Over the last two years, the world has dramatically changed both in our daily lives and how companies conduct business. In the pre-pandemic world, eroding network boundaries and the maturity of SaaS applications precipitated endpoint-first design. The pandemic and post-pandemic era demand it, the world is embracing hybrid workplaces and zero trust postures.
When we first launched Network Protection for Windows and built powerful Web Protection and Microsoft Defender for Cloud Apps (MDA) capabilities on top of it, we knew our vision to bring you our proxy-less endpoint first architecture would remain incomplete until we delivered for macOS and Linux. That day has arrived, and we could not be more excited to share that Network and Web Protection for macOS is now Generally Available and in Public Preview for Linux!
Network Protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.
How to evaluate Network Protection and the features it enables:
Explore Network Protection on macOS
For Network Protection for macOS to be active on your devices, Network Protection must be enabled by your organization. We suggest deploying the audit or block mode policy to a small set of devices and verify there are no issues or broken workstreams before gradually deploying to a larger set of devices.
Prerequisites & Requirements
Licensing: Microsoft Defender for Endpoint tenant (can be trial)
Note: Discovery and other features are currently not supported on macOS and Linux platforms.
On device experience
When an end user attempts to access monitored domains on macOS/Linux, their navigation effort will be audited/blocked (depending on Network Protection policy). On macOS, the user will also be informed by Microsoft Defender for Endpoint via toast.
The user will get a plain block experience accompanied by the following toast message which will be displayed by the operating system including the name of the blocked application or website (e.g Blogger.com)
No block pages are shown in third-party browsers, and the user sees a "Secure Connection Failed' page along with a toast notification. Depending on the policy responsible for the block, a user will see a different message in the toast notification. For example, web content filtering will display the message 'This content is blocked'.
We are looking forward to hearing your feedback and answering any questions you may have!
Microsoft Defender for Endpoint is an industry-leading, cloud-powered endpoint security solution offering vulnerability management, endpoint protection, endpoint detection and response, and mobile threat defense in a single unified platform. With our solution, threats are no match. If you are not yet taking advantage of Microsoft’s unrivaled threat optics and proven capabilities, sign up for a free trial of Microsoft Defender for Endpoint today.