ไม่สามารถเล่นวิดีโอนี้

ขออภัยในความไม่สะดวก

Configure Microsoft Defender Application Control using Intune Endpoint Security profiles

CloudManagement.Community

มุมมอง 15 319

เพิ่มลงใน
- เพลย์ลิสต์ของฉัน
- ดูภายหลัง
แชร์

แชร์

ฝัง

ขนาดวิดีโอ:

แสดงแผงควบคุมโปรแกรมเล่น

เล่นอัตโนมัติ

เล่นใหม่

เผยแพร่เมื่อ 5 ก.ย. 2024
Previously known as Windows Defender Application Control, Microsoft Defender Application Control (MDAC) is now even more accessible to organizations through the removal of the Windows 10 Enterprise / Education requirement. Now, organizations using Windows 10/11 Professional are able to leverage the feature to gain greater insight and control of their Windows device estate.
Microsoft Defender Application Control builds upon the foundations set in AppLocker, which was initially introduced in Windows 7 to allow organizations to control exactly which applications can run on their Windows devices.
There are a few ways to enable and manage Microsoft Defender Application Control, and each method should be explored to ensure the right one is chosen for the use case.
In this series, I will walk through each method for deploying Microsoft Defender Application Control so that you can make an informed decision.
1) Method 1 - Microsoft Endpoint Manager (Intune) Endpoint Security configuration [this video]
2) Method 2 - Microsoft Endpoint Manager (Intune) Endpoint Protection Policy configuration
3) Method 3 - Microsoft Endpoint Manager (Intune) Custom Profile [ • Configure Microsoft De... ]
4) Method 4 - Microsoft Endpoint Configuration Manager (ConfigMgr)
The Cloud Management Community is YOUR community for Cloud Management. Join the discussion on Twitter (@the_cmcommunity) and register for our next Live Event @ cloudmanagement... !
Dean Ellerby is a Microsoft Certified Trainer, Organiser at CloudManagement..., Contributor at Petri.com and a Workspace Solution Architect at CDW UK. He's on Twitter @dean_ellerby. Any views or opinions expressed here are his own.

ความคิดเห็น • 22

@tehsimo ปีที่แล้ว ⁺⁵
Hands up if you've bricked a machine with AppLocker
@mdmmde5341 2 ปีที่แล้ว ⁺⁴
Thank you for your video. Can you please create a video to block all third party application but allow managed application (Pushed from intune). Is it possible?
@andytaylor1 2 ปีที่แล้ว ⁺⁶
Looks like you found exactly what we did when trying to enable this. It breaks EVERYTHING. Dll's failing all over the place, common well known applications not working anymore. Unusable in a production environment in this state imo.
@badisthebest 10 หลายเดือนก่อน ⁺¹
That was very helpful. Thank you so much!
@benjiebuenviaje4811 ปีที่แล้ว ⁺¹
Thank you very much!
@Woodeh06 2 ปีที่แล้ว ⁺²
Thanks for the video. What about viewing the audit logs via 365 admin centre's though? Is that possible? If i want to find out what software users are installing into C:\users\username\AppData I don't want to have to manually view each computers event viewer logs. Don't currently have the audit option turned on but considering it. Cheers
@rashantha 2 ปีที่แล้ว ⁺²
Is there a way to whitelist certain application in conjunction with the policy you created? Do you have a video on it?
@theCMC 2 ปีที่แล้ว
th-cam.com/video/meT3cSc9300/w-d-xo.html
@DukePaul 9 หลายเดือนก่อน
Thanks! Great video.
Is it possible for a profile to be based on a whitelist?
@jeshielmicoangulo5611 5 หลายเดือนก่อน
Hi What if the application is deployed in Intune??
@summoner2100 2 ปีที่แล้ว ⁺¹
Good vid... plus applocker was so broken. When they first released 10, if you applied applocker with ANY policy it restricted the new xaml made start menu. #fail lol
@soydlm8658 2 ปีที่แล้ว ⁺¹
Great vídeo. a question. If I want both 7zip and vlc to run, is there a way that I don't enforce the policy on those applications? Create a whitelist of allowed apps or something similar.
@theCMC 2 ปีที่แล้ว ⁺⁴
Yes, absolutely. I will be making a video on the other options available in the next few days.
@theCMC 2 ปีที่แล้ว ⁺³
@soydlm th-cam.com/video/meT3cSc9300/w-d-xo.html
@khaldunazar 2 ปีที่แล้ว ⁺¹
Great video Thanks, Question please what is th deference between Microsoft 365 Defender
and Microsoft Defender for Cloud Apps it make me confused ? could you make a Leeson in each one ! please
@theCMC 2 ปีที่แล้ว ⁺²
Thanks for the feedback!
M365 Defender is a suite of products that make up the pre and post breach security capability within Microsoft 365. It includes things like Defender for Endpoint, Defender for Office 365, and Defender for Identity. It also includes something called Microsoft Defender for Cloud Apps.
Microsoft Defender for Cloud Apps used to be known as Microsoft Cloud App Security, and is a solution that allows organisations to discover and control the use of Cloud Apps (like Dropbox, for example) in their organisation.
@obaidshaukat3412 8 หลายเดือนก่อน
How can we allow specific app, say i want to allow surf shark VPN , how can i do one app.
@tomasbohunek9698 2 ปีที่แล้ว ⁺²
Great video. Isn't it a bit scary to see all the native Windows components get blocked? This will impact system reliability downstream.
@Shrikml 2 ปีที่แล้ว ⁺¹
Great video.
We are trying to block installation of any softwares for non admin users. we have applied security baseline but it's allowing few apps like firefox and discord.
Can you tell me if there is any more efficient policy
@theCMC 2 ปีที่แล้ว
Hey! The baseline will prevent applications being executed that aren’t “sage”. Firefox and Discord are relatively safe apps, so they are unlikely to be blocked.
@CGRealStudios ปีที่แล้ว
How do block specific applications?
@marcusaurielius8195 2 ปีที่แล้ว ⁺¹
can we shorten the channel name please¿ lol

ต่อไป

เล่นอัตโนมัติ

Configure Microsoft Defender Application Control using Custom Profiles