Intent behind configuring Network Protection but not enabling it in Windows Server Baselines

New Contributor

What is the intent behind the following two settings in the Windows Server 2019/2022 Baseline:

 

Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network Protection

Prevent users and apps from accessing dangerous websitesBlock
Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network ProtectionThis settings controls whether Network Protection is allowed to be configured into block or audit mode on Windows Server. 

 

In Windows Server Network Protection is not enabled by default, so when the 2nd setting is left to unconfigured the first setting cannot and does not work.
Why configure it then?

0 Replies