Network Protection

Scenario description

Network Protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.

Scenario requirements and setup

  • Windows 10 1709 build 16273
  • Windows Defender AV
PowerShell command
  • Set-MpPreference -EnableNetworkProtection Enabled
  • Enabled = Block mode (1)
  • AuditMode = Audit Mode (2)
  • Disabled = Off (0)
Verify configuration
  • Get-MpPreference

Scenario

  1. Turn on Network Protection using powershell command: Set-MpPreference -EnableNetworkProtection Enabled
  2. Using the browser of your choice (not Edge*), navigate to the Network Protection website test
  3. *Edge has other security measures in place to protect from this vulnerability(smartscreen)
Expected results

Navigation to the website should be blocked and you should see a "Connection blocked" notification.

Clean-up

Set-MpPreference -EnableNetworkProtection Disabled

Learn more