Allow - Allows the printing of selected content from the virtual browser.Print from virtual browser Default: Not configuredĪpplication Guard CSP: Settings/PrintingSettings Not configured - Non-enterprise sites can open on the device.Block - Block content from unapproved websites from loading.Default: Not configuredĪpplication Guard CSP: Settings/ClipboardFileTypeĮxternal content on enterprise sites Default: Not configuredĪpplication Guard CSP: Settings/BlockNonEnterpriseContent
This setting is available only when Clipboard behavior is set to one of the allow settings.
Block copy and paste between PC and browser. Allow copy and paste between PC and browser. Allow copy and paste from browser to PC only. Allow copy and paste from PC to browser only. Not configured - Any site (trusted and untrusted) can open on the device.Ĭlipboard behavior Default: Not configuredĪpplication Guard CSP: Settings/ClipboardSettingsĬhoose what copy and paste actions are allowed between the local PC and the Application Guard virtual browser. Enabled for Edge - Turns on this feature, which opens untrusted sites in a Hyper-V virtualized browsing container. Using this profile installs a Win32 component to activate Application Guard.Īpplication Guard Default: Not configuredĪpplication Guard CSP: Settings/AllowWindowsDefenderApplicationGuard For more information, see Create a network boundary on Windows devices.Īpplication Guard is only available for 64-bit Windows devices. Trusted sites are defined by a network boundary, which are configured in Device Configuration. With Application Guard, sites that aren't in your isolated network boundary open in a Hyper-V virtual browsing session. Microsoft Defender Application Guardįor Microsoft Edge, Microsoft Defender Application Guard protects your environment from sites that aren't trusted by your organization. Before you beginĬreate an endpoint protection device configuration profile.įor more information about configuration service providers (CSPs), see Configuration service provider reference. To configure Microsoft Defender Antivirus, see Windows device restrictions or use endpoint security Antivirus policy. To manage device security, you can also use endpoint security policies, which focus directly on subsets of device security. This article describes the settings in the device configuration Endpoint protection template. Microsoft Intune includes many settings to help protect your devices. For more information, see Settings catalog. 
To see the settings you can configure, create a device configuration profile, and select Settings Catalog.
Not all settings are documented, and won’t be documented. Intune may support more settings than the settings listed in this article.
0 kommentar(er)
