|
| 1 | +--- |
| 2 | +external help file: Microsoft.Exchange.TransportMailControl-Help.xml |
| 3 | +online version: https://docs.microsoft.com/powershell/module/exchange/get-configanalyzerpolicyrecommendation |
| 4 | +applicable: Exchange Online, Exchange Online Protection |
| 5 | +title: Get-ConfigAnalyzerPolicyRecommendation |
| 6 | +schema: 2.0.0 |
| 7 | +author: chrisda |
| 8 | +ms.author: chrisda |
| 9 | +ms.reviewer: |
| 10 | +--- |
| 11 | + |
| 12 | +# Get-ConfigAnalyzerPolicyRecommendation |
| 13 | + |
| 14 | +## SYNOPSIS |
| 15 | +This cmdlet is available only in the cloud-based service. |
| 16 | + |
| 17 | +Use the Get-ConfigAnalyzerPolicyRecommendation cmdlet to compare the settings in your existing security policies to the settings that are used in the Standard or Strict preset security policies. Settings that are below the recommend value are returned in the results. |
| 18 | + |
| 19 | +**Note**: We recommend that you use the Exchange Online PowerShell V2 module to connect to Exchange Online PowerShell. For instructions, see [Use the Exchange Online PowerShell V2 module](https://docs.microsoft.com/powershell/exchange/exchange-online-powershell-v2). |
| 20 | + |
| 21 | +For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://docs.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). |
| 22 | + |
| 23 | +## SYNTAX |
| 24 | + |
| 25 | +``` |
| 26 | +Get-ConfigAnalyzerPolicyRecommendation -RecommendedPolicyType <RecommendedPolicyType> |
| 27 | + [[-Identity] <ConfigAnalyzerPolicyRecommendationIdParameter>] |
| 28 | + [-IsAppliedToDisabled] |
| 29 | + [<CommonParameters>] |
| 30 | +``` |
| 31 | + |
| 32 | +## DESCRIPTION |
| 33 | +For information about the policies and their recommended Standard and Strict values, see [Recommended settings for EOP and Office 365 ATP security](https://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365-atp). |
| 34 | + |
| 35 | +The output of this cmdlet only returns settings that fall below the value that you've specified as a baseline (Standard or Strict). |
| 36 | + |
| 37 | +The output contains the following information for each setting: |
| 38 | + |
| 39 | +- PolicyGroup: The type of policy. The value will be Anti-Spam, Anti-Phishing, Anti-Malware, ATP Safe Links, or ATP Safe Attachments |
| 40 | +- SettingName: The name of the setting in the policy. |
| 41 | +- SettingNameDescription: A description of the setting. |
| 42 | +- Policy: The name of the policy. |
| 43 | +- AppliedTo: The number of users or domains that the policy applies to. If the policy isn't applied to anyone (for example, it's disabled), this value will be blank. |
| 44 | +- CurrentConfiguration: The current value of the setting. |
| 45 | +- LastModified: When the policy was last modified. |
| 46 | +- Recommendation: The recommended Standard or Strict value for the setting. |
| 47 | +- SettingType: For example, Boolean, String, or Integer. |
| 48 | + |
| 49 | +If a setting is configured at or better than the Standard or Strict protection profile that you're comparing to, those settings/policies aren't returned in the results |
| 50 | + |
| 51 | +This cmdlet returns the following output for each setting in each policy that falls below the recommended value. |
| 52 | + |
| 53 | +You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions). |
| 54 | + |
| 55 | +## EXAMPLES |
| 56 | + |
| 57 | +### Example 1 |
| 58 | +```powershell |
| 59 | +Get-ConfigAnalyzerPolicyRecommendation -RecommendedPolicyType Strict |
| 60 | +``` |
| 61 | + |
| 62 | +This example runs a comparison using the Strict preset security policy settings as a baseline. |
| 63 | + |
| 64 | +## PARAMETERS |
| 65 | + |
| 66 | +### -RecommendedPolicyType |
| 67 | +The RecommendedPolicyType parameter specifies the preset security policy that you want to use as a baseline. Valid values are: |
| 68 | + |
| 69 | +- Standard |
| 70 | +- Strict |
| 71 | + |
| 72 | +```yaml |
| 73 | +Type: RecommendedPolicyType |
| 74 | +Parameter Sets: (All) |
| 75 | +Aliases: |
| 76 | +Applicable: Exchange Online, Exchange Online Protection |
| 77 | + |
| 78 | +Required: True |
| 79 | +Position: Named |
| 80 | +Default value: None |
| 81 | +Accept pipeline input: False |
| 82 | +Accept wildcard characters: False |
| 83 | +``` |
| 84 | +
|
| 85 | +### -Identity |
| 86 | +This parameter is reserved for internal Microsoft use. |
| 87 | +
|
| 88 | +```yaml |
| 89 | +Type: ConfigAnalyzerPolicyRecommendationIdParameter |
| 90 | +Parameter Sets: (All) |
| 91 | +Aliases: |
| 92 | +Applicable: Exchange Online, Exchange Online Protection |
| 93 | + |
| 94 | +Required: False |
| 95 | +Position: 0 |
| 96 | +Default value: None |
| 97 | +Accept pipeline input: True (ByPropertyName, ByValue) |
| 98 | +Accept wildcard characters: False |
| 99 | +``` |
| 100 | +
|
| 101 | +### -IsAppliedToDisabled |
| 102 | +The IsAppliedToDisabled switch filters the results by policies that aren't applied to anyone (the AppliedTo property is blank). You don't need to specify a value with this switch. |
| 103 | +
|
| 104 | +If you don't use this switch, the results include policies that are applied to users and policies that aren't applied to anyone. |
| 105 | +
|
| 106 | +```yaml |
| 107 | +Type: SwitchParameter |
| 108 | +Parameter Sets: (All) |
| 109 | +Aliases: |
| 110 | +Applicable: Exchange Online, Exchange Online Protection |
| 111 | + |
| 112 | +Required: False |
| 113 | +Position: Named |
| 114 | +Default value: None |
| 115 | +Accept pipeline input: False |
| 116 | +Accept wildcard characters: False |
| 117 | +``` |
| 118 | +
|
| 119 | +### CommonParameters |
| 120 | +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). |
| 121 | +
|
| 122 | +## INPUTS |
| 123 | +
|
| 124 | +### |
| 125 | +
|
| 126 | +## OUTPUTS |
| 127 | +
|
| 128 | +### |
| 129 | +
|
| 130 | +## NOTES |
| 131 | +
|
| 132 | +## RELATED LINKS |
0 commit comments