Policy
Configure how aggressively Remote Encryption Protection blocks threats
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, WindowsServer2016
Set the criteria for when remote encryption preventionprotection blocks IP addresses. Supported settings: *0 - Low: Block only when confidence level is 100% (Default) *1 - Medium: Use cloud aggregation and block when confidence level is above 99% *2 - High: Use cloud intel and context, and block when confidence level is above 90%
Internal name
Remediation_BNB_REP_RemoteEncryptionProtection_Aggressiveness
Policy ID
99120d3920ad
Elements
1
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Element | Type | Registry mapping | Constraints & behavior |
|---|---|---|---|
Specify how aggressively Remote Encryption Protection blocks threats ID Remediation_BNB_REP_RemoteEncryptionProtection_Aggressiveness | enum | HKLM\Software\Policies\Microsoft\Windows Defender\Remediation\Behavioral Network Blocks\Remote Encryption Protection\RemoteEncryptionProtectionAggressiveness Type REG_DWORD | Options: Low (0), Medium (1), High (2) |
Other policies in this category
Explore related policies at the same level.
- ComputerConfigure Remote Encryption Protection blocking timeAt least Windows Server 2016, Windows 10 Version 1607
- ComputerConfigure Remote Encryption Protection ModeAt least Windows Server 2016, Windows 10 Version 1607
- ComputerSet exclusions from Remote Encryption ProtectionAt least Windows Server 2016, Windows 10 Version 1607