data Streaming API (Preview) + +**Applies to:** + +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) + +## Stream Advanced Hunting events to Event Hubs and/or Azure storage account. + +Microsoft Defender ATP supports streaming all the events available through [Advanced Hunting](overview-hunting.md) to an [Event Hubs](https://docs.microsoft.com/en-us/azure/event-hubs/) and/or [Azure storage account](https://docs.microsoft.com/en-us/azure/event-hubs/). + +## In this section + +Topic | Description +:---|:--- +[Stream Microsoft Defender ATP events to Azure Event Hubs](raw-data-export-event-hub.md)| Learn about enabling the streaming API in your tenant and configure Microsoft Defender ATP to stream [Advanced Hunting](overview-hunting.md) to Event Hubs. +[Stream Microsoft Defender ATP events to your Azure storage account](raw-data-export-storage.md)| Learn about enabling the streaming API in your tenant and configure Microsoft Defender ATP to stream [Advanced Hunting](overview-hunting.md) to your Azure storage account. + + +## Related topics +- [Overview of Advanced Hunting](overview-hunting.md) +- [Azure Event Hubs documentation](https://docs.microsoft.com/en-us/azure/event-hubs/) +- [Azure Storage Account documentation](https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview) diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md index 3b639a0b80..2b96925862 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md @@ -21,6 +21,8 @@ ms.topic: article **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +[!includePrerelease information] + ## Before you begin Ensure that your machines: - Are onboarded to Microsoft Defender Advanced Threat Protection @@ -69,7 +71,7 @@ To lower down your threat and vulnerability exposure: 3. Click **Installed machines** and select the affected machine from the list to open the flyout page with the relevant machine details, exposure and risk levels, alert and incident activities. ![details in software page ](images/tvm_software_page_details.png) -4. Click **Open machine page** to connect to the machine and apply the selected recommendation. ![details in machine page](images/tvm_machine_page_details.png) +4. Click **Open machine page** to connect to the machine and apply the selected recommendation. See [Investigate machines in the Microsoft Defender ATP Machines list](investigate-machines.md) for details. ![details in machine page](images/tvm_machine_page_details.png) 5. Allow a few hours for the changes to propagate in the system. @@ -122,6 +124,28 @@ See [Use Intune to remediate vulnerabilities identified by Microsoft Defender AT >[!NOTE] >If your request involves remediating more than 10,000 machines, we will only send 10,000 machines for remediation to Intune. +## File for exception +With Threat & Vulnerability Management, you can create exceptions for recommendations, as an alternative to requesting for remediation. + +There are many reasons why organizations might want to create exceptions for a recommendation. For example, if there's a business justification that prevents the company from applying the recommendation, the existence of a compensating or alternative control that provides the same level of protection that the recommendation would, a false positive, among other reasons. + +Exceptions can be created for both *Security update* and *Configuration change* recommendations. + +When an exception is created for a recommendation, the recommendation is no longer active. The recommendation state changes to **Exception**, and it no longer shows up in the security recommendations list. + + +1. Navigate to the **Security recommendations** page under the **Threat & Vulnerability Management** section menu. + +2. Click the top-most recommendation. A fly-in panel will open with the recommendation details. + +3. Click **Exception options**. + +4. Select your justification for filing an exception instead of remediating the security recommendation in question. Fill out the justification context, then set the exception duration. + +5. Click Submit. A confirmation message at the top of the page will indicate that the exception has been created + +6. View all your exceptions (current + past) by navigating to the **Remediation** page under the **Threat & Vulnerability Management** menu and clicking on the **Exceptions** tab. + ## Related topics - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md index 6c634edeed..ad5cac9f06 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md @@ -21,7 +21,7 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) ->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) +>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) [!include[Prerelease information](prerelease.md)] @@ -34,6 +34,7 @@ You can use the Threat & Vulnerability Management capability in [Microsoft Defen - View exposure and configuration scores side-by-side with top security recommendations, software vulnerability, remediation activities, and exposed machines - Correlate EDR insights with endpoint vulnerabilities and process them - Select remediation options, triage and track the remediation tasks +- Select exception options and track active exceptions ## Threat & Vulnerability Management in Microsoft Defender Security Center When you open the portal, you’ll see the main areas of the capability: @@ -53,27 +54,27 @@ Area | Description (1) Menu | Select menu to expand the navigation pane and see the names of the Threat & Vulnerability Management capabilities. (2) Threat & Vulnerability Management navigation pane | Use the navigation pane to move across the **Threat and Vulnerability Management Dashboard**, **Security recommendations**, **Remediation**, **Software inventory**, and **Weaknesses**. **Dashboards** | Get a high-level view of the organization exposure score, MDATP configuration score, top remediation activities, top security recommendations, top vulnerable software, and top exposed machines data. -**Security recommendations** | See the list of security recommendations, their related components, insights, number or exposed devices, impact, and request for remediation. You can click each item on the list and it will open a flyout pane where you will see vulnerability details, open the software page, and see the remediation options. You can also open a ticket in Intune if your machines are joined through Azure Active Directory and you have enabled your Intune connections in Microsoft Defender ATP. See [Security recommendations](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation) for more information. -**Remediation** | See the remediation activity, related component, remediation type, status, due date, and option to export the remediation and process data to CSV. See [Remediation](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation) for more information. -**Software inventory** | See the list of applications, versions, weaknesses, whether there’s an exploit found on the application, prevalence in the organization, how many were installed, how many exposed devices are there, and the numerical value of the impact. You can select each item in the list and opt to open the software page which shows the associated vulnerabilities, misconfigurations, affected machine, version distribution details, and missing KBs or security updates. See [Software inventory](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory) for more information. -**Weaknesses** | See the list of common vulnerabilities and exposures, the severity, its common vulnerability scoring system (CVSS) V3 score, related software, age, when it was published, related threat alerts, and how many exposed machines are there. You can select each item in the list and it opens a fly-in page with the vulnerability description and other details. See [Weaknesses](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses) for more information. +**Security recommendations** | See the list of security recommendations, their related components, insights, number or exposed devices, impact, and request for remediation. You can click each item on the list and it will open a flyout pane where you will see vulnerability details, open the software page, see the remediation, and exception options. You can also open a ticket in Intune if your machines are joined through Azure Active Directory and you have enabled your Intune connections in Microsoft Defender ATP. See [Security recommendations](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation) for more information. +**Remediation** | See the remediation activity, related component, remediation type, status, due date, option to export the remediation and process data to CSV, and active exceptions. See [Remediation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation) for more information. +**Software inventory** | See the list of applications, versions, weaknesses, whether there’s an exploit found on the application, prevalence in the organization, how many were installed, how many exposed devices are there, and the numerical value of the impact. You can select each item in the list and opt to open the software page which shows the associated vulnerabilities, misconfigurations, affected machine, version distribution details, and missing KBs or security updates. See [Software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory) for more information. +**Weaknesses** | See the list of common vulnerabilities and exposures, the severity, its common vulnerability scoring system (CVSS) V3 score, related software, age, when it was published, related threat alerts, and how many exposed machines are there. You can select each item in the list and it opens a fly-in page with the vulnerability description and other details. See [Weaknesses](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses) for more information. (3) Threat & Vulnerability Management dashboard | Access the **Exposure score**, **Configuration score**, **Exposure distribution**, **Top security recommendations**, **Top vulnerable software**, **Top remediation activities**, and **Top exposed machines**. **Selected machine groups (#/#)** | Filter the Threat & Vulnerability Management data that you want to see in the dashboard and widgets by machine groups. What you select in the filter will be applied throughout the Threat & Vulnerability management pages only. **Organization Exposure score** | See the current state of your organization’s device exposure to threats and vulnerabilities. Several factors affect your organization’s exposure score: weaknesses discovered in your devices, likelihood of your devices to be breached, value of the devices to your organization, and relevant alerts discovered with your devices. The goal is to lower down your organization’s exposure score to be more secure. To reduce the score, you need to remediate the related security configuration issues listed in the security recommendations. -**MDATP Configuration score** | See the security posture of your organization’s operating system, applications, network, accounts and security controls. The goal is to increase your configuration score by remediating the related security configuration issues. You can click the bars and it will take you to the **Security recommendation** page for details. See [Configuration score](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configuration-score) for more information. +**Microsoft Defender ATP Configuration score** | See the security posture of your organization’s operating system, applications, network, accounts and security controls. The goal is to increase your configuration score by remediating the related security configuration issues. You can click the bars and it will take you to the **Security recommendation** page for details. See [Configuration score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configuration-score) for more information. **Machine exposure distribution** | See how many machines are exposed based on their exposure level. You can click the sections in the doughnut chart and it will take you to the **Machines list** page where you'll see the affected machine names, exposure level side by side with risk level, among other details such as domain, OS platform, its health state, when it was last seen, and its tags. **Top security recommendations** | See the collated security recommendations which are sorted and prioritized based on your organization’s risk exposure and the urgency that it requires. Useful icons also quickly calls your attention on possible active alerts ![possible active alert](images/tvm_alert_icon.png), associated public exploits ![threat insight](images/tvm_bug_icon.png), and recommendation insights ![recommendation insight](images/tvm_insight_icon.png). You can drill down on the security recommendation to see the potential risks, list of exposed machines, and read the insights. Thus, providing you with an informed decision to either proceed with a remediation request. Click **Show more** to see the rest of the security recommendations in the list. **Top vulnerable software** | Get real-time visibility into the organizational software inventory, with stack-ranked list of vulnerable software installed on your network’s devices and how they impact on your organizational exposure score. Click each item for details or **Show more** to see the rest of the vulnerable application list in the **Software inventory** page. -**Top remediation activities** | Track the remediation activities generated from the security recommendations. You can click each item on the list to see the details in the **Remediation** page or click **Show more** to see the rest of the remediation activities. +**Top remediation activities** | Track the remediation activities generated from the security recommendations. You can click each item on the list to see the details in the **Remediation** page or click **Show more** to see the rest of the remediation activities, and active exceptions. **Top exposed machines** | See the exposed machine names and their exposure level. You can click each machine name from the list and it will take you to the machine page where you can view the alerts, risks, incidents, security recommendations, installed software, discovered vulnerabilities associated with the exposed machines. You can also do other EDR-related tasks in it, such as: manage tags, initiate automated investigations, initiate a live response session, collect an investigation package, run antivirus scan, restrict app execution, and isolate machine. You can also click **Show more** to see the rest of the exposed machines list. -See [Microsoft Defender ATP icons](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection#windows-defender-atp-icons) for more information on the icons used throughout the portal. +See [Microsoft Defender ATP icons](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection#windows-defender-atp-icons) for more information on the icons used throughout the portal. ## Related topics - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) - [Configuration score](configuration-score.md) -- [Scenarios](threat-and-vuln-mgt-scenarios.md) - [Security recommendations](tvm-security-recommendation.md) - [Remediation](tvm-remediation.md) - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md index 3617f68bd7..e79abc0bd3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md @@ -41,24 +41,26 @@ You'll see your remediation options when you select one of the security recommen 3. Select a remediation due date. 4. Add notes to give your IT administrator a context of your remediation request. For example, you can indicate urgency of the remediation request to avoid potential exposure to a recent exploit activity, or if the request is a part of compliance. -If you want to check how the ticket shows up in Intune, see [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/en-us/intune/atp-manage-vulnerabilities) for details. +If you want to check how the ticket shows up in Intune, see [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details. ## How it works When you submit a remediation request from Threat & Vulnerability Management, it kicks-off a remediation activity. -It creates a security task which will be tracked in Threat & Vulnerability Management **Remediation page**, and it also creates a remediation ticket in Microsoft Intune. +It creates a security task which will be tracked in Threat & Vulnerability Management **Remediation** page, and it also creates a remediation ticket in Microsoft Intune. You also have the option to export all remediation activity data to CSV for records, reporting purposes, or if you want to notify your IT administration counterpart that a remediation ticket has been submitted. The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task. +However, if the security recommendation stemmed from a false positive report, or if there are existing business justification that blocks the remediation, such as compensating control, productivity needs, compliance, or if there's already a planned remediation grace period, you can file an exception and indicate the reason. The exceptions you've filed will also show up in the **Remediation** page, in the **Exceptions** tab. + ## Related topics - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) -- [Scenarios](threat-and-vuln-mgt-scenarios.md) - [Security recommendation](tvm-security-recommendation.md) - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md index fed509c866..90de2ea105 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md @@ -38,7 +38,7 @@ Since it is real-time, in a matter of minutes, you will see vulnerability inform ## Related topics - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) -- [Scenarios](threat-and-vuln-mgt-scenarios.md) - [Security recommendation](tvm-security-recommendation.md) - [Remediation](tvm-remediation.md) - [Weaknesses](tvm-weaknesses.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md index dec5d3e76e..f61552e03d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md @@ -28,15 +28,27 @@ Threat & Vulnerability Management leverages the same signals in Microsoft Defend The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization, their severity, Common Vulnerability Scoring System (CVSS) rating, its prevalence in your organization, corresponding breach, and threat insights. ## Navigate through your organization's weaknesses page -You can see the list of vulnerabilities in two ways: +You can see the list of vulnerabilities in three ways: -*Global search* +*Vulnerabilities in global search* 1. Click the global search drop-down menu. -2. Select **Vulnerability** and key-in the Common Vulnerabilities and Exposures (CVE) ID that you are looking for. The **Weaknesses** page opens with the list of the vulnerabilities and details. +2. Select **Vulnerability** and key-in the Common Vulnerabilities and Exposures (CVE) ID that you are looking for, then click the search icon. The **Weaknesses** page opens with the CVE information that you are looking for. +![tvm-vuln-globalsearch](images/tvm-vuln-globalsearch.png) +3. Select the CVE and a fly-in page opens up with more information - the vulnerability description, exploits available, severity level, CVSS v3 rating, publishing and update dates. + +>[!NOTE] +>To see the rest of the vulnerabilities in the **Weaknesses** page, type CVE, then click search. *Weaknesses page in the menu* 1. Go to the Threat & Vulnerability Management navigation menu and select **Weaknesses** to open up the list of vulnerabilities found in your organization. -2. Select the vulnerability that you want to investigate to open up a fly-in page with the vulnerability details, such as: CVE description, CVE ID, exploits available, severity, publish, and update dates. +2. Select the vulnerability that you want to investigate to open up a fly-in page with the vulnerability details, such as: CVE description, CVE ID, exploits available, CVSS V3 rating, severity, publish, and update dates. + +*Top vulnerable software widget in the dashboard* +1. Go to the Threat & Vulnerability Management dashboard and scroll down to the **Top vulnerable software** widget. You will see the number of vulnerabilities found in each software. +![tvm-top-vulnerable-software](images/tvm-top-vulnerable-software.png) +2. Click the software that you want to investigate and it takes you to the software page. You will the weaknesses found in your machine per severity level, in which machines are they installed, version distribution, and the corresponding security recommendation. +3. Select the **Discovered vulnerabilities** tab. +4. Select the vulnerability that you want to investigate to open up a fly-in page with the vulnerability details, such as: CVE description, CVE ID, exploits available, CVSS V3 rating, severity, publish, and update dates. ## How it works When new vulnerabilities are released, you would want know how many of your assets are exposed. You can see the list of vulnerabilities and the details in the **Weaknesses** page. @@ -54,7 +66,7 @@ You can also see the related alert and threat insights in the **Threat** column. ## Related topics - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) -- [Scenarios](threat-and-vuln-mgt-scenarios.md) - [Security recommendation](tvm-security-recommendation.md) - [Remediation](tvm-remediation.md) - [Software inventory](tvm-software-inventory.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md index b25652932d..2d79566f34 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md @@ -28,6 +28,9 @@ The following features are generally available (GA) in the latest release of Mic For more information preview features, see [Preview features](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection). +## June 2019 +- [Machine health and compliance report](machine-reports.md) The machine health and compliance report provides high-level information about the devices in your organization. + ## May 2019 - [Threat protection reports](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/threat-protection-reports-windows-defender-advanced-threat-protection)
The threat protection report provides high-level information about alerts generated in your organization.