Policy

Configure how aggressively Remote Encryption Protection blocks threats

Microsoft Windows

Back to Remote Encryption ProtectionBack to main
Configure how aggressively Remote Encryption Protection blocks threats
Jump to overview

Policy overview

Key metadata and intent for this policy.

Computer
Category
Windows Components > Microsoft Defender Antivirus > Remediation > Behavioral Network Blocks > Remote Encryption Protection
Supported on
At least Windows Server 2016, Windows 10 Version 1607

Supported OS tags: Windows10, Windows10RT, Windows11, WindowsServer2016

Set the criteria for when remote encryption preventionprotection blocks IP addresses. Supported settings: *0 - Low: Block only when confidence level is 100% (Default) *1 - Medium: Use cloud aggregation and block when confidence level is above 99% *2 - High: Use cloud intel and context, and block when confidence level is above 90%

Internal name
Remediation_BNB_REP_RemoteEncryptionProtection_Aggressiveness
Policy ID
99120d3920ad
Elements
1

Registry values

How enabled and disabled states update the registry.

No explicit registry values are set for enabled or disabled states.

Policy elements

Inputs and configuration options exposed by this policy.

ScopeElementTypeRegistry mappingConstraints & behaviorCopy
Computer
Specify how aggressively Remote Encryption Protection blocks threats
ID Remediation_BNB_REP_RemoteEncryptionProtection_Aggressiveness
enum
Path
Software\Policies\Microsoft\Windows Defender\Remediation\Behavioral Network Blocks\Remote Encryption Protection
Value name
RemoteEncryptionProtectionAggressiveness
Type
REG_DWORD
Options: Low (0), Medium (1), High (2)
Specify how aggressively Remote Encryption Protection blocks threats
Computer · Type enum
Registry mapping
Path
Software\Policies\Microsoft\Windows Defender\Remediation\Behavioral Network Blocks\Remote Encryption Protection
Value name
RemoteEncryptionProtectionAggressiveness
Type
REG_DWORD
Details
Options: Low (0), Medium (1), High (2)