Ensure 'Prevent users and apps from accessing dangerous websites' is set to 'Enabled: Block'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


This policy setting controls Microsoft Defender Exploit Guard network protection.

The recommended state for this setting is: Enabled: Block.


This setting can help prevent employees from using any application to access dangerous domains that may host phishing scams, exploit-hosting sites, and other malicious content on the Internet.


Users and applications will not be able to access dangerous domains.


To establish the recommended configuration via GP, set the following UI path to Enabled: Block:

Computer Configuration\Policies\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network Protection\Prevent users and apps from accessing dangerous websites

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template WindowsDefender.admx/adml that is included with the Microsoft Windows 10 Release 1709 Administrative Templates (or newer).

Default Value:

Disabled. (Users and applications will not be blocked from connecting to dangerous domains.)

See Also