You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -88,7 +89,7 @@ There are two steps to using isolation exclusion: defining isolation exclusion r
88
89
|**Rule description**| Describe the purpose of the rule. |
89
90
|**Process path** (Windows only) | The file path of an executable is simply its location on the endpoint. You can define one executable to be used in each rule.<br><br>Examples:<br>`C:\Windows\System\Notepad.exe`<br>`%WINDIR%\Notepad.exe.`<br><br>**Note**: Exclusion won't apply to any child processes created by the specified process. |
90
91
|**Service name** (Windows only) | Windows service short names can be used in cases you want to exclude a service (not an application) that is sending or receiving traffic. Service short names can be retrieved by running the *Get-Service* command from PowerShell. You can define one service to be used in each rule.<br><br>Example: termservice |
91
-
|**Package family name**| The Package Family Name (PFN) is a unique identifier assigned to Windows app packages. The PFN format follows this structure: `<Name>_<PublisherId>`<br><br>Package family names can be retrieved by running the *Get-AppxPackage* command from PowerShell. For example, to get the new Microsoft Teams PFN, run `Get-AppxPackage MSTeams`, and look for the value of the **PackageFamilyName** property.<br><br>Supported on:<br>- Windows 11 (24H2)<br>- Windows Server 2025<br>- Windows 11 (22H2) Windows 11, version 23H2 KB5050092<br>- Windows Server, Version 23H2<br>- Windows 10 22H2 - KB 5050081 |
92
+
|**Package family name**(Windows only) | The Package Family Name (PFN) is a unique identifier assigned to Windows app packages. The PFN format follows this structure: `<Name>_<PublisherId>`<br><br>Package family names can be retrieved by running the *Get-AppxPackage* command from PowerShell. For example, to get the new Microsoft Teams PFN, run `Get-AppxPackage MSTeams`, and look for the value of the **PackageFamilyName** property.<br><br>Supported on:<br>- Windows 11 (24H2)<br>- Windows Server 2025<br>- Windows 11 (22H2) Windows 11, version 23H2 KB5050092<br>- Windows Server, Version 23H2<br>- Windows 10 22H2 - KB 5050081 |
92
93
|**Direction**| The connection direction (Inbound/Outbound). Examples:<br><br>**Outbound connection**: If the device initiates a connection, for instance, an HTTPS connection to a remote backend server, define only an outbound rule. Example: The device sends a request to 1.1.1.1 (outbound). In this case, no inbound rule is needed, as the response from the server is automatically accepted as part of the connection.<br><br>**Inbound connection**: If the device is listening to incoming connections, define an **inbound rule**.|
93
94
|**Remote IP**| The IP (or IPs) with which communication is allowed while the device is isolated from the network.<br><br>Supported IP formats:<br>- IPv4/IPv6, with optional CIDR notation<br>- A comma-separated list of valid IPs<br><br>Valid input examples:<br>- Single IP address: `1.1.1.1`<br>- IPV6 address: `2001:db8:85a3::8a2e:370:7334`<br>- IP address with CIDR notation (IPv4 or IPv6): `1.1.1.1/24`<br> This example defines a range of IP addresses. In this case, it includes all IPs from 1.1.1.0 to 1.1.1.255. The /24 represents the subnet mask, which specifies that the first 24 bits of the address are fixed, and the remaining 8 bits define the address range.|
94
95
@@ -162,4 +163,4 @@ This behavior ensures that isolation rules remain consistent throughout the dura
162
163
-[Investigate files](investigate-files.md)
163
164
-[Manual response actions in Microsoft Defender for Endpoint Plan 1](defender-endpoint-plan-1.md#manual-response-actions)
164
165
165
-
[!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
166
+
[!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
0 commit comments