cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Webcontent Filtering and Smartscreen

formolim89
Copper Contributor

‎Dec 20 2021 04:27 PM

‎Dec 20 2021 04:27 PM

Webcontent Filtering and Smartscreen

Hi Guys, 

 

We are running co-management environment - our devices are onboarded in Microsoft 365 Defender portal and I have configured policies for web-content filtering and pushed it to a few users. 

 

I also deployed "Enable Network Protection" via endpoint manager.

 

I have followed all the steps mentioned in Web content filtering | Microsoft Docs and also did some research to confirm my settings and all seems to be identical to what others have configured. 

 

After enabling web content filtering I am still able to access websites that are configured as restricted in the policy I created in Defender portal. 

 

I turned on debug mode of smart screen and it tells me "onAllowedZoneCheck" I am not sure how to get web content filtering working? Any ideas would be much appreciated. 

formolim89_0-1640046326169.png

Cheers,

 

 

2,362 Views
0 Likes
5 Replies
Reply
5 Replies
Jonhed

‎Dec 21 2021 06:23 AM

‎Dec 21 2021 06:23 AM

Re: Webcontent Filtering and Smartscreen

Are your users using onboarded devices, and are these devices also part of a device group which the Web content filtering policy is scoped to?

Which type of policy are you using to enable network protection?
The exploit guard policy listed here?
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/enable-network-protection?...

Does the Powershell command below return a "1" on said devices?
Get-MpPreference | Select "EnableNetworkProtection"

Is realtime protection and cloud based protection enabled, and can devices access the URLS as listed in the document below?
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/network-protection?view=o3...
0 Likes
Reply
formolim89

‎Dec 21 2021 02:26 PM - edited ‎Dec 21 2021 02:42 PM

‎Dec 21 2021 02:26 PM - edited ‎Dec 21 2021 02:42 PM

Re: Webcontent Filtering and Smartscreen

@Jonhed 

Hi Jonhed,

Correct, the users using onboarded devices are part of the device group which content filtering policy is scoped to.

I am using Microsoft defender antivirus policy.

formolim89_0-1640125057757.png

I also tried Endpoint Protection Policy.

formolim89_1-1640125109474.png

 

 

 

 

I did confirm Network protection is enabled. 

formolim89_2-1640125206734.png

 

Realtime and cloud protection are both enabled and I am not able to access the test URL motioned in the article. I got "connection blocked notification"

 

And still I am able to access websites that falls under the category that I have blocked in Microsoft 365 Defender portal web content policy.  It is strange...

0 Likes
Reply
Jonhed

‎Dec 21 2021 03:50 PM

‎Dec 21 2021 03:50 PM

Re: Webcontent Filtering and Smartscreen

@formolim89 
Does indeed look like it should work..

 

Have you checked if MDAV is running in active mode, and if it is running the latest platform versions?

(Can be seen with the "Get-MpComputerStatus" powershell command)

 

The pic you pasted shows Smartscreen for apps and files being configured, but have you also activated smartscreen in Edge?

 

Can you access the sites in both Edge and 3rd party browsers such as Chrome?

0 Likes
Reply
formolim89

‎Dec 21 2021 07:05 PM

‎Dec 21 2021 07:05 PM

Re: Webcontent Filtering and Smartscreen

MDAV is running in active mode and has the latest definitions.
SmartScreen in edge is also configured.
I can access the sites from all the browsers.
I logged it with MS. fingers crossed.
Thanks for your help.
Cheers,
0 Likes
Reply
Jonhed

‎Dec 21 2021 07:44 PM

‎Dec 21 2021 07:44 PM

Re: Webcontent Filtering and Smartscreen

Alright.

Sorry to not have been much help.
Would love to hear what the problem was if you get to the bottom of it.
0 Likes
Reply