[Microsoft ATP Antivirus] Web content filter doesn't work on windows devices and fail to synchronize with security center

Davi Araujo 1 Reputation point
2021-08-26T18:14:39.033+00:00

Hello guys,

i'm currently having problems with ATP windows solution for AV.

Recently we migrated from bitdefender endpoint solution to ATP for windows because of integration and benefits that involves our azure AD.

I used intunes onboard method where i configure a security baseline and configuration profile to deploy ATP to windows machines, as you can see bellow:

Security baseline:

126795-image.png

Configuration profile (scan):

126891-image.png

I did the step to sync the intunes with ATP solution without problems as you can see:

126778-image.png

But after ATP package got installed on computers, some of then don't synchronize correctly with ATP dashboard.

126863-image.png

When i try to access a website url (via chrome) that was previously blocked by me it doesn't show any information about the block, only message of connection insecured (ssl):

126810-image.png

Someone can help me ?

Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,293 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 39,461 Reputation points
    2021-08-27T14:53:51.873+00:00

    Hello @Davi Araujo ,

    Thank you for your question.

    Please follow these steps, it will help you:

    Allow specific websites
    It's possible to override the blocked category in web content filtering to allow a single site by creating a custom indicator policy. The custom indicator policy will supersede the web content filtering policy when it's applied to the device group in question.

    Create a custom indicator in the Microsoft 365 Defender portal by going to Settings > Endpoints > Indicators > URL/Domain > Add Item.

    Enter the domain of the site.

    Set the policy action to Allow.

    For more information please go through this link:
    https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/web-content-filtering?view=o365-worldwide

    If the reply was helpful, please don't forget to upvote or accept as answer.

    0 comments No comments