Forum Discussion

jushiah's avatar
jushiah
Icon for Microsoft rankMicrosoft
Aug 18, 2021

Support for Windows Defender Application Control and Azure Disk Encryption

We are excited to announce Azure Virtual Desktop support for Windows Defender Application Control and Azure Disk Encryption! 

 

Windows Defender Application Control (WDAC) allows organizations to control which drivers and applications are allowed to run on their Windows clients. When WDAC, we recommend only targeting policies at the device level. Although it's possible to target policies to individual users, once the policy is applied, it affects all users on the device equally. For those already using AppLocker, we recommend switching to WDAC as AppLocker will no longer be receiving any new feature improvements. If you want to learn more about WDAC and its various capabilities, documentation for WDAC can be found here.

 

Azure Disk Encryption uses Windows BitLocker to provide volume encryption for the OS and data disks of your VMs, and is integrated with Azure Key Vault to help you control and manage the disk encryption keys and secrets. If you want to learn more about Azure Disk Encryption and its various capabilities, documentation for Azure Disk Encryption can be found here.

  • Andy298's avatar
    Andy298
    Copper Contributor

    jushiah great. I assume this is WDAC via GPO and not Intune, given the only supported Intune policies are via settings catalog.

Resources