From 942fd8a6178d13c3b38bc905445c4d9ad01a98dc Mon Sep 17 00:00:00 2001 From: "Yong Rhee [MSFT]" <56358587+YongRhee-MSFT@users.noreply.github.com> Date: Tue, 21 Jan 2025 13:11:38 -0800 Subject: [PATCH 1/2] Update evaluate-mdav-using-gp.md Made changed to the Powershell cmdlet --- defender-endpoint/evaluate-mdav-using-gp.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/defender-endpoint/evaluate-mdav-using-gp.md b/defender-endpoint/evaluate-mdav-using-gp.md index 6daf1747c8..2cc8557ff5 100644 --- a/defender-endpoint/evaluate-mdav-using-gp.md +++ b/defender-endpoint/evaluate-mdav-using-gp.md @@ -180,13 +180,13 @@ Disable local administrator AV settings such as exclusions, and enforce the poli | --- | --- | | Prevent users and apps from accessing dangerous websites | Enabled, Block | | This settings controls whether Network Protection is allowed to be configured into block or audit mode on Windows Server | Enabled | -| Allow Network Protection Down Level | Network protection is enabled downlevel | -| Allow Datagram Processing On Win Server | Datagram processing on Windows Server is enabled | -| Disable DNS over TCP parsing | DNS over TCP parsing is enabled | -| Disable HTTP parsing | HTTP parsing is enabled | -| Disable SSH parsing | SSH parsing is enabled | -| Disable TLS parsing | TLS parsing is enabled | -| Enable DNS Sinkhole | DNS Sinkhole is enabled | + +To enable Network Protection for Windows Servers, for now, please use Powershell: + +| OS | Powershell cmdlet | +| --- | --- | +| Windows Server 2012 R2Windows Server 2022 and later | set-mpPreference -AllowNetworkProtectionOnWinServer $true | +| Windows Server 2016 and Windows Server 2012 R2 [unified MDE client](https://learn.microsoft.com/defender-endpoint/update-agent-mma-windows#upgrade-to-the-new-unified-agent-for-defender-for-endpoint) | set-MpPreference -AllowNetworkProtectionOnWinServer $true and set-MpPreference -AllowNetworkProtectionDownLevel $true ## Attack Surface Reduction Rules From 7ee75773baea8d565a69e4de3132c0df002dadd4 Mon Sep 17 00:00:00 2001 From: Emm Walsh Date: Thu, 23 Jan 2025 12:06:10 +0000 Subject: [PATCH 2/2] Fix broken link in documentation --- defender-endpoint/evaluate-mdav-using-gp.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defender-endpoint/evaluate-mdav-using-gp.md b/defender-endpoint/evaluate-mdav-using-gp.md index 2cc8557ff5..dd0d6397e5 100644 --- a/defender-endpoint/evaluate-mdav-using-gp.md +++ b/defender-endpoint/evaluate-mdav-using-gp.md @@ -186,7 +186,7 @@ To enable Network Protection for Windows Servers, for now, please use Powershell | OS | Powershell cmdlet | | --- | --- | | Windows Server 2012 R2Windows Server 2022 and later | set-mpPreference -AllowNetworkProtectionOnWinServer $true | -| Windows Server 2016 and Windows Server 2012 R2 [unified MDE client](https://learn.microsoft.com/defender-endpoint/update-agent-mma-windows#upgrade-to-the-new-unified-agent-for-defender-for-endpoint) | set-MpPreference -AllowNetworkProtectionOnWinServer $true and set-MpPreference -AllowNetworkProtectionDownLevel $true +| Windows Server 2016 and Windows Server 2012 R2 [unified MDE client](/defender-endpoint/update-agent-mma-windows#upgrade-to-the-new-unified-agent-for-defender-for-endpoint) | set-MpPreference -AllowNetworkProtectionOnWinServer $true and set-MpPreference -AllowNetworkProtectionDownLevel $true ## Attack Surface Reduction Rules