Block websites with Microsoft 365 Defender
Вставка
- Опубліковано 6 сер 2024
- Web content filtering is part of the Web protection capabilities in Microsoft Defender for Endpoint and Microsoft Defender for Business. Web content filtering enables your organization to track and regulate access to websites based on their content categories. Many of these websites (even if they're not malicious) might be problematic because of compliance regulations, bandwidth usage, or other concerns.
Configure policies across your device groups to block certain categories. Blocking a category prevents users within specified device groups from accessing URLs associated with the category. For any category that's not blocked, the URLs are automatically audited. Your users can access the URLs without disruption, and you'll gather access statistics to help create a more custom policy decision. Your users will see a block notification if an element on the page they're viewing is making calls to a blocked resource. - Наука та технологія
I tagged some apps as unsanctioned but it’s blocking for Edge browser only. Could I know please how to block for Chrome?
What I was surprised to see about the cloud catalog, is that it also contains cloud apps from reputable security companies (I think it was either Checkpoint or Trend Micro), but that they did not get a "great score" at all in the catalog. Not sure how much of an issue that would be (I also only just started using Defender for Endpoint so I barely know anything about it for now, we have an E5 license but considering we have a very small IT team it'll probably take years to go through all our E5 products :-) ).
Microsoft investigates all of those apps the same way.. plus: the scoring mechanism is allowed to be changed by you. for example: if you do not care about SOX, but do care about ISO.. you can discard Sox and make ISO more important. that will affect the score for that app.
Hoi Alex opgenomen in het mooie Evoluon Eindhoven op donderdag ochtend ? Nogmaals bedankt voor de sc-200 cursus deze week..
ja idd!!
haha yep
I have a scenario thats difficult to resolve with this, at least I havent found an answer. If we have unsanctioned applications as a default but we need an exception, we have to create tags. e.g. a specific user has access to wetransfer. That works fine, but if they need access to another service e.g. dropbox you cannot apply both tags to that user/device you have to create a NEW tag that encompasses both requirements. This means managing exceptions becomes exponential depending on the combinations of resources that specific individuals may need. Administrative nightmare. Are you aware of any simple way to provide exceptions? it was much easier in sophos
What about the other way around? How to grant access to a website only for a handful of users or even a single user but blocked for everyone else? I have tried Device Groups but I would assume there's a way of restricting the access only for users and not for machines which can be swapped unassigned for the target users at any given moment.
my first guess would be Defender for CloudApps.. you can create policies there. no super sure though.
you could sancton web apps, and create a policy to unsanction all others.
I have joined my pc directly to intune but web content filtering is not working on that pc but a vm is also added but it is Azure AD joined. My pc is in workgroup is that the reason why web content filtering is not apply to my pc
for the web content filter to work, the device must be onboarded to Microsoft Defender for Endpoint. I have videos on my channel that explains how to do that.
So unsanctioned websites configured using the cloud app catalog are only blocked when the devices are also onboarded to Defender for Endpoint? In others words when Defender for Endpoint is not in place the catalog will do nothing?
That is correct… defender for cloud apps does not have its own client
yes that is true