Permalink master. Branches Tags. Could not load branches. Could not load tags. Raw Blame. Open with Desktop View raw View blame. Configure the Windows Defender ATP proxy and internet settings to enable communication with the cloud service.
You signed in with another tab or window. Configure a registry-based static proxy for Defender for Endpoint detection and response EDR sensor to report diagnostic data and communicate with Defender for Endpoint services if a computer is not permitted to connect to the Internet.
When using this option on Windows 10, or Windows 11, or Windows Server , or Windows Server , it is recommended to have the following or later build and cumulative update rollup:. The static proxy is also configurable through Group Policy GP , both the settings under group policy values need to be set to configure the proxy server to be used for EDR.
The group policy can be found under:. Set it to Enabled and select Disable Authenticated Proxy usage. Microsoft Defender Antivirus cloud-delivered protection provides near-instant, automated protection against new and emerging threats. Note that connectivity is required for custom indicators when Defender Antivirus is your active antimalware solution; and for EDR in block mode even when using a non-Microsoft solution as the primary antimalware solution.
Set it to Enabled and define the proxy server. For resiliency purposes and the real-time nature of cloud-delivered protection, Microsoft Defender Antivirus will cache the last known working proxy. Ensure your proxy solution does not perform SSL inspection as this will break the secure cloud connection. Microsoft Defender Antivirus will not use the static proxy to connect to Windows Update or Microsoft Update for downloading updates.
Instead, it will use a system-wide proxy if configured to use Windows Update, or the configured internal update source according to the configured fallback order. If a proxy or firewall is blocking all traffic by default and allowing only specific domains through, add the domains listed in the downloadable sheet to the allowed domains list. The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to.
Ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an allow rule specifically for them. Download the spreadsheet here. To verify your data location setting, see Verify data storage location and update data retention settings for Microsoft Defender for Endpoint.
URLs that include v20 in them are only needed if you have Windows devices running version or later. For example, us-v If a proxy or firewall is blocking anonymous traffic, as Defender for Endpoint sensor is connecting from system context, make sure anonymous traffic is permitted in the previously listed URLs.
Microsoft does not provide a proxy server. These URLs are accessible via the proxy server that you configure. The information below list the proxy and firewall configuration information required to communicate with Log Analytics agent often referred to as Microsoft Monitoring Agent for the previous versions of Windows such as Windows 7 SP1, Windows 8.
If your device is connected to a network, network policy settings might prevent you from completing these steps. For more info, contact your administrator. To turn it off, switch the setting to Off. Turning off Microsoft Defender Firewall could make your device and network, if you have one more vulnerable to unauthorized access.
If there's an app you need to use that's being blocked, you can allow it through the firewall, instead of turning the firewall off. Note: If you get errors, or if the setting won't turn on, you can use the troubleshooter and then try again. What is a Firewall?
Microsoft Defender Windows 11 Windows 10 More Need more help? Expand your skills. Get new features first. Was this information helpful?
0コメント