Support for Windows Defender Application Control and Azure Disk Encryption

%3CLINGO-SUB%20id%3D%22lingo-sub-2658633%22%20slang%3D%22en-US%22%3ESupport%20for%20Windows%20Defender%20Application%20Control%20and%20Azure%20Disk%20Encryption%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2658633%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20excited%20to%20announce%20Azure%20Virtual%20Desktop%20support%20for%20Windows%20Defender%20Application%20Control%20and%20Azure%20Disk%20Encryption!%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWindows%20Defender%20Application%20Control%20(WDAC)%20allows%20organizations%20to%20control%20which%20drivers%20and%20applications%20are%20allowed%20to%20run%20on%20their%20Windows%20clients.%20%3CSPAN%3EWhen%20WDAC%2C%20we%20recommend%20only%20targeting%20policies%20at%20the%20device%20level.%20Although%20it's%20possible%20to%20target%20policies%20to%20individual%20users%2C%20once%20the%20policy%20is%20applied%2C%20it%20affects%20all%20users%20on%20the%20device%20equally.%3C%2FSPAN%3E%20For%20those%20already%20using%20AppLocker%2C%20we%20recommend%20switching%20to%20WDAC%20as%20AppLocker%20will%20no%20longer%20be%20receiving%20any%20new%20feature%20improvements.%20If%20you%20want%20to%20learn%20more%20about%20WDAC%20and%20its%20various%20capabilities%2C%20documentation%20for%20WDAC%20can%20be%20found%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fwindows-defender-application-control%2Fwdac-and-applocker-overview%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Ehere%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAzure%20Disk%20Encryption%20uses%20Windows%20BitLocker%20to%20provide%20volume%20encryption%20for%20the%20OS%20and%20data%20disks%20of%20your%20VMs%2C%20and%20is%20integrated%20with%20Azure%20Key%20Vault%20to%20help%20you%20control%20and%20manage%20the%20disk%20encryption%20keys%20and%20secrets.%20If%20you%20want%20to%20learn%20more%20about%20Azure%20Disk%20Encryption%20and%20its%20various%20capabilities%2C%20documentation%20for%20Azure%20Disk%20Encryption%20can%20be%20found%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvirtual-machines%2Fwindows%2Fdisk-encryption-overview%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Ehere%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Microsoft

We are excited to announce Azure Virtual Desktop support for Windows Defender Application Control and Azure Disk Encryption! 

 

Windows Defender Application Control (WDAC) allows organizations to control which drivers and applications are allowed to run on their Windows clients. When WDAC, we recommend only targeting policies at the device level. Although it's possible to target policies to individual users, once the policy is applied, it affects all users on the device equally. For those already using AppLocker, we recommend switching to WDAC as AppLocker will no longer be receiving any new feature improvements. If you want to learn more about WDAC and its various capabilities, documentation for WDAC can be found here.

 

Azure Disk Encryption uses Windows BitLocker to provide volume encryption for the OS and data disks of your VMs, and is integrated with Azure Key Vault to help you control and manage the disk encryption keys and secrets. If you want to learn more about Azure Disk Encryption and its various capabilities, documentation for Azure Disk Encryption can be found here.

1 Reply

@jushiah great. I assume this is WDAC via GPO and not Intune, given the only supported Intune policies are via settings catalog.