Atualizar windows10EndpointProtectionConfiguration

Namespace: microsoft.graph

Observação: A API do Microsoft Graph para Intune requer uma licença ativa do Intune para o locatário.

Atualizar as propriedades de um objeto windows10EndpointProtectionConfiguration.

Essa API está disponível nas seguintes implantações nacionais de nuvem.

Serviço global	Governo dos EUA L4	GOVERNO DOS EUA L5 (DOD)	China operada pela 21Vianet
✅	✅	✅	✅

Permissões

Uma das seguintes permissões é necessária para chamar esta API. Para saber mais, incluindo como escolher permissões, confira Permissões.

Tipo de permissão	Permissões (da com menos para a com mais privilégios)
Delegado (conta corporativa ou de estudante)	DeviceManagementConfiguration.ReadWrite.All
Delegado (conta pessoal da Microsoft)	Sem suporte.
Application	DeviceManagementConfiguration.ReadWrite.All

Solicitação HTTP

PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}

Cabeçalhos de solicitação

Cabeçalho	Valor
Autorização	{token} de portador. Obrigatório. Saiba mais sobre autenticação e autorização.
Aceitar	application/json

Corpo da solicitação

No corpo da solicitação, forneça uma representação JSON do objeto windows10EndpointProtectionConfiguration.

A tabela a seguir mostra as propriedades que são necessárias ao criar windows10EndpointProtectionConfiguration.

Propriedade	Tipo	Descrição
id	String	Chave da entidade. Herdada de deviceConfiguration
lastModifiedDateTime	DateTimeOffset	DateTime da última modificação do objeto. Herdada de deviceConfiguration
createdDateTime	DateTimeOffset	DateTime em que o objeto foi criado. Herdada de deviceConfiguration
description	String	O administrador forneceu a descrição da Configuração do dispositivo. Herdada de deviceConfiguration
displayName	String	O administrador forneceu o nome da Configuração do dispositivo. Herdada de deviceConfiguration
versão	Int32	Versão da configuração do dispositivo. Herdada de deviceConfiguration
firewallBlockStatefulFTP	Boolean	Bloqueia conexões de FTP com estado ao dispositivo
firewallIdleTimeoutForSecurityAssociationInSeconds	Int32	Configura o tempo limite ocioso das associações de segurança, em segundos, de 300 para 3.600, inclusive. Após esse período, as associações de segurança expirarão e serão excluídas. Valores válidos de 300 a 3.600
firewallPreSharedKeyEncodingMethod	firewallPreSharedKeyEncodingMethodType	Selecione a codificação de chave pré-compartilhada a ser usada. Os valores possíveis são: deviceDefault, none, utF8.
firewallIPSecExemptionsAllowNeighborDiscovery	Boolean	Configura isenções IPSec para permitir códigos do tipo ICMP IPv6 de descoberta de vizinhos
firewallIPSecExemptionsAllowICMP	Boolean	Configura isenções IPSec para permitir ICMP
firewallIPSecExemptionsAllowRouterDiscovery	Boolean	Configura isenções IPSec para permitir códigos do tipo ICMP IPv6 de descoberta de roteadores
firewallIPSecExemptionsAllowDHCP	Boolean	Configura isenções IPSec para permitir tráfego DHCP de IPv4 e IPv6
firewallCertificateRevocationListCheckMethod	firewallCertificateRevocationListCheckMethodType	Especifique como a lista de revogação de certificado deve ser imposta. Os valores possíveis são: deviceDefault, none, attempt, require.
firewallMergeKeyingModuleSettings	Boolean	Se um conjunto de autenticação não for totalmente suportado por um módulo de chave, direcione o módulo para ignorar apenas pacotes de autenticação não compatíveis, em vez de todo o conjunto
firewallPacketQueueingMethod	firewallPacketQueueingMethodType	Configura como a fila de pacotes deve ser aplicada no cenário do gateway de túnel. Os valores possíveis são: deviceDefault, disabled, queueInbound, queueOutbound, queueBoth.
firewallProfileDomain	windowsFirewallNetworkProfile	Define as configurações de perfil de firewall das redes do domínio
firewallProfilePublic	windowsFirewallNetworkProfile	Define as configurações de perfil de firewall das redes públicas
firewallProfilePrivate	windowsFirewallNetworkProfile	Define as configurações de perfil de firewall das redes privadas
defenderAttackSurfaceReductionExcludedPaths	String collection	Lista de arquivos executáveis e pastas a serem excluídos das regras de redução de superfície de ataque
defenderGuardedFoldersAllowedAppPaths	String collection	Lista de caminhos para execução com permissão para acessar as pastas protegidas
defenderAdditionalGuardedFolders	String collection	Lista de caminhos de pasta a serem adicionados à lista de pastas protegidas
defenderExploitProtectionXml	Binária	Conteúdo XML com informações sobre a proteção contra vulnerabilidades.
defenderExploitProtectionXmlFileName	String	Nome do arquivo do qual DefenderExploitProtectionXml foi obtido.
defenderSecurityCenterBlockExploitProtectionOverride	Boolean	Indica se o usuário será ou não impedido de substituir as configurações de Exploit Protection.
appLockerApplicationControl	appLockerApplicationControlType	Permite que o administrador escolha quais tipos de aplicativo permitir nos dispositivos. Os valores possíveis são: notConfigured, enforceComponentsAndStoreApps, auditComponentsAndStoreApps, enforceComponentsStoreAppsAndSmartlocker, auditComponentsStoreAppsAndSmartlocker.
smartScreenEnableInShell	Boolean	Permite que os administradores de TI configurem SmartScreen para Windows.
smartScreenBlockOverrideForFiles	Boolean	Permite que administradores de TI controlem se os usuários podem ignorar avisos do SmartScreen e executar arquivos maliciosos.
applicationGuardEnabled	Boolean	Habilitar o Windows Defender Application Guard
applicationGuardBlockFileTransfer	applicationGuardBlockFileTransferType	Bloqueie a área de transferência para transferir arquivo de imagem, arquivo de texto ou nenhum deles. Os valores possíveis são: notConfigured, blockImageAndTextFile, blockImageFile, blockNone, blockTextFile.
applicationGuardBlockNonEnterpriseContent	Boolean	Impedir sites corporativos de carregar conteúdos que não sejam da empresa, como plug-ins de terceiros
applicationGuardAllowPersistence	Boolean	Permitir dados persistentes gerados por usuários dentro do contêiner do App Guard (favoritos, cookies, senhas da Web, etc.)
applicationGuardForceAuditing	Boolean	A auditoria forçada persistirá logs e eventos do Windows para atender aos critérios de segurança/conformidade (exemplos de evento são logon e logoff do usuário, uso de direitos de privilégios, instalação de software, as alterações do sistema, etc.)
applicationGuardBlockClipboardSharing	applicationGuardBlockClipboardSharingType	Impedir a área de transferência de compartilhar dados do host para o contêiner, do contêiner para o host ou em ambas as direções. Os valores possíveis são: notConfigured, blockBoth, blockHostToContainer, blockContainerToHost, blockNone.
applicationGuardAllowPrintToPDF	Boolean	Permitir a impressão em PDF pelo contêiner
applicationGuardAllowPrintToXPS	Boolean	Permitir a impressão em XPS pelo contêiner
applicationGuardAllowPrintToLocalPrinters	Boolean	Permitir a impressão em impressoras locais pelo contêiner
applicationGuardAllowPrintToNetworkPrinters	Boolean	Permitir a impressão em impressoras da rede pelo contêiner
bitLockerDisableWarningForOtherDiskEncryption	Boolean	Permite que o administrador desabilite o aviso de outras criptografias de disco nas máquinas dos usuários.
bitLockerEnableStorageCardEncryptionOnMobile	Boolean	Permite que o administrador exija que a criptografia seja ativada usando BitLocker. Essa política é válida apenas para uma SKU móvel.
bitLockerEncryptDevice	Boolean	Permite que o administrador exija que a criptografia seja ativada usando BitLocker.
bitLockerRemovableDrivePolicy	bitLockerRemovableDrivePolicy	Política da unidade removível do BitLocker.

Resposta

Se bem-sucedido, este método retornará um código de resposta 200 OK e um objeto windows10EndpointProtectionConfiguration atualizado no corpo da resposta.

Exemplo

Solicitação

Este é um exemplo da solicitação.

HTTP

PATCH https://graph.microsoft.com/v1.0/deviceManagement/deviceConfigurations/{deviceConfigurationId}
Content-type: application/json
Content-length: 4245

{
  "@odata.type": "#microsoft.graph.windows10EndpointProtectionConfiguration",
  "description": "Description value",
  "displayName": "Display Name value",
  "version": 7,
  "firewallBlockStatefulFTP": true,
  "firewallIdleTimeoutForSecurityAssociationInSeconds": 2,
  "firewallPreSharedKeyEncodingMethod": "none",
  "firewallIPSecExemptionsAllowNeighborDiscovery": true,
  "firewallIPSecExemptionsAllowICMP": true,
  "firewallIPSecExemptionsAllowRouterDiscovery": true,
  "firewallIPSecExemptionsAllowDHCP": true,
  "firewallCertificateRevocationListCheckMethod": "none",
  "firewallMergeKeyingModuleSettings": true,
  "firewallPacketQueueingMethod": "disabled",
  "firewallProfileDomain": {
    "@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
    "firewallEnabled": "blocked",
    "stealthModeBlocked": true,
    "incomingTrafficBlocked": true,
    "unicastResponsesToMulticastBroadcastsBlocked": true,
    "inboundNotificationsBlocked": true,
    "authorizedApplicationRulesFromGroupPolicyMerged": true,
    "globalPortRulesFromGroupPolicyMerged": true,
    "connectionSecurityRulesFromGroupPolicyMerged": true,
    "outboundConnectionsBlocked": true,
    "inboundConnectionsBlocked": true,
    "securedPacketExemptionAllowed": true,
    "policyRulesFromGroupPolicyMerged": true
  },
  "firewallProfilePublic": {
    "@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
    "firewallEnabled": "blocked",
    "stealthModeBlocked": true,
    "incomingTrafficBlocked": true,
    "unicastResponsesToMulticastBroadcastsBlocked": true,
    "inboundNotificationsBlocked": true,
    "authorizedApplicationRulesFromGroupPolicyMerged": true,
    "globalPortRulesFromGroupPolicyMerged": true,
    "connectionSecurityRulesFromGroupPolicyMerged": true,
    "outboundConnectionsBlocked": true,
    "inboundConnectionsBlocked": true,
    "securedPacketExemptionAllowed": true,
    "policyRulesFromGroupPolicyMerged": true
  },
  "firewallProfilePrivate": {
    "@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
    "firewallEnabled": "blocked",
    "stealthModeBlocked": true,
    "incomingTrafficBlocked": true,
    "unicastResponsesToMulticastBroadcastsBlocked": true,
    "inboundNotificationsBlocked": true,
    "authorizedApplicationRulesFromGroupPolicyMerged": true,
    "globalPortRulesFromGroupPolicyMerged": true,
    "connectionSecurityRulesFromGroupPolicyMerged": true,
    "outboundConnectionsBlocked": true,
    "inboundConnectionsBlocked": true,
    "securedPacketExemptionAllowed": true,
    "policyRulesFromGroupPolicyMerged": true
  },
  "defenderAttackSurfaceReductionExcludedPaths": [
    "Defender Attack Surface Reduction Excluded Paths value"
  ],
  "defenderGuardedFoldersAllowedAppPaths": [
    "Defender Guarded Folders Allowed App Paths value"
  ],
  "defenderAdditionalGuardedFolders": [
    "Defender Additional Guarded Folders value"
  ],
  "defenderExploitProtectionXml": "ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==",
  "defenderExploitProtectionXmlFileName": "Defender Exploit Protection Xml File Name value",
  "defenderSecurityCenterBlockExploitProtectionOverride": true,
  "appLockerApplicationControl": "enforceComponentsAndStoreApps",
  "smartScreenEnableInShell": true,
  "smartScreenBlockOverrideForFiles": true,
  "applicationGuardEnabled": true,
  "applicationGuardBlockFileTransfer": "blockImageAndTextFile",
  "applicationGuardBlockNonEnterpriseContent": true,
  "applicationGuardAllowPersistence": true,
  "applicationGuardForceAuditing": true,
  "applicationGuardBlockClipboardSharing": "blockBoth",
  "applicationGuardAllowPrintToPDF": true,
  "applicationGuardAllowPrintToXPS": true,
  "applicationGuardAllowPrintToLocalPrinters": true,
  "applicationGuardAllowPrintToNetworkPrinters": true,
  "bitLockerDisableWarningForOtherDiskEncryption": true,
  "bitLockerEnableStorageCardEncryptionOnMobile": true,
  "bitLockerEncryptDevice": true,
  "bitLockerRemovableDrivePolicy": {
    "@odata.type": "microsoft.graph.bitLockerRemovableDrivePolicy",
    "encryptionMethod": "aesCbc256",
    "requireEncryptionForWriteAccess": true,
    "blockCrossOrganizationWriteAccess": true
  }
}

C#

// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Models;

var requestBody = new Windows10EndpointProtectionConfiguration
{
	OdataType = "#microsoft.graph.windows10EndpointProtectionConfiguration",
	Description = "Description value",
	DisplayName = "Display Name value",
	Version = 7,
	FirewallBlockStatefulFTP = true,
	FirewallIdleTimeoutForSecurityAssociationInSeconds = 2,
	FirewallPreSharedKeyEncodingMethod = FirewallPreSharedKeyEncodingMethodType.None,
	FirewallIPSecExemptionsAllowNeighborDiscovery = true,
	FirewallIPSecExemptionsAllowICMP = true,
	FirewallIPSecExemptionsAllowRouterDiscovery = true,
	FirewallIPSecExemptionsAllowDHCP = true,
	FirewallCertificateRevocationListCheckMethod = FirewallCertificateRevocationListCheckMethodType.None,
	FirewallMergeKeyingModuleSettings = true,
	FirewallPacketQueueingMethod = FirewallPacketQueueingMethodType.Disabled,
	FirewallProfileDomain = new WindowsFirewallNetworkProfile
	{
		OdataType = "microsoft.graph.windowsFirewallNetworkProfile",
		FirewallEnabled = StateManagementSetting.Blocked,
		StealthModeBlocked = true,
		IncomingTrafficBlocked = true,
		UnicastResponsesToMulticastBroadcastsBlocked = true,
		InboundNotificationsBlocked = true,
		AuthorizedApplicationRulesFromGroupPolicyMerged = true,
		GlobalPortRulesFromGroupPolicyMerged = true,
		ConnectionSecurityRulesFromGroupPolicyMerged = true,
		OutboundConnectionsBlocked = true,
		InboundConnectionsBlocked = true,
		SecuredPacketExemptionAllowed = true,
		PolicyRulesFromGroupPolicyMerged = true,
	},
	FirewallProfilePublic = new WindowsFirewallNetworkProfile
	{
		OdataType = "microsoft.graph.windowsFirewallNetworkProfile",
		FirewallEnabled = StateManagementSetting.Blocked,
		StealthModeBlocked = true,
		IncomingTrafficBlocked = true,
		UnicastResponsesToMulticastBroadcastsBlocked = true,
		InboundNotificationsBlocked = true,
		AuthorizedApplicationRulesFromGroupPolicyMerged = true,
		GlobalPortRulesFromGroupPolicyMerged = true,
		ConnectionSecurityRulesFromGroupPolicyMerged = true,
		OutboundConnectionsBlocked = true,
		InboundConnectionsBlocked = true,
		SecuredPacketExemptionAllowed = true,
		PolicyRulesFromGroupPolicyMerged = true,
	},
	FirewallProfilePrivate = new WindowsFirewallNetworkProfile
	{
		OdataType = "microsoft.graph.windowsFirewallNetworkProfile",
		FirewallEnabled = StateManagementSetting.Blocked,
		StealthModeBlocked = true,
		IncomingTrafficBlocked = true,
		UnicastResponsesToMulticastBroadcastsBlocked = true,
		InboundNotificationsBlocked = true,
		AuthorizedApplicationRulesFromGroupPolicyMerged = true,
		GlobalPortRulesFromGroupPolicyMerged = true,
		ConnectionSecurityRulesFromGroupPolicyMerged = true,
		OutboundConnectionsBlocked = true,
		InboundConnectionsBlocked = true,
		SecuredPacketExemptionAllowed = true,
		PolicyRulesFromGroupPolicyMerged = true,
	},
	DefenderAttackSurfaceReductionExcludedPaths = new List<string>
	{
		"Defender Attack Surface Reduction Excluded Paths value",
	},
	DefenderGuardedFoldersAllowedAppPaths = new List<string>
	{
		"Defender Guarded Folders Allowed App Paths value",
	},
	DefenderAdditionalGuardedFolders = new List<string>
	{
		"Defender Additional Guarded Folders value",
	},
	DefenderExploitProtectionXml = Convert.FromBase64String("ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA=="),
	DefenderExploitProtectionXmlFileName = "Defender Exploit Protection Xml File Name value",
	DefenderSecurityCenterBlockExploitProtectionOverride = true,
	AppLockerApplicationControl = AppLockerApplicationControlType.EnforceComponentsAndStoreApps,
	SmartScreenEnableInShell = true,
	SmartScreenBlockOverrideForFiles = true,
	ApplicationGuardEnabled = true,
	ApplicationGuardBlockFileTransfer = ApplicationGuardBlockFileTransferType.BlockImageAndTextFile,
	ApplicationGuardBlockNonEnterpriseContent = true,
	ApplicationGuardAllowPersistence = true,
	ApplicationGuardForceAuditing = true,
	ApplicationGuardBlockClipboardSharing = ApplicationGuardBlockClipboardSharingType.BlockBoth,
	ApplicationGuardAllowPrintToPDF = true,
	ApplicationGuardAllowPrintToXPS = true,
	ApplicationGuardAllowPrintToLocalPrinters = true,
	ApplicationGuardAllowPrintToNetworkPrinters = true,
	BitLockerDisableWarningForOtherDiskEncryption = true,
	BitLockerEnableStorageCardEncryptionOnMobile = true,
	BitLockerEncryptDevice = true,
	BitLockerRemovableDrivePolicy = new BitLockerRemovableDrivePolicy
	{
		OdataType = "microsoft.graph.bitLockerRemovableDrivePolicy",
		EncryptionMethod = BitLockerEncryptionMethod.AesCbc256,
		RequireEncryptionForWriteAccess = true,
		BlockCrossOrganizationWriteAccess = true,
	},
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.DeviceManagement.DeviceConfigurations["{deviceConfiguration-id}"].PatchAsync(requestBody);

Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider, consulte a documentação do SDK.

CLI

mgc device-management device-configurations patch --device-configuration-id {deviceConfiguration-id} --body '{\
  "@odata.type": "#microsoft.graph.windows10EndpointProtectionConfiguration",\
  "description": "Description value",\
  "displayName": "Display Name value",\
  "version": 7,\
  "firewallBlockStatefulFTP": true,\
  "firewallIdleTimeoutForSecurityAssociationInSeconds": 2,\
  "firewallPreSharedKeyEncodingMethod": "none",\
  "firewallIPSecExemptionsAllowNeighborDiscovery": true,\
  "firewallIPSecExemptionsAllowICMP": true,\
  "firewallIPSecExemptionsAllowRouterDiscovery": true,\
  "firewallIPSecExemptionsAllowDHCP": true,\
  "firewallCertificateRevocationListCheckMethod": "none",\
  "firewallMergeKeyingModuleSettings": true,\
  "firewallPacketQueueingMethod": "disabled",\
  "firewallProfileDomain": {\
    "@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",\
    "firewallEnabled": "blocked",\
    "stealthModeBlocked": true,\
    "incomingTrafficBlocked": true,\
    "unicastResponsesToMulticastBroadcastsBlocked": true,\
    "inboundNotificationsBlocked": true,\
    "authorizedApplicationRulesFromGroupPolicyMerged": true,\
    "globalPortRulesFromGroupPolicyMerged": true,\
    "connectionSecurityRulesFromGroupPolicyMerged": true,\
    "outboundConnectionsBlocked": true,\
    "inboundConnectionsBlocked": true,\
    "securedPacketExemptionAllowed": true,\
    "policyRulesFromGroupPolicyMerged": true\
  },\
  "firewallProfilePublic": {\
    "@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",\
    "firewallEnabled": "blocked",\
    "stealthModeBlocked": true,\
    "incomingTrafficBlocked": true,\
    "unicastResponsesToMulticastBroadcastsBlocked": true,\
    "inboundNotificationsBlocked": true,\
    "authorizedApplicationRulesFromGroupPolicyMerged": true,\
    "globalPortRulesFromGroupPolicyMerged": true,\
    "connectionSecurityRulesFromGroupPolicyMerged": true,\
    "outboundConnectionsBlocked": true,\
    "inboundConnectionsBlocked": true,\
    "securedPacketExemptionAllowed": true,\
    "policyRulesFromGroupPolicyMerged": true\
  },\
  "firewallProfilePrivate": {\
    "@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",\
    "firewallEnabled": "blocked",\
    "stealthModeBlocked": true,\
    "incomingTrafficBlocked": true,\
    "unicastResponsesToMulticastBroadcastsBlocked": true,\
    "inboundNotificationsBlocked": true,\
    "authorizedApplicationRulesFromGroupPolicyMerged": true,\
    "globalPortRulesFromGroupPolicyMerged": true,\
    "connectionSecurityRulesFromGroupPolicyMerged": true,\
    "outboundConnectionsBlocked": true,\
    "inboundConnectionsBlocked": true,\
    "securedPacketExemptionAllowed": true,\
    "policyRulesFromGroupPolicyMerged": true\
  },\
  "defenderAttackSurfaceReductionExcludedPaths": [\
    "Defender Attack Surface Reduction Excluded Paths value"\
  ],\
  "defenderGuardedFoldersAllowedAppPaths": [\
    "Defender Guarded Folders Allowed App Paths value"\
  ],\
  "defenderAdditionalGuardedFolders": [\
    "Defender Additional Guarded Folders value"\
  ],\
  "defenderExploitProtectionXml": "ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==",\
  "defenderExploitProtectionXmlFileName": "Defender Exploit Protection Xml File Name value",\
  "defenderSecurityCenterBlockExploitProtectionOverride": true,\
  "appLockerApplicationControl": "enforceComponentsAndStoreApps",\
  "smartScreenEnableInShell": true,\
  "smartScreenBlockOverrideForFiles": true,\
  "applicationGuardEnabled": true,\
  "applicationGuardBlockFileTransfer": "blockImageAndTextFile",\
  "applicationGuardBlockNonEnterpriseContent": true,\
  "applicationGuardAllowPersistence": true,\
  "applicationGuardForceAuditing": true,\
  "applicationGuardBlockClipboardSharing": "blockBoth",\
  "applicationGuardAllowPrintToPDF": true,\
  "applicationGuardAllowPrintToXPS": true,\
  "applicationGuardAllowPrintToLocalPrinters": true,\
  "applicationGuardAllowPrintToNetworkPrinters": true,\
  "bitLockerDisableWarningForOtherDiskEncryption": true,\
  "bitLockerEnableStorageCardEncryptionOnMobile": true,\
  "bitLockerEncryptDevice": true,\
  "bitLockerRemovableDrivePolicy": {\
    "@odata.type": "microsoft.graph.bitLockerRemovableDrivePolicy",\
    "encryptionMethod": "aesCbc256",\
    "requireEncryptionForWriteAccess": true,\
    "blockCrossOrganizationWriteAccess": true\
  }\
}\
'

Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider, consulte a documentação do SDK.

Ir

// Code snippets are only available for the latest major version. Current major version is $v1.*

// Dependencies
import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
	  //other-imports
)

requestBody := graphmodels.NewDeviceConfiguration()
description := "Description value"
requestBody.SetDescription(&description) 
displayName := "Display Name value"
requestBody.SetDisplayName(&displayName) 
version := int32(7)
requestBody.SetVersion(&version) 
firewallBlockStatefulFTP := true
requestBody.SetFirewallBlockStatefulFTP(&firewallBlockStatefulFTP) 
firewallIdleTimeoutForSecurityAssociationInSeconds := int32(2)
requestBody.SetFirewallIdleTimeoutForSecurityAssociationInSeconds(&firewallIdleTimeoutForSecurityAssociationInSeconds) 
firewallPreSharedKeyEncodingMethod := graphmodels.NONE_FIREWALLPRESHAREDKEYENCODINGMETHODTYPE 
requestBody.SetFirewallPreSharedKeyEncodingMethod(&firewallPreSharedKeyEncodingMethod) 
firewallIPSecExemptionsAllowNeighborDiscovery := true
requestBody.SetFirewallIPSecExemptionsAllowNeighborDiscovery(&firewallIPSecExemptionsAllowNeighborDiscovery) 
firewallIPSecExemptionsAllowICMP := true
requestBody.SetFirewallIPSecExemptionsAllowICMP(&firewallIPSecExemptionsAllowICMP) 
firewallIPSecExemptionsAllowRouterDiscovery := true
requestBody.SetFirewallIPSecExemptionsAllowRouterDiscovery(&firewallIPSecExemptionsAllowRouterDiscovery) 
firewallIPSecExemptionsAllowDHCP := true
requestBody.SetFirewallIPSecExemptionsAllowDHCP(&firewallIPSecExemptionsAllowDHCP) 
firewallCertificateRevocationListCheckMethod := graphmodels.NONE_FIREWALLCERTIFICATEREVOCATIONLISTCHECKMETHODTYPE 
requestBody.SetFirewallCertificateRevocationListCheckMethod(&firewallCertificateRevocationListCheckMethod) 
firewallMergeKeyingModuleSettings := true
requestBody.SetFirewallMergeKeyingModuleSettings(&firewallMergeKeyingModuleSettings) 
firewallPacketQueueingMethod := graphmodels.DISABLED_FIREWALLPACKETQUEUEINGMETHODTYPE 
requestBody.SetFirewallPacketQueueingMethod(&firewallPacketQueueingMethod) 
firewallProfileDomain := graphmodels.NewWindowsFirewallNetworkProfile()
firewallEnabled := graphmodels.BLOCKED_STATEMANAGEMENTSETTING 
firewallProfileDomain.SetFirewallEnabled(&firewallEnabled) 
stealthModeBlocked := true
firewallProfileDomain.SetStealthModeBlocked(&stealthModeBlocked) 
incomingTrafficBlocked := true
firewallProfileDomain.SetIncomingTrafficBlocked(&incomingTrafficBlocked) 
unicastResponsesToMulticastBroadcastsBlocked := true
firewallProfileDomain.SetUnicastResponsesToMulticastBroadcastsBlocked(&unicastResponsesToMulticastBroadcastsBlocked) 
inboundNotificationsBlocked := true
firewallProfileDomain.SetInboundNotificationsBlocked(&inboundNotificationsBlocked) 
authorizedApplicationRulesFromGroupPolicyMerged := true
firewallProfileDomain.SetAuthorizedApplicationRulesFromGroupPolicyMerged(&authorizedApplicationRulesFromGroupPolicyMerged) 
globalPortRulesFromGroupPolicyMerged := true
firewallProfileDomain.SetGlobalPortRulesFromGroupPolicyMerged(&globalPortRulesFromGroupPolicyMerged) 
connectionSecurityRulesFromGroupPolicyMerged := true
firewallProfileDomain.SetConnectionSecurityRulesFromGroupPolicyMerged(&connectionSecurityRulesFromGroupPolicyMerged) 
outboundConnectionsBlocked := true
firewallProfileDomain.SetOutboundConnectionsBlocked(&outboundConnectionsBlocked) 
inboundConnectionsBlocked := true
firewallProfileDomain.SetInboundConnectionsBlocked(&inboundConnectionsBlocked) 
securedPacketExemptionAllowed := true
firewallProfileDomain.SetSecuredPacketExemptionAllowed(&securedPacketExemptionAllowed) 
policyRulesFromGroupPolicyMerged := true
firewallProfileDomain.SetPolicyRulesFromGroupPolicyMerged(&policyRulesFromGroupPolicyMerged) 
requestBody.SetFirewallProfileDomain(firewallProfileDomain)
firewallProfilePublic := graphmodels.NewWindowsFirewallNetworkProfile()
firewallEnabled := graphmodels.BLOCKED_STATEMANAGEMENTSETTING 
firewallProfilePublic.SetFirewallEnabled(&firewallEnabled) 
stealthModeBlocked := true
firewallProfilePublic.SetStealthModeBlocked(&stealthModeBlocked) 
incomingTrafficBlocked := true
firewallProfilePublic.SetIncomingTrafficBlocked(&incomingTrafficBlocked) 
unicastResponsesToMulticastBroadcastsBlocked := true
firewallProfilePublic.SetUnicastResponsesToMulticastBroadcastsBlocked(&unicastResponsesToMulticastBroadcastsBlocked) 
inboundNotificationsBlocked := true
firewallProfilePublic.SetInboundNotificationsBlocked(&inboundNotificationsBlocked) 
authorizedApplicationRulesFromGroupPolicyMerged := true
firewallProfilePublic.SetAuthorizedApplicationRulesFromGroupPolicyMerged(&authorizedApplicationRulesFromGroupPolicyMerged) 
globalPortRulesFromGroupPolicyMerged := true
firewallProfilePublic.SetGlobalPortRulesFromGroupPolicyMerged(&globalPortRulesFromGroupPolicyMerged) 
connectionSecurityRulesFromGroupPolicyMerged := true
firewallProfilePublic.SetConnectionSecurityRulesFromGroupPolicyMerged(&connectionSecurityRulesFromGroupPolicyMerged) 
outboundConnectionsBlocked := true
firewallProfilePublic.SetOutboundConnectionsBlocked(&outboundConnectionsBlocked) 
inboundConnectionsBlocked := true
firewallProfilePublic.SetInboundConnectionsBlocked(&inboundConnectionsBlocked) 
securedPacketExemptionAllowed := true
firewallProfilePublic.SetSecuredPacketExemptionAllowed(&securedPacketExemptionAllowed) 
policyRulesFromGroupPolicyMerged := true
firewallProfilePublic.SetPolicyRulesFromGroupPolicyMerged(&policyRulesFromGroupPolicyMerged) 
requestBody.SetFirewallProfilePublic(firewallProfilePublic)
firewallProfilePrivate := graphmodels.NewWindowsFirewallNetworkProfile()
firewallEnabled := graphmodels.BLOCKED_STATEMANAGEMENTSETTING 
firewallProfilePrivate.SetFirewallEnabled(&firewallEnabled) 
stealthModeBlocked := true
firewallProfilePrivate.SetStealthModeBlocked(&stealthModeBlocked) 
incomingTrafficBlocked := true
firewallProfilePrivate.SetIncomingTrafficBlocked(&incomingTrafficBlocked) 
unicastResponsesToMulticastBroadcastsBlocked := true
firewallProfilePrivate.SetUnicastResponsesToMulticastBroadcastsBlocked(&unicastResponsesToMulticastBroadcastsBlocked) 
inboundNotificationsBlocked := true
firewallProfilePrivate.SetInboundNotificationsBlocked(&inboundNotificationsBlocked) 
authorizedApplicationRulesFromGroupPolicyMerged := true
firewallProfilePrivate.SetAuthorizedApplicationRulesFromGroupPolicyMerged(&authorizedApplicationRulesFromGroupPolicyMerged) 
globalPortRulesFromGroupPolicyMerged := true
firewallProfilePrivate.SetGlobalPortRulesFromGroupPolicyMerged(&globalPortRulesFromGroupPolicyMerged) 
connectionSecurityRulesFromGroupPolicyMerged := true
firewallProfilePrivate.SetConnectionSecurityRulesFromGroupPolicyMerged(&connectionSecurityRulesFromGroupPolicyMerged) 
outboundConnectionsBlocked := true
firewallProfilePrivate.SetOutboundConnectionsBlocked(&outboundConnectionsBlocked) 
inboundConnectionsBlocked := true
firewallProfilePrivate.SetInboundConnectionsBlocked(&inboundConnectionsBlocked) 
securedPacketExemptionAllowed := true
firewallProfilePrivate.SetSecuredPacketExemptionAllowed(&securedPacketExemptionAllowed) 
policyRulesFromGroupPolicyMerged := true
firewallProfilePrivate.SetPolicyRulesFromGroupPolicyMerged(&policyRulesFromGroupPolicyMerged) 
requestBody.SetFirewallProfilePrivate(firewallProfilePrivate)
defenderAttackSurfaceReductionExcludedPaths := []string {
	"Defender Attack Surface Reduction Excluded Paths value",
}
requestBody.SetDefenderAttackSurfaceReductionExcludedPaths(defenderAttackSurfaceReductionExcludedPaths)
defenderGuardedFoldersAllowedAppPaths := []string {
	"Defender Guarded Folders Allowed App Paths value",
}
requestBody.SetDefenderGuardedFoldersAllowedAppPaths(defenderGuardedFoldersAllowedAppPaths)
defenderAdditionalGuardedFolders := []string {
	"Defender Additional Guarded Folders value",
}
requestBody.SetDefenderAdditionalGuardedFolders(defenderAdditionalGuardedFolders)
defenderExploitProtectionXml := []byte("zGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==")
requestBody.SetDefenderExploitProtectionXml(&defenderExploitProtectionXml) 
defenderExploitProtectionXmlFileName := "Defender Exploit Protection Xml File Name value"
requestBody.SetDefenderExploitProtectionXmlFileName(&defenderExploitProtectionXmlFileName) 
defenderSecurityCenterBlockExploitProtectionOverride := true
requestBody.SetDefenderSecurityCenterBlockExploitProtectionOverride(&defenderSecurityCenterBlockExploitProtectionOverride) 
appLockerApplicationControl := graphmodels.ENFORCECOMPONENTSANDSTOREAPPS_APPLOCKERAPPLICATIONCONTROLTYPE 
requestBody.SetAppLockerApplicationControl(&appLockerApplicationControl) 
smartScreenEnableInShell := true
requestBody.SetSmartScreenEnableInShell(&smartScreenEnableInShell) 
smartScreenBlockOverrideForFiles := true
requestBody.SetSmartScreenBlockOverrideForFiles(&smartScreenBlockOverrideForFiles) 
applicationGuardEnabled := true
requestBody.SetApplicationGuardEnabled(&applicationGuardEnabled) 
applicationGuardBlockFileTransfer := graphmodels.BLOCKIMAGEANDTEXTFILE_APPLICATIONGUARDBLOCKFILETRANSFERTYPE 
requestBody.SetApplicationGuardBlockFileTransfer(&applicationGuardBlockFileTransfer) 
applicationGuardBlockNonEnterpriseContent := true
requestBody.SetApplicationGuardBlockNonEnterpriseContent(&applicationGuardBlockNonEnterpriseContent) 
applicationGuardAllowPersistence := true
requestBody.SetApplicationGuardAllowPersistence(&applicationGuardAllowPersistence) 
applicationGuardForceAuditing := true
requestBody.SetApplicationGuardForceAuditing(&applicationGuardForceAuditing) 
applicationGuardBlockClipboardSharing := graphmodels.BLOCKBOTH_APPLICATIONGUARDBLOCKCLIPBOARDSHARINGTYPE 
requestBody.SetApplicationGuardBlockClipboardSharing(&applicationGuardBlockClipboardSharing) 
applicationGuardAllowPrintToPDF := true
requestBody.SetApplicationGuardAllowPrintToPDF(&applicationGuardAllowPrintToPDF) 
applicationGuardAllowPrintToXPS := true
requestBody.SetApplicationGuardAllowPrintToXPS(&applicationGuardAllowPrintToXPS) 
applicationGuardAllowPrintToLocalPrinters := true
requestBody.SetApplicationGuardAllowPrintToLocalPrinters(&applicationGuardAllowPrintToLocalPrinters) 
applicationGuardAllowPrintToNetworkPrinters := true
requestBody.SetApplicationGuardAllowPrintToNetworkPrinters(&applicationGuardAllowPrintToNetworkPrinters) 
bitLockerDisableWarningForOtherDiskEncryption := true
requestBody.SetBitLockerDisableWarningForOtherDiskEncryption(&bitLockerDisableWarningForOtherDiskEncryption) 
bitLockerEnableStorageCardEncryptionOnMobile := true
requestBody.SetBitLockerEnableStorageCardEncryptionOnMobile(&bitLockerEnableStorageCardEncryptionOnMobile) 
bitLockerEncryptDevice := true
requestBody.SetBitLockerEncryptDevice(&bitLockerEncryptDevice) 
bitLockerRemovableDrivePolicy := graphmodels.NewBitLockerRemovableDrivePolicy()
encryptionMethod := graphmodels.AESCBC256_BITLOCKERENCRYPTIONMETHOD 
bitLockerRemovableDrivePolicy.SetEncryptionMethod(&encryptionMethod) 
requireEncryptionForWriteAccess := true
bitLockerRemovableDrivePolicy.SetRequireEncryptionForWriteAccess(&requireEncryptionForWriteAccess) 
blockCrossOrganizationWriteAccess := true
bitLockerRemovableDrivePolicy.SetBlockCrossOrganizationWriteAccess(&blockCrossOrganizationWriteAccess) 
requestBody.SetBitLockerRemovableDrivePolicy(bitLockerRemovableDrivePolicy)

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
deviceConfigurations, err := graphClient.DeviceManagement().DeviceConfigurations().ByDeviceConfigurationId("deviceConfiguration-id").Patch(context.Background(), requestBody, nil)

Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider, consulte a documentação do SDK.

Java

// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

Windows10EndpointProtectionConfiguration deviceConfiguration = new Windows10EndpointProtectionConfiguration();
deviceConfiguration.setOdataType("#microsoft.graph.windows10EndpointProtectionConfiguration");
deviceConfiguration.setDescription("Description value");
deviceConfiguration.setDisplayName("Display Name value");
deviceConfiguration.setVersion(7);
deviceConfiguration.setFirewallBlockStatefulFTP(true);
deviceConfiguration.setFirewallIdleTimeoutForSecurityAssociationInSeconds(2);
deviceConfiguration.setFirewallPreSharedKeyEncodingMethod(FirewallPreSharedKeyEncodingMethodType.None);
deviceConfiguration.setFirewallIPSecExemptionsAllowNeighborDiscovery(true);
deviceConfiguration.setFirewallIPSecExemptionsAllowICMP(true);
deviceConfiguration.setFirewallIPSecExemptionsAllowRouterDiscovery(true);
deviceConfiguration.setFirewallIPSecExemptionsAllowDHCP(true);
deviceConfiguration.setFirewallCertificateRevocationListCheckMethod(FirewallCertificateRevocationListCheckMethodType.None);
deviceConfiguration.setFirewallMergeKeyingModuleSettings(true);
deviceConfiguration.setFirewallPacketQueueingMethod(FirewallPacketQueueingMethodType.Disabled);
WindowsFirewallNetworkProfile firewallProfileDomain = new WindowsFirewallNetworkProfile();
firewallProfileDomain.setOdataType("microsoft.graph.windowsFirewallNetworkProfile");
firewallProfileDomain.setFirewallEnabled(StateManagementSetting.Blocked);
firewallProfileDomain.setStealthModeBlocked(true);
firewallProfileDomain.setIncomingTrafficBlocked(true);
firewallProfileDomain.setUnicastResponsesToMulticastBroadcastsBlocked(true);
firewallProfileDomain.setInboundNotificationsBlocked(true);
firewallProfileDomain.setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
firewallProfileDomain.setGlobalPortRulesFromGroupPolicyMerged(true);
firewallProfileDomain.setConnectionSecurityRulesFromGroupPolicyMerged(true);
firewallProfileDomain.setOutboundConnectionsBlocked(true);
firewallProfileDomain.setInboundConnectionsBlocked(true);
firewallProfileDomain.setSecuredPacketExemptionAllowed(true);
firewallProfileDomain.setPolicyRulesFromGroupPolicyMerged(true);
deviceConfiguration.setFirewallProfileDomain(firewallProfileDomain);
WindowsFirewallNetworkProfile firewallProfilePublic = new WindowsFirewallNetworkProfile();
firewallProfilePublic.setOdataType("microsoft.graph.windowsFirewallNetworkProfile");
firewallProfilePublic.setFirewallEnabled(StateManagementSetting.Blocked);
firewallProfilePublic.setStealthModeBlocked(true);
firewallProfilePublic.setIncomingTrafficBlocked(true);
firewallProfilePublic.setUnicastResponsesToMulticastBroadcastsBlocked(true);
firewallProfilePublic.setInboundNotificationsBlocked(true);
firewallProfilePublic.setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
firewallProfilePublic.setGlobalPortRulesFromGroupPolicyMerged(true);
firewallProfilePublic.setConnectionSecurityRulesFromGroupPolicyMerged(true);
firewallProfilePublic.setOutboundConnectionsBlocked(true);
firewallProfilePublic.setInboundConnectionsBlocked(true);
firewallProfilePublic.setSecuredPacketExemptionAllowed(true);
firewallProfilePublic.setPolicyRulesFromGroupPolicyMerged(true);
deviceConfiguration.setFirewallProfilePublic(firewallProfilePublic);
WindowsFirewallNetworkProfile firewallProfilePrivate = new WindowsFirewallNetworkProfile();
firewallProfilePrivate.setOdataType("microsoft.graph.windowsFirewallNetworkProfile");
firewallProfilePrivate.setFirewallEnabled(StateManagementSetting.Blocked);
firewallProfilePrivate.setStealthModeBlocked(true);
firewallProfilePrivate.setIncomingTrafficBlocked(true);
firewallProfilePrivate.setUnicastResponsesToMulticastBroadcastsBlocked(true);
firewallProfilePrivate.setInboundNotificationsBlocked(true);
firewallProfilePrivate.setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
firewallProfilePrivate.setGlobalPortRulesFromGroupPolicyMerged(true);
firewallProfilePrivate.setConnectionSecurityRulesFromGroupPolicyMerged(true);
firewallProfilePrivate.setOutboundConnectionsBlocked(true);
firewallProfilePrivate.setInboundConnectionsBlocked(true);
firewallProfilePrivate.setSecuredPacketExemptionAllowed(true);
firewallProfilePrivate.setPolicyRulesFromGroupPolicyMerged(true);
deviceConfiguration.setFirewallProfilePrivate(firewallProfilePrivate);
LinkedList<String> defenderAttackSurfaceReductionExcludedPaths = new LinkedList<String>();
defenderAttackSurfaceReductionExcludedPaths.add("Defender Attack Surface Reduction Excluded Paths value");
deviceConfiguration.setDefenderAttackSurfaceReductionExcludedPaths(defenderAttackSurfaceReductionExcludedPaths);
LinkedList<String> defenderGuardedFoldersAllowedAppPaths = new LinkedList<String>();
defenderGuardedFoldersAllowedAppPaths.add("Defender Guarded Folders Allowed App Paths value");
deviceConfiguration.setDefenderGuardedFoldersAllowedAppPaths(defenderGuardedFoldersAllowedAppPaths);
LinkedList<String> defenderAdditionalGuardedFolders = new LinkedList<String>();
defenderAdditionalGuardedFolders.add("Defender Additional Guarded Folders value");
deviceConfiguration.setDefenderAdditionalGuardedFolders(defenderAdditionalGuardedFolders);
byte[] defenderExploitProtectionXml = Base64.getDecoder().decode("ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==");
deviceConfiguration.setDefenderExploitProtectionXml(defenderExploitProtectionXml);
deviceConfiguration.setDefenderExploitProtectionXmlFileName("Defender Exploit Protection Xml File Name value");
deviceConfiguration.setDefenderSecurityCenterBlockExploitProtectionOverride(true);
deviceConfiguration.setAppLockerApplicationControl(AppLockerApplicationControlType.EnforceComponentsAndStoreApps);
deviceConfiguration.setSmartScreenEnableInShell(true);
deviceConfiguration.setSmartScreenBlockOverrideForFiles(true);
deviceConfiguration.setApplicationGuardEnabled(true);
deviceConfiguration.setApplicationGuardBlockFileTransfer(ApplicationGuardBlockFileTransferType.BlockImageAndTextFile);
deviceConfiguration.setApplicationGuardBlockNonEnterpriseContent(true);
deviceConfiguration.setApplicationGuardAllowPersistence(true);
deviceConfiguration.setApplicationGuardForceAuditing(true);
deviceConfiguration.setApplicationGuardBlockClipboardSharing(ApplicationGuardBlockClipboardSharingType.BlockBoth);
deviceConfiguration.setApplicationGuardAllowPrintToPDF(true);
deviceConfiguration.setApplicationGuardAllowPrintToXPS(true);
deviceConfiguration.setApplicationGuardAllowPrintToLocalPrinters(true);
deviceConfiguration.setApplicationGuardAllowPrintToNetworkPrinters(true);
deviceConfiguration.setBitLockerDisableWarningForOtherDiskEncryption(true);
deviceConfiguration.setBitLockerEnableStorageCardEncryptionOnMobile(true);
deviceConfiguration.setBitLockerEncryptDevice(true);
BitLockerRemovableDrivePolicy bitLockerRemovableDrivePolicy = new BitLockerRemovableDrivePolicy();
bitLockerRemovableDrivePolicy.setOdataType("microsoft.graph.bitLockerRemovableDrivePolicy");
bitLockerRemovableDrivePolicy.setEncryptionMethod(BitLockerEncryptionMethod.AesCbc256);
bitLockerRemovableDrivePolicy.setRequireEncryptionForWriteAccess(true);
bitLockerRemovableDrivePolicy.setBlockCrossOrganizationWriteAccess(true);
deviceConfiguration.setBitLockerRemovableDrivePolicy(bitLockerRemovableDrivePolicy);
DeviceConfiguration result = graphClient.deviceManagement().deviceConfigurations().byDeviceConfigurationId("{deviceConfiguration-id}").patch(deviceConfiguration);

Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider, consulte a documentação do SDK.

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

const deviceConfiguration = {
  '@odata.type': '#microsoft.graph.windows10EndpointProtectionConfiguration',
  description: 'Description value',
  displayName: 'Display Name value',
  version: 7,
  firewallBlockStatefulFTP: true,
  firewallIdleTimeoutForSecurityAssociationInSeconds: 2,
  firewallPreSharedKeyEncodingMethod: 'none',
  firewallIPSecExemptionsAllowNeighborDiscovery: true,
  firewallIPSecExemptionsAllowICMP: true,
  firewallIPSecExemptionsAllowRouterDiscovery: true,
  firewallIPSecExemptionsAllowDHCP: true,
  firewallCertificateRevocationListCheckMethod: 'none',
  firewallMergeKeyingModuleSettings: true,
  firewallPacketQueueingMethod: 'disabled',
  firewallProfileDomain: {
    '@odata.type': 'microsoft.graph.windowsFirewallNetworkProfile',
    firewallEnabled: 'blocked',
    stealthModeBlocked: true,
    incomingTrafficBlocked: true,
    unicastResponsesToMulticastBroadcastsBlocked: true,
    inboundNotificationsBlocked: true,
    authorizedApplicationRulesFromGroupPolicyMerged: true,
    globalPortRulesFromGroupPolicyMerged: true,
    connectionSecurityRulesFromGroupPolicyMerged: true,
    outboundConnectionsBlocked: true,
    inboundConnectionsBlocked: true,
    securedPacketExemptionAllowed: true,
    policyRulesFromGroupPolicyMerged: true
  },
  firewallProfilePublic: {
    '@odata.type': 'microsoft.graph.windowsFirewallNetworkProfile',
    firewallEnabled: 'blocked',
    stealthModeBlocked: true,
    incomingTrafficBlocked: true,
    unicastResponsesToMulticastBroadcastsBlocked: true,
    inboundNotificationsBlocked: true,
    authorizedApplicationRulesFromGroupPolicyMerged: true,
    globalPortRulesFromGroupPolicyMerged: true,
    connectionSecurityRulesFromGroupPolicyMerged: true,
    outboundConnectionsBlocked: true,
    inboundConnectionsBlocked: true,
    securedPacketExemptionAllowed: true,
    policyRulesFromGroupPolicyMerged: true
  },
  firewallProfilePrivate: {
    '@odata.type': 'microsoft.graph.windowsFirewallNetworkProfile',
    firewallEnabled: 'blocked',
    stealthModeBlocked: true,
    incomingTrafficBlocked: true,
    unicastResponsesToMulticastBroadcastsBlocked: true,
    inboundNotificationsBlocked: true,
    authorizedApplicationRulesFromGroupPolicyMerged: true,
    globalPortRulesFromGroupPolicyMerged: true,
    connectionSecurityRulesFromGroupPolicyMerged: true,
    outboundConnectionsBlocked: true,
    inboundConnectionsBlocked: true,
    securedPacketExemptionAllowed: true,
    policyRulesFromGroupPolicyMerged: true
  },
  defenderAttackSurfaceReductionExcludedPaths: [
    'Defender Attack Surface Reduction Excluded Paths value'
  ],
  defenderGuardedFoldersAllowedAppPaths: [
    'Defender Guarded Folders Allowed App Paths value'
  ],
  defenderAdditionalGuardedFolders: [
    'Defender Additional Guarded Folders value'
  ],
  defenderExploitProtectionXml: 'ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==',
  defenderExploitProtectionXmlFileName: 'Defender Exploit Protection Xml File Name value',
  defenderSecurityCenterBlockExploitProtectionOverride: true,
  appLockerApplicationControl: 'enforceComponentsAndStoreApps',
  smartScreenEnableInShell: true,
  smartScreenBlockOverrideForFiles: true,
  applicationGuardEnabled: true,
  applicationGuardBlockFileTransfer: 'blockImageAndTextFile',
  applicationGuardBlockNonEnterpriseContent: true,
  applicationGuardAllowPersistence: true,
  applicationGuardForceAuditing: true,
  applicationGuardBlockClipboardSharing: 'blockBoth',
  applicationGuardAllowPrintToPDF: true,
  applicationGuardAllowPrintToXPS: true,
  applicationGuardAllowPrintToLocalPrinters: true,
  applicationGuardAllowPrintToNetworkPrinters: true,
  bitLockerDisableWarningForOtherDiskEncryption: true,
  bitLockerEnableStorageCardEncryptionOnMobile: true,
  bitLockerEncryptDevice: true,
  bitLockerRemovableDrivePolicy: {
    '@odata.type': 'microsoft.graph.bitLockerRemovableDrivePolicy',
    encryptionMethod: 'aesCbc256',
    requireEncryptionForWriteAccess: true,
    blockCrossOrganizationWriteAccess: true
  }
};

await client.api('/deviceManagement/deviceConfigurations/{deviceConfigurationId}')
	.update(deviceConfiguration);

Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider, consulte a documentação do SDK.

PHP

<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\Windows10EndpointProtectionConfiguration;
use Microsoft\Graph\Generated\Models\WindowsFirewallNetworkProfile;
use Microsoft\Graph\Generated\Models\BitLockerRemovableDrivePolicy;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new Windows10EndpointProtectionConfiguration();
$requestBody->setOdataType('#microsoft.graph.windows10EndpointProtectionConfiguration');
$requestBody->setDescription('Description value');
$requestBody->setDisplayName('Display Name value');
$requestBody->setVersion(7);
$requestBody->setFirewallBlockStatefulFTP(true);
$requestBody->setFirewallIdleTimeoutForSecurityAssociationInSeconds(2);
$requestBody->setFirewallPreSharedKeyEncodingMethod(new FirewallPreSharedKeyEncodingMethodType('none'));
$requestBody->setFirewallIPSecExemptionsAllowNeighborDiscovery(true);
$requestBody->setFirewallIPSecExemptionsAllowICMP(true);
$requestBody->setFirewallIPSecExemptionsAllowRouterDiscovery(true);
$requestBody->setFirewallIPSecExemptionsAllowDHCP(true);
$requestBody->setFirewallCertificateRevocationListCheckMethod(new FirewallCertificateRevocationListCheckMethodType('none'));
$requestBody->setFirewallMergeKeyingModuleSettings(true);
$requestBody->setFirewallPacketQueueingMethod(new FirewallPacketQueueingMethodType('disabled'));
$firewallProfileDomain = new WindowsFirewallNetworkProfile();
$firewallProfileDomain->setOdataType('microsoft.graph.windowsFirewallNetworkProfile');
$firewallProfileDomain->setFirewallEnabled(new StateManagementSetting('blocked'));
$firewallProfileDomain->setStealthModeBlocked(true);
$firewallProfileDomain->setIncomingTrafficBlocked(true);
$firewallProfileDomain->setUnicastResponsesToMulticastBroadcastsBlocked(true);
$firewallProfileDomain->setInboundNotificationsBlocked(true);
$firewallProfileDomain->setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
$firewallProfileDomain->setGlobalPortRulesFromGroupPolicyMerged(true);
$firewallProfileDomain->setConnectionSecurityRulesFromGroupPolicyMerged(true);
$firewallProfileDomain->setOutboundConnectionsBlocked(true);
$firewallProfileDomain->setInboundConnectionsBlocked(true);
$firewallProfileDomain->setSecuredPacketExemptionAllowed(true);
$firewallProfileDomain->setPolicyRulesFromGroupPolicyMerged(true);
$requestBody->setFirewallProfileDomain($firewallProfileDomain);
$firewallProfilePublic = new WindowsFirewallNetworkProfile();
$firewallProfilePublic->setOdataType('microsoft.graph.windowsFirewallNetworkProfile');
$firewallProfilePublic->setFirewallEnabled(new StateManagementSetting('blocked'));
$firewallProfilePublic->setStealthModeBlocked(true);
$firewallProfilePublic->setIncomingTrafficBlocked(true);
$firewallProfilePublic->setUnicastResponsesToMulticastBroadcastsBlocked(true);
$firewallProfilePublic->setInboundNotificationsBlocked(true);
$firewallProfilePublic->setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
$firewallProfilePublic->setGlobalPortRulesFromGroupPolicyMerged(true);
$firewallProfilePublic->setConnectionSecurityRulesFromGroupPolicyMerged(true);
$firewallProfilePublic->setOutboundConnectionsBlocked(true);
$firewallProfilePublic->setInboundConnectionsBlocked(true);
$firewallProfilePublic->setSecuredPacketExemptionAllowed(true);
$firewallProfilePublic->setPolicyRulesFromGroupPolicyMerged(true);
$requestBody->setFirewallProfilePublic($firewallProfilePublic);
$firewallProfilePrivate = new WindowsFirewallNetworkProfile();
$firewallProfilePrivate->setOdataType('microsoft.graph.windowsFirewallNetworkProfile');
$firewallProfilePrivate->setFirewallEnabled(new StateManagementSetting('blocked'));
$firewallProfilePrivate->setStealthModeBlocked(true);
$firewallProfilePrivate->setIncomingTrafficBlocked(true);
$firewallProfilePrivate->setUnicastResponsesToMulticastBroadcastsBlocked(true);
$firewallProfilePrivate->setInboundNotificationsBlocked(true);
$firewallProfilePrivate->setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
$firewallProfilePrivate->setGlobalPortRulesFromGroupPolicyMerged(true);
$firewallProfilePrivate->setConnectionSecurityRulesFromGroupPolicyMerged(true);
$firewallProfilePrivate->setOutboundConnectionsBlocked(true);
$firewallProfilePrivate->setInboundConnectionsBlocked(true);
$firewallProfilePrivate->setSecuredPacketExemptionAllowed(true);
$firewallProfilePrivate->setPolicyRulesFromGroupPolicyMerged(true);
$requestBody->setFirewallProfilePrivate($firewallProfilePrivate);
$requestBody->setDefenderAttackSurfaceReductionExcludedPaths(['Defender Attack Surface Reduction Excluded Paths value', 	]);
$requestBody->setDefenderGuardedFoldersAllowedAppPaths(['Defender Guarded Folders Allowed App Paths value', 	]);
$requestBody->setDefenderAdditionalGuardedFolders(['Defender Additional Guarded Folders value', 	]);
$requestBody->setDefenderExploitProtectionXml(\GuzzleHttp\Psr7\Utils::streamFor(base64_decode('ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==')));
$requestBody->setDefenderExploitProtectionXmlFileName('Defender Exploit Protection Xml File Name value');
$requestBody->setDefenderSecurityCenterBlockExploitProtectionOverride(true);
$requestBody->setAppLockerApplicationControl(new AppLockerApplicationControlType('enforceComponentsAndStoreApps'));
$requestBody->setSmartScreenEnableInShell(true);
$requestBody->setSmartScreenBlockOverrideForFiles(true);
$requestBody->setApplicationGuardEnabled(true);
$requestBody->setApplicationGuardBlockFileTransfer(new ApplicationGuardBlockFileTransferType('blockImageAndTextFile'));
$requestBody->setApplicationGuardBlockNonEnterpriseContent(true);
$requestBody->setApplicationGuardAllowPersistence(true);
$requestBody->setApplicationGuardForceAuditing(true);
$requestBody->setApplicationGuardBlockClipboardSharing(new ApplicationGuardBlockClipboardSharingType('blockBoth'));
$requestBody->setApplicationGuardAllowPrintToPDF(true);
$requestBody->setApplicationGuardAllowPrintToXPS(true);
$requestBody->setApplicationGuardAllowPrintToLocalPrinters(true);
$requestBody->setApplicationGuardAllowPrintToNetworkPrinters(true);
$requestBody->setBitLockerDisableWarningForOtherDiskEncryption(true);
$requestBody->setBitLockerEnableStorageCardEncryptionOnMobile(true);
$requestBody->setBitLockerEncryptDevice(true);
$bitLockerRemovableDrivePolicy = new BitLockerRemovableDrivePolicy();
$bitLockerRemovableDrivePolicy->setOdataType('microsoft.graph.bitLockerRemovableDrivePolicy');
$bitLockerRemovableDrivePolicy->setEncryptionMethod(new BitLockerEncryptionMethod('aesCbc256'));
$bitLockerRemovableDrivePolicy->setRequireEncryptionForWriteAccess(true);
$bitLockerRemovableDrivePolicy->setBlockCrossOrganizationWriteAccess(true);
$requestBody->setBitLockerRemovableDrivePolicy($bitLockerRemovableDrivePolicy);

$result = $graphServiceClient->deviceManagement()->deviceConfigurations()->byDeviceConfigurationId('deviceConfiguration-id')->patch($requestBody)->wait();

Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider, consulte a documentação do SDK.

PowerShell

Import-Module Microsoft.Graph.DeviceManagement

$params = @{
	"@odata.type" = "#microsoft.graph.windows10EndpointProtectionConfiguration"
	description = "Description value"
	displayName = "Display Name value"
	version = 7
	firewallBlockStatefulFTP = $true
	firewallIdleTimeoutForSecurityAssociationInSeconds = 
	firewallPreSharedKeyEncodingMethod = "none"
	firewallIPSecExemptionsAllowNeighborDiscovery = $true
	firewallIPSecExemptionsAllowICMP = $true
	firewallIPSecExemptionsAllowRouterDiscovery = $true
	firewallIPSecExemptionsAllowDHCP = $true
	firewallCertificateRevocationListCheckMethod = "none"
	firewallMergeKeyingModuleSettings = $true
	firewallPacketQueueingMethod = "disabled"
	firewallProfileDomain = @{
		"@odata.type" = "microsoft.graph.windowsFirewallNetworkProfile"
		firewallEnabled = "blocked"
		stealthModeBlocked = $true
		incomingTrafficBlocked = $true
		unicastResponsesToMulticastBroadcastsBlocked = $true
		inboundNotificationsBlocked = $true
		authorizedApplicationRulesFromGroupPolicyMerged = $true
		globalPortRulesFromGroupPolicyMerged = $true
		connectionSecurityRulesFromGroupPolicyMerged = $true
		outboundConnectionsBlocked = $true
		inboundConnectionsBlocked = $true
		securedPacketExemptionAllowed = $true
		policyRulesFromGroupPolicyMerged = $true
	}
	firewallProfilePublic = @{
		"@odata.type" = "microsoft.graph.windowsFirewallNetworkProfile"
		firewallEnabled = "blocked"
		stealthModeBlocked = $true
		incomingTrafficBlocked = $true
		unicastResponsesToMulticastBroadcastsBlocked = $true
		inboundNotificationsBlocked = $true
		authorizedApplicationRulesFromGroupPolicyMerged = $true
		globalPortRulesFromGroupPolicyMerged = $true
		connectionSecurityRulesFromGroupPolicyMerged = $true
		outboundConnectionsBlocked = $true
		inboundConnectionsBlocked = $true
		securedPacketExemptionAllowed = $true
		policyRulesFromGroupPolicyMerged = $true
	}
	firewallProfilePrivate = @{
		"@odata.type" = "microsoft.graph.windowsFirewallNetworkProfile"
		firewallEnabled = "blocked"
		stealthModeBlocked = $true
		incomingTrafficBlocked = $true
		unicastResponsesToMulticastBroadcastsBlocked = $true
		inboundNotificationsBlocked = $true
		authorizedApplicationRulesFromGroupPolicyMerged = $true
		globalPortRulesFromGroupPolicyMerged = $true
		connectionSecurityRulesFromGroupPolicyMerged = $true
		outboundConnectionsBlocked = $true
		inboundConnectionsBlocked = $true
		securedPacketExemptionAllowed = $true
		policyRulesFromGroupPolicyMerged = $true
	}
	defenderAttackSurfaceReductionExcludedPaths = @(
	"Defender Attack Surface Reduction Excluded Paths value"
)
defenderGuardedFoldersAllowedAppPaths = @(
"Defender Guarded Folders Allowed App Paths value"
)
defenderAdditionalGuardedFolders = @(
"Defender Additional Guarded Folders value"
)
defenderExploitProtectionXml = "ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA=="
defenderExploitProtectionXmlFileName = "Defender Exploit Protection Xml File Name value"
defenderSecurityCenterBlockExploitProtectionOverride = $true
appLockerApplicationControl = "enforceComponentsAndStoreApps"
smartScreenEnableInShell = $true
smartScreenBlockOverrideForFiles = $true
applicationGuardEnabled = $true
applicationGuardBlockFileTransfer = "blockImageAndTextFile"
applicationGuardBlockNonEnterpriseContent = $true
applicationGuardAllowPersistence = $true
applicationGuardForceAuditing = $true
applicationGuardBlockClipboardSharing = "blockBoth"
applicationGuardAllowPrintToPDF = $true
applicationGuardAllowPrintToXPS = $true
applicationGuardAllowPrintToLocalPrinters = $true
applicationGuardAllowPrintToNetworkPrinters = $true
bitLockerDisableWarningForOtherDiskEncryption = $true
bitLockerEnableStorageCardEncryptionOnMobile = $true
bitLockerEncryptDevice = $true
bitLockerRemovableDrivePolicy = @{
"@odata.type" = "microsoft.graph.bitLockerRemovableDrivePolicy"
encryptionMethod = "aesCbc256"
requireEncryptionForWriteAccess = $true
blockCrossOrganizationWriteAccess = $true
}
}

Update-MgDeviceManagementDeviceConfiguration -DeviceConfigurationId $deviceConfigurationId -BodyParameter $params

Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider, consulte a documentação do SDK.

Python

from msgraph import GraphServiceClient
from msgraph.generated.models.windows10_endpoint_protection_configuration import Windows10EndpointProtectionConfiguration
from msgraph.generated.models.windows_firewall_network_profile import WindowsFirewallNetworkProfile
from msgraph.generated.models.bit_locker_removable_drive_policy import BitLockerRemovableDrivePolicy

graph_client = GraphServiceClient(credentials, scopes)

request_body = Windows10EndpointProtectionConfiguration(
	odata_type = "#microsoft.graph.windows10EndpointProtectionConfiguration",
	description = "Description value",
	display_name = "Display Name value",
	version = 7,
	firewall_block_stateful_f_t_p = True,
	firewall_idle_timeout_for_security_association_in_seconds = 2,
	firewall_pre_shared_key_encoding_method = FirewallPreSharedKeyEncodingMethodType.None,
	firewall_i_p_sec_exemptions_allow_neighbor_discovery = True,
	firewall_i_p_sec_exemptions_allow_i_c_m_p = True,
	firewall_i_p_sec_exemptions_allow_router_discovery = True,
	firewall_i_p_sec_exemptions_allow_d_h_c_p = True,
	firewall_certificate_revocation_list_check_method = FirewallCertificateRevocationListCheckMethodType.None,
	firewall_merge_keying_module_settings = True,
	firewall_packet_queueing_method = FirewallPacketQueueingMethodType.Disabled,
	firewall_profile_domain = WindowsFirewallNetworkProfile(
		odata_type = "microsoft.graph.windowsFirewallNetworkProfile",
		firewall_enabled = StateManagementSetting.Blocked,
		stealth_mode_blocked = True,
		incoming_traffic_blocked = True,
		unicast_responses_to_multicast_broadcasts_blocked = True,
		inbound_notifications_blocked = True,
		authorized_application_rules_from_group_policy_merged = True,
		global_port_rules_from_group_policy_merged = True,
		connection_security_rules_from_group_policy_merged = True,
		outbound_connections_blocked = True,
		inbound_connections_blocked = True,
		secured_packet_exemption_allowed = True,
		policy_rules_from_group_policy_merged = True,
	),
	firewall_profile_public = WindowsFirewallNetworkProfile(
		odata_type = "microsoft.graph.windowsFirewallNetworkProfile",
		firewall_enabled = StateManagementSetting.Blocked,
		stealth_mode_blocked = True,
		incoming_traffic_blocked = True,
		unicast_responses_to_multicast_broadcasts_blocked = True,
		inbound_notifications_blocked = True,
		authorized_application_rules_from_group_policy_merged = True,
		global_port_rules_from_group_policy_merged = True,
		connection_security_rules_from_group_policy_merged = True,
		outbound_connections_blocked = True,
		inbound_connections_blocked = True,
		secured_packet_exemption_allowed = True,
		policy_rules_from_group_policy_merged = True,
	),
	firewall_profile_private = WindowsFirewallNetworkProfile(
		odata_type = "microsoft.graph.windowsFirewallNetworkProfile",
		firewall_enabled = StateManagementSetting.Blocked,
		stealth_mode_blocked = True,
		incoming_traffic_blocked = True,
		unicast_responses_to_multicast_broadcasts_blocked = True,
		inbound_notifications_blocked = True,
		authorized_application_rules_from_group_policy_merged = True,
		global_port_rules_from_group_policy_merged = True,
		connection_security_rules_from_group_policy_merged = True,
		outbound_connections_blocked = True,
		inbound_connections_blocked = True,
		secured_packet_exemption_allowed = True,
		policy_rules_from_group_policy_merged = True,
	),
	defender_attack_surface_reduction_excluded_paths = [
		"Defender Attack Surface Reduction Excluded Paths value",
	],
	defender_guarded_folders_allowed_app_paths = [
		"Defender Guarded Folders Allowed App Paths value",
	],
	defender_additional_guarded_folders = [
		"Defender Additional Guarded Folders value",
	],
	defender_exploit_protection_xml = base64.urlsafe_b64decode("ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA=="),
	defender_exploit_protection_xml_file_name = "Defender Exploit Protection Xml File Name value",
	defender_security_center_block_exploit_protection_override = True,
	app_locker_application_control = AppLockerApplicationControlType.EnforceComponentsAndStoreApps,
	smart_screen_enable_in_shell = True,
	smart_screen_block_override_for_files = True,
	application_guard_enabled = True,
	application_guard_block_file_transfer = ApplicationGuardBlockFileTransferType.BlockImageAndTextFile,
	application_guard_block_non_enterprise_content = True,
	application_guard_allow_persistence = True,
	application_guard_force_auditing = True,
	application_guard_block_clipboard_sharing = ApplicationGuardBlockClipboardSharingType.BlockBoth,
	application_guard_allow_print_to_p_d_f = True,
	application_guard_allow_print_to_x_p_s = True,
	application_guard_allow_print_to_local_printers = True,
	application_guard_allow_print_to_network_printers = True,
	bit_locker_disable_warning_for_other_disk_encryption = True,
	bit_locker_enable_storage_card_encryption_on_mobile = True,
	bit_locker_encrypt_device = True,
	bit_locker_removable_drive_policy = BitLockerRemovableDrivePolicy(
		odata_type = "microsoft.graph.bitLockerRemovableDrivePolicy",
		encryption_method = BitLockerEncryptionMethod.AesCbc256,
		require_encryption_for_write_access = True,
		block_cross_organization_write_access = True,
	),
)

result = await graph_client.device_management.device_configurations.by_device_configuration_id('deviceConfiguration-id').patch(request_body)

Para obter detalhes sobre como adicionar o SDK ao seu projeto e criar uma instância authProvider, consulte a documentação do SDK.

Resposta

Veja a seguir um exemplo da resposta. Observação: o objeto response mostrado aqui pode estar truncado por motivos de concisão. Todas as propriedades serão retornadas de uma chamada real.

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 4417

{
  "@odata.type": "#microsoft.graph.windows10EndpointProtectionConfiguration",
  "id": "09709403-9403-0970-0394-700903947009",
  "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
  "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
  "description": "Description value",
  "displayName": "Display Name value",
  "version": 7,
  "firewallBlockStatefulFTP": true,
  "firewallIdleTimeoutForSecurityAssociationInSeconds": 2,
  "firewallPreSharedKeyEncodingMethod": "none",
  "firewallIPSecExemptionsAllowNeighborDiscovery": true,
  "firewallIPSecExemptionsAllowICMP": true,
  "firewallIPSecExemptionsAllowRouterDiscovery": true,
  "firewallIPSecExemptionsAllowDHCP": true,
  "firewallCertificateRevocationListCheckMethod": "none",
  "firewallMergeKeyingModuleSettings": true,
  "firewallPacketQueueingMethod": "disabled",
  "firewallProfileDomain": {
    "@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
    "firewallEnabled": "blocked",
    "stealthModeBlocked": true,
    "incomingTrafficBlocked": true,
    "unicastResponsesToMulticastBroadcastsBlocked": true,
    "inboundNotificationsBlocked": true,
    "authorizedApplicationRulesFromGroupPolicyMerged": true,
    "globalPortRulesFromGroupPolicyMerged": true,
    "connectionSecurityRulesFromGroupPolicyMerged": true,
    "outboundConnectionsBlocked": true,
    "inboundConnectionsBlocked": true,
    "securedPacketExemptionAllowed": true,
    "policyRulesFromGroupPolicyMerged": true
  },
  "firewallProfilePublic": {
    "@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
    "firewallEnabled": "blocked",
    "stealthModeBlocked": true,
    "incomingTrafficBlocked": true,
    "unicastResponsesToMulticastBroadcastsBlocked": true,
    "inboundNotificationsBlocked": true,
    "authorizedApplicationRulesFromGroupPolicyMerged": true,
    "globalPortRulesFromGroupPolicyMerged": true,
    "connectionSecurityRulesFromGroupPolicyMerged": true,
    "outboundConnectionsBlocked": true,
    "inboundConnectionsBlocked": true,
    "securedPacketExemptionAllowed": true,
    "policyRulesFromGroupPolicyMerged": true
  },
  "firewallProfilePrivate": {
    "@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
    "firewallEnabled": "blocked",
    "stealthModeBlocked": true,
    "incomingTrafficBlocked": true,
    "unicastResponsesToMulticastBroadcastsBlocked": true,
    "inboundNotificationsBlocked": true,
    "authorizedApplicationRulesFromGroupPolicyMerged": true,
    "globalPortRulesFromGroupPolicyMerged": true,
    "connectionSecurityRulesFromGroupPolicyMerged": true,
    "outboundConnectionsBlocked": true,
    "inboundConnectionsBlocked": true,
    "securedPacketExemptionAllowed": true,
    "policyRulesFromGroupPolicyMerged": true
  },
  "defenderAttackSurfaceReductionExcludedPaths": [
    "Defender Attack Surface Reduction Excluded Paths value"
  ],
  "defenderGuardedFoldersAllowedAppPaths": [
    "Defender Guarded Folders Allowed App Paths value"
  ],
  "defenderAdditionalGuardedFolders": [
    "Defender Additional Guarded Folders value"
  ],
  "defenderExploitProtectionXml": "ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==",
  "defenderExploitProtectionXmlFileName": "Defender Exploit Protection Xml File Name value",
  "defenderSecurityCenterBlockExploitProtectionOverride": true,
  "appLockerApplicationControl": "enforceComponentsAndStoreApps",
  "smartScreenEnableInShell": true,
  "smartScreenBlockOverrideForFiles": true,
  "applicationGuardEnabled": true,
  "applicationGuardBlockFileTransfer": "blockImageAndTextFile",
  "applicationGuardBlockNonEnterpriseContent": true,
  "applicationGuardAllowPersistence": true,
  "applicationGuardForceAuditing": true,
  "applicationGuardBlockClipboardSharing": "blockBoth",
  "applicationGuardAllowPrintToPDF": true,
  "applicationGuardAllowPrintToXPS": true,
  "applicationGuardAllowPrintToLocalPrinters": true,
  "applicationGuardAllowPrintToNetworkPrinters": true,
  "bitLockerDisableWarningForOtherDiskEncryption": true,
  "bitLockerEnableStorageCardEncryptionOnMobile": true,
  "bitLockerEncryptDevice": true,
  "bitLockerRemovableDrivePolicy": {
    "@odata.type": "microsoft.graph.bitLockerRemovableDrivePolicy",
    "encryptionMethod": "aesCbc256",
    "requireEncryptionForWriteAccess": true,
    "blockCrossOrganizationWriteAccess": true
  }
}