You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/enable-network-protection.md
+8-8Lines changed: 8 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -69,8 +69,8 @@ To enable network protection, you can use any of the methods described in this a
69
69
- Network Protection on Windows Server 2012 R2 and Windows Server 2016, use the additional policy listed in the following table:
70
70
71
71
| Description|Setting|
72
-
| -------- | -------- |
73
-
|Allow Network Protection Down Level|Options:<br>- Network protection will be enabled downlevel. <br>- Network Protection will be disabled downlevel. (Default) <br>- Not Configured|
72
+
| -------- | -------- |
73
+
|Allow Network Protection Down Level|Options:<br>- Network protection will be enabled downlevel. <br>- Network Protection will be disabled downlevel. (Default) <br>- Not Configured|
74
74
75
75
- Optional Network Protection settings for Windows and Windows Server:
76
76
@@ -207,23 +207,23 @@ Use the following procedure to enable network protection on domain-joined comput
207
207
208
208
1. On your Windows device, click **Start**, type `powershell`, right-click **Windows PowerShell**, and then select **Run as administrator**.
209
209
210
-
2. Run the following cmdlet:
210
+
1. Run the following cmdlet:
211
211
212
212
```PowerShell
213
213
Set-MpPreference -EnableNetworkProtection Enabled
214
214
```
215
215
216
216
1. For Windows Server, use the additional commands listed in the following table:
217
217
218
-
| Windows Server version | Commands |
219
-
|---|---|
220
-
|Windows Server 2019 and later |`set-mpPreference -AllowNetworkProtectionOnWinServer $true` <br/>|
221
-
|Windows Server 2016 <br/>Windows Server 2012 R2 with the [unified agent for Microsoft Defender for Endpoint](/defender-endpoint/enable-network-protection)|`set-MpPreference -AllowNetworkProtectionDownLevel $true` <br/> `set-MpPreference -AllowNetworkProtectionOnWinServer $true` <br/>|
218
+
| Windows Server version | Commands |
219
+
|---|---|
220
+
|Windows Server 2019 and later |`set-mpPreference -AllowNetworkProtectionOnWinServer $true` <br/>|
221
+
|Windows Server 2016 <br/>Windows Server 2012 R2 with the [unified agent for Microsoft Defender for Endpoint](/defender-endpoint/enable-network-protection)|`set-MpPreference -AllowNetworkProtectionDownLevel $true` <br/> `set-MpPreference -AllowNetworkProtectionOnWinServer $true` <br/>|
222
222
223
223
> [!IMPORTANT]
224
224
> Disable the "AllowDatagramProcessingOnWinServer" setting. This is important for any roles that generate high volumes of UDP traffic such as Domain Controllers, Windows DNS servers, Windows File Servers, Microsoft SQL servers, Microsoft Exchange servers, and others. Enabling datagram processing in these cases can reduce network performance and reliability. Disabling it helps keep the network stable and ensures better use of system resources in high-demand environments.
225
225
226
-
4. (This step is optional.) To set network protection to audit mode, use the following cmdlet:
226
+
1. (This step is optional.) To set network protection to audit mode, use the following cmdlet:
0 commit comments