You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/indicator-ip-domain.md
+2-1Lines changed: 2 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -99,6 +99,7 @@ For processes other than Microsoft Edge and Internet Explorer, web protection sc
99
99
- Only single IP addresses are supported (no CIDR blocks or IP ranges) in custom indicators
100
100
- Encrypted URLs (full path) can only be blocked on first party browsers (Internet Explorer, Edge)
101
101
- Encrypted URLs (FQDN only) can be blocked in third party browsers (that is, other than Internet Explorer, Edge)
102
+
- URLs loaded via HTTP connection coalescing, such as content loaded by modern CDN's, can only be blocked on first party browsers (Internet Explorer, Edge), unless the CDN URL itself is added to the indicator list.
102
103
- Full URL path blocks can be applied for unencrypted URLs
103
104
- If there are conflicting URL indicator policies, the longer path is applied. For example, the URL indicator policy `https://support.microsoft.com/office` takes precedence over the URL indicator policy `https://support.microsoft.com`.
104
105
- In the case of URL indicator policy conflicts, the longer path may not be applied due to redirection. In such cases, register a non-redirected URL.
@@ -195,4 +196,4 @@ The result is that categories 1-4 are all blocked. This is illustrated in the fo
195
196
-[Manage indicators](indicator-manage.md)
196
197
-[Exclusions for Microsoft Defender for Endpoint and Microsoft Defender Antivirus](defender-endpoint-antivirus-exclusions.md)
197
198
198
-
[!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
199
+
[!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
Copy file name to clipboardExpand all lines: defender-endpoint/network-protection-macos.md
+20-7Lines changed: 20 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -64,26 +64,39 @@ To roll out Network Protection for macOS, we recommend the following actions:
64
64
## Current capabilities
65
65
66
66
- Custom Indicators of Compromise on Domains and IPs.
67
-
- Web Content Filtering support:
68
-
- Block website categories scoped to device groups through policies created in the Microsoft Defender portal.
69
-
- Policies are applied to browsers, including Chromium Microsoft Edge for macOS.
67
+
68
+
- Web Content Filtering supports the following actions:
69
+
70
+
- Block website categories scoped to device groups through policies created in the Microsoft Defender portal.
71
+
72
+
- Policies are applied to browsers, including Chromium Microsoft Edge for macOS.
73
+
70
74
- Advanced Hunting - Network Events are reflected in the Machine Timeline, and queryable in Advanced Hunting to aid security investigations.
75
+
71
76
- Microsoft Defender for Cloud Apps:
72
-
- Shadow IT discovery - Identify which apps are being used in your organization.
73
-
- Block applications - Block entire applications (such as Slack and Facebook) from being used in your organization.
77
+
78
+
- Shadow IT discovery - Identify which apps are being used in your organization.
79
+
80
+
- Block applications - Block entire applications (such as Slack and Facebook) from being used in your organization.
81
+
74
82
- Corporate VPN in tandem or side-by-side with Network Protection:
75
-
- Currently, no VPN conflicts are identified.
76
-
- If you do experience conflicts, you can provide feedback through the feedback channel listed at the bottom of this page.
83
+
84
+
- Currently, no VPN conflicts are identified.
85
+
86
+
- If you do experience conflicts, you can provide feedback through the feedback channel listed at the bottom of this page.
77
87
78
88
### Known issues
79
89
80
90
- Block/Warn UX isn't customizable and might require other look and feel changes. (Customer feedback is being collected to drive further design improvements)
91
+
81
92
- There's a known application incompatibility issue with VMware's "Per-App Tunnel" feature. (This incompatibility might result in an inability to block traffic that goes through the "Per-App Tunnel.")
93
+
82
94
- There's a known application incompatibility issue with Blue Coat Proxy. (This incompatibility might result in network layer crashes in unrelated applications when both Blue Coat Proxy and Network Protection are enabled.)
83
95
84
96
### Important notes
85
97
86
98
- We don't recommend controlling network protection from System Preferences by using the **Disconnect** button. Instead, use the mdatp command-line tool or JamF/Intune to control network protection for macOS.
99
+
87
100
- To evaluate effectiveness of macOS web threat protection, we recommend trying it in browsers other than Microsoft Edge for macOS (for example, Safari). Microsoft Edge for macOS has built-in web threat protection (Microsoft Defender Browser Protection extension which provides Smartscreen capabilities) that is enabled regardless of whether the Mac network protection feature you're evaluating, is turned on or not.
0 commit comments