Forum Discussion
Are Defender Device Groups the only way to target Web Content Filter policies?
We are moving from Cisco Umbrella to Microsoft Defender's Web Content Filtering. We fully understand that they are not a 1 to 1 match. We have accounted for the differences with one exception. We have an Entra group of PCs where we need to block additional Web Content Categories. I suspect they will later require additional custom indicators to be blocked. And, if this is successful, I can see additional groups of PCs needing their own content filter settings.
I could be wrong however, my understanding of Defender Device Groups is that they configure many other aspects of a PC, including RBAC within Defender. If true, attempting to keep those configurations in sync (especially when we are not aware of what all they might be) could be difficult. With my limited understanding of them, they feel like overkill for assigning additional filters to a subset of otherwise identical PCs.
Are Defender Device Groups the only way to target Web Content policies?
If it matters any, we are Autopilot enrolling PCs to be Entra Joined and Intune managed. Bye-bye on-prem AD, Configuration Manager, old-skool drivers, and someday... old-skool apps.
3 Replies
treestryder Currently web content filtering can target device groups in MDE only. There is a new capability in Entra within the SSE solution but yet not available to customers that may be targeting security groups of devices or users.
Thank you.
Here is the documentation to the future functionality:
Global Secure Access documentation | Microsoft Learn
Here is the current link to the interface:
https://entra.microsoft.com/#blade/Microsoft_Azure_Network_Access/WebFilteringPolicy.ReactView
- Yes, currently Defender security only supports device based groups and I don’t see this changing in the near future.
