Defender Web Filter Policy Creation Procedure

This admin procedure will provide background information on establishing a set category of websites that are not allowed to be viewed by corporate devices.

This article is intended for employees of organizations that use Sittadel's security. Additionally, there are some actions that can only be accomplished by those with administrative privileges.

Web Content Filtering

Web content filtering enables your security team to track and regulate access to websites based on content categories. When you set up your web content filtering policy, you enable web protection for your organization.

Web content filtering is available on the major web browsers, with blocks performed by Windows Defender SmartScreen (Microsoft Edge) and Network Protection (Chrome, Firefox, Brave, and Opera).


Categories for web content filtering

Not all websites in these categories are malicious, but they could be problematic for your company because of compliance regulations, bandwidth usage, or other concerns. You can create an audit-only policy to get a better understanding of whether your security team should block any website categories.

The following table describes web content categories you can choose for your web content filtering policy:



Adult content

Sites that are related to cults, gambling, nudity, pornography, sexually explicit material, or violence

High bandwidth

Download sites, image sharing sites, or peer-to-peer hosts

Legal liability

Sites that include child abuse images, promote illegal activities, foster plagiarism or school cheating, or that promote harmful activities


Sites that provide web-based chat rooms, online gaming, web-based email, or social networking


Sites that have no content or that are newly registered


Procedure Scope: Administrators

Required Group Membership: Admin.WebFilter


Creating a Defender Web Filter Policy

  1. Navigate to Web Content Filtering – O365 Defender, select Add Policy, this will generate a pop-up window where you will supply the name of the filter.
  2. You will be asked to supply the name of the filter policy you are creating. Select Next to proceed.
  3. Specify the types of web traffic you wish to block; these settings can be adjusted to fit any organizational needs. Select Next to continue to revisions.
  4. This policy will be applied to all registered Intune devices; there is no option for individual device groups. Select Next to proceed to revisions.
  5. All the configured settings will be displayed; if you detect a discrepancy, select the Back button to redirect to the section and make the alterations. If everything looks good, select Submit to publish the web filter policy; this will take effect for all devices registered for your organization.

You're Finished!

You should have successfully created a new web filter that will apply the specified web category block on Intune registered devices that try accessing them. For any other problems or questions, reach out to us!