Tomster/Windows-Setup
1
0
Fork 0
mirror of https://github.com/TommyTran732/Windows-Setup.git synced 2024-09-19 09:54:50 -04:00
Code
ab9f1d258c
Windows-Setup/Group Policies Objects/Gaming/Microsoft Defender (Gaming).md
Tommy 2427d00377
Redo SmartScreen/MAPS setup 
Signed-off-by: Tommy <contact@tommytran.io>
2024-01-07 01:30:05 -07:00

2.1 KiB
Raw Blame History

Microsoft Edge

Computer Configuration\Policies\Administrative Templates\Microsoft Edge

  • SmartScreen settings -> Configure Microsoft Defender SmartScreen -> Enabled
  • SmartScreen settings -> Configure Microsoft SmartScreen to block potentially unwanted apps -> Enabled
  • TyposuqattingChecker settings -> Configure Edge TyposquattingChecker -> Enabled

Microsoft Defender Antivirus

MAPS

Computer Configuration\Policies\Administrative Templates\Windows Components\Microsoft Defender Antivirus

  • Join Microsoft MAPS -> Enabled -> Advanced Membership
  • Configure the 'Block at First Sight' feature -> Enabled
  • Send file samples when further analysis is required -> Enabled -> Always Prompt (Send safe sample works better with 'Block at First Sight, but I really, really do not trust Microsoft on this one)

Network Protection

Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network Protection

Only relevant if SmartScreen is used.

Documentation:

This settings controls whether Network protection is allowed to be configured into block or audit mode on Windows -> Enabled (Only relevant if running Windows Server) Prevent users and apps from accessing dangerous websites -> Enabled -> Block

MpEngine

Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\MpEngine

Only relevant if MAPS is used

  • Configure extended cloud check -> Specify the extended cloud check time in seconds -> 50
  • Select cloud protection level -> Zero tolerance blocking level

Windows Defender SmartScreen

Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Defender SmartScreen

  • Explorer -> Configure Windows Defender SmartScreen -> Enabled -> Warn
  • Microsoft Edge -> Configure Windows Defender SmartScreen -> Enabled