Policy

This settings controls whether Network Protection is allowed to be configured into block or audit mode on Windows Server.

Microsoft Windows

Back to Network ProtectionBack to main
This settings controls whether Network Protection is allowed to be configured into block or audit mode on Windows Server.
Jump to overview

Policy overview

Key metadata and intent for this policy.

Computer
Category
Windows Components > Microsoft Defender Antivirus > Microsoft Defender Exploit Guard > Network Protection
Supported on
At least Windows Server 2016, Windows 10 Version 1709

Supported OS tags: Windows10, Windows10RT, Windows11, WindowsServer2016

Disabled (Default): If Not Configured or Disabled, network protection is not allowed to be configured into block or audit mode on Windows Server. Enabled: If Enabled, administrators can control whether Network Protection is allowed to be configured into block or audit mode on Windows Server. Note, that this configuration is dependent on the EnableNetworkProtection configuration. If this configuration is false, EnableNetworkProtection will be ignored, otherwise network protection will start on Windows Server depending on the value of EnableNetworkProtection.

Internal name
AllowNetworkProtectionOnWinServer
Policy ID
f411519a9a88
Elements
0

Registry values

How enabled and disabled states update the registry.

ScopeRegistry locationTypeEnabled valueDisabled valueCopy
Computer
Path
Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection
Value name
AllowNetworkProtectionOnWinServer
REG_DWORD
HKLM
1
HKLM
0
Registry location
Type REG_DWORD · Computer
Path
Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection
Value name
AllowNetworkProtectionOnWinServer
Hive
HKLM
Enabled value
1
Disabled value
0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.