Defender Web Filter Policy Modification Procedure

This admin procedure will provide background information on modifying an existing web filter set.

This article is intended for employees of organizations that use Sittadel's security. Additionally, there are some actions that can only be accomplished by those with administrative privileges.

Web Content Filtering

Web content filtering enables your security team to track and regulate access to websites based on content categories. When you set up your web content filtering policy, you enable web protection for your organization.

Web content filtering is available on the major web browsers, with blocks performed by Windows Defender SmartScreen (Microsoft Edge) and Network Protection (Chrome, Firefox, Brave, and Opera).


Categories for web content filtering

Not all websites in these categories are malicious, but they could be problematic for your company because of compliance regulations, bandwidth usage, or other concerns. You can create an audit-only policy to get a better understanding of whether your security team should block any website categories.

The following table describes web content categories you can choose for your web content filtering policy:



Adult content

Sites that are related to cults, gambling, nudity, pornography, sexually explicit material, or violence

High bandwidth

Download sites, image sharing sites, or peer-to-peer hosts

Legal liability

Sites that include child abuse images, promote illegal activities, foster plagiarism or school cheating, or that promote harmful activities


Sites that provide web-based chat rooms, online gaming, web-based email, or social networking


Sites that have no content or that are newly registered


Procedure Scope: Administrators

Required Group Membership: Admin.WebFilter


Modifying a Defender Web Filter Policy

  1. Navigate to Web Content Filtering – O365 Defender, locate the policy you wish to alter. When selected configured settings for the policy will be displayed, select Edit to start the modification process.
  2. Upon opening the policy, all the information of the policy will be displayed. Only one setting will be available to You can modify the section as needed.
  3. General: Showcases the name of the policy; this setting cannot be changed since one web filter exists for all machines in the environment.
  4. Blocked Categories: Specifies what categories of web traffic will be blocked or allowed based on configuration; this can be altered to either enforce more restrictions or create allowances on certain web traffic types.
  5. Scope: Specifies which machines this web filter will apply to; currently this policy can only be enforced to all machines not individual groups.
  6. Summary: Displays all of the configured settings before saving modifications. Once you have created the necessary modifications to the policy, select Submit to finalize the modification process.

You're Finished!

You should have successfully modified an existing web filter set; the newly specified categories will now be enforced on registered Intune devices. For any other problems or questions, reach out to us!