Network protection demonstrations

Network Protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.

Scenario requirements and setup

  • Windows 10 1709 build 16273, Windows 11
  • Microsoft Defender Antivirus

PowerShell command

Set-MpPreference -EnableNetworkProtection Enabled

Rule states

State Mode Numeric value
Disabled = Off 0
Enabled = Block mode 1
Audit = Audit mode 2

Verify configuration

Get-MpPreference

Scenario

  1. Turn on Network Protection using powershell command:

    Set-MpPreference -EnableNetworkProtection Enabled
    
  2. Using the browser of your choice (not Microsoft Edge*), navigate to the Network Protection website test. Microsoft Edge has other security measures in place to protect from this vulnerability (SmartScreen).

Expected results

Navigation to the website should be blocked and you should see a Connection blocked notification.

Clean-up

Set-MpPreference -EnableNetworkProtection Disabled

See also

Network Protection

Microsoft Defender for Endpoint - demonstration scenarios