cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Intent behind configuring Network Protection but not enabling it in Windows Server Baselines

%3CLINGO-SUB%20id%3D%22lingo-sub-3189410%22%20slang%3D%22en-US%22%3EIntent%20behind%20configuring%20Network%20Protection%20but%20not%20enabling%20it%20in%20Windows%20Server%20Baselines%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3189410%22%20slang%3D%22en-US%22%3E%3CP%3EWhat%20is%20the%20intent%20behind%20the%20following%20two%20settings%20in%20the%20Windows%20Server%202019%2F2022%20Baseline%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CTABLE%20width%3D%221652%22%3E%3CTBODY%3E%3CTR%3E%3CTD%20width%3D%22702%22%3E%3CP%3EWindows%20Components%5CMicrosoft%20Defender%20Antivirus%5CMicrosoft%20Defender%20Exploit%20Guard%5CNetwork%20Protection%3C%2FP%3E%3C%2FTD%3E%3CTD%20width%3D%22829%22%3EPrevent%20users%20and%20apps%20from%20accessing%20dangerous%20websites%3C%2FTD%3E%3CTD%20width%3D%22121%22%3EBlock%3C%2FTD%3E%3C%2FTR%3E%3CTR%3E%3CTD%3EWindows%20Components%5CMicrosoft%20Defender%20Antivirus%5CMicrosoft%20Defender%20Exploit%20Guard%5CNetwork%20Protection%3C%2FTD%3E%3CTD%3EThis%20settings%20controls%20whether%20Network%20Protection%20is%20allowed%20to%20be%20configured%20into%20block%20or%20audit%20mode%20on%20Windows%20Server.%3C%2FTD%3E%3CTD%3E%26nbsp%3B%3C%2FTD%3E%3C%2FTR%3E%3C%2FTBODY%3E%3C%2FTABLE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20Windows%20Server%20Network%20Protection%20is%20not%20enabled%20by%20default%2C%20so%20when%20the%202nd%20setting%20is%20left%20to%20unconfigured%20the%20first%20setting%20cannot%20and%20does%20not%20work.%3CBR%20%2F%3EWhy%20configure%20it%20then%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3189410%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EFinal%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%20Baseline%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%20Compliance%20Toolkit%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EWindows%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
riechsteinertech
Senior Member

‎Feb 20 2022 02:40 AM

‎Feb 20 2022 02:40 AM

Intent behind configuring Network Protection but not enabling it in Windows Server Baselines

What is the intent behind the following two settings in the Windows Server 2019/2022 Baseline:

 

Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network Protection

Prevent users and apps from accessing dangerous websitesBlock
Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network ProtectionThis settings controls whether Network Protection is allowed to be configured into block or audit mode on Windows Server. 

 

In Windows Server Network Protection is not enabled by default, so when the 2nd setting is left to unconfigured the first setting cannot and does not work.
Why configure it then?

174 Views
0 Likes
0 Replies
Reply
0 Replies
We support Ukraine and condemn war. Push Russian government to act against war. Be brave, vocal and show your support to Ukraine. Follow the latest news HERE