Microsoft Defender
      Back to home
      1. Sittadel Knowledge Base
      2. Management Guides
      3. Microsoft Defender

      Defender Web Filter Policy Creation

      This guide will provide background information on establishing a set category of websites that are not allowed to be viewed by MDE enrolled devices.

      Web Content Filtering

      Web content filtering enables your security team to track and regulate access to websites based on content categories. When you set up your web content filtering policy, you enable web protection for your organization.

      Web content filtering is available on the major web browsers, with blocks performed by Windows Defender SmartScreen (Microsoft Edge) and Network Protection (Chrome, Firefox, Brave, and Opera).

      Categories for web content filtering

      Not all websites in these categories are malicious, but they could be problematic for your company because of compliance regulations, bandwidth usage, or other concerns. You can create an audit-only policy to get a better understanding of whether your security team should block any website categories.

      The following table describes web content categories you can choose for your web content filtering policy:

      Category

      Description

      Adult content

      Sites that are related to cults, gambling, nudity, pornography, sexually explicit material, or violence

      High bandwidth

      Download sites, image sharing sites, or peer-to-peer hosts

      Legal liability

      Sites that include child abuse images, promote illegal activities, foster plagiarism or school cheating, or that promote harmful activities

      Leisure

      Sites that provide web-based chat rooms, online gaming, web-based email, or social networking

      Uncategorized

      Sites that have no content or that are newly registered

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: TBD

      Domain: TBD

      Modifies: TBD

      Creating a Defender Web Filter Policy

      1. Navigate to the Web Content Filtering – Microsoft Defender portal, select Add Policy, this will generate a pop-up window where you will supply the name of the filter.
      2. Naming should fit what content is being blocked and the scope of users that will be affected. Select Next to proceed.
      3. Specify the types of web traffic you wish to block; these settings can be adjusted to fit any organizational needs. Select Next to continue to revisions.
      4. This policy will be applied to all registered Intune devices; there is no option for individual device groups. Select Next to proceed to revisions.
      5. All the configured settings will be displayed; if you detect a discrepancy, select the Back button to redirect to the section and make the alterations. If everything looks good, select Submit to publish the web filter policy; this will take effect for all devices registered for your organization.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.