Content filters are used almost in every organization. The function of a content filter is to block websites or files. These sites or files may be malicious or it’s in the company policy to restrict access to for example gambling sites on corporate devices. Content filters were mainly deployed at the end of the organizations perimeter. Almost every firewall has the ability to filter content. Users working from home aren’t routing their network through these firewall so these filters won’t apply. Microsoft has the web content filtering feature currently in public preview. This feature will allow administrators to restrict access to certain categories and also get control on users internet behaviour.
Note that all traffic is being audited automatically. Users need to be aware of all the aspects that is being monitored. The company policy should state the acceptable use policy. It should also state that all of their internet traffic is being audited on company devices.
Requirements
You will need to meet the following requirements:
- Windows 10 Enterprise E5, Microsoft 365 E5, Microsoft 365 E5 Security, Microsoft 365 E3 + Microsoft 365 E5 Security add-on or the Microsoft Defender for Endpoint standalone license.
- Devices running Windows 10 Anniversary Update (version 1607) or later with the latest MoCAMP update.
- Windows Defender SmartScreen and Network protection enabled.
Configuration
Web content filtering is currently in public preview. Activate preview features to be able to activate web content filtering.
This will enable the option to activate web content filtering
Create a policy
Web content filtering policies can be added at the settings menu
Give your policy a name and select the categories you would like to block. It’s possible to scope this policy to device groups. You may want to allow streaming media & downloads for endpoints but block these for servers.
Exclusions
It’s possible to create exclusions based on URL’s. Navigate to Settings –> Indicators
Add URL’s or domain names to exclude them from the policy. Set “Allow” as action during the configuration.
User behaviour
Web content filtering will work on almost all modern browsers using SmartScreen and Network Protection.
This URL is available after adding it to the indicators list.
Reports
Reports are located under Reports –> Web protection
You can find information about:
- Web threat detections over time
- Web activity by category
- Web activity summary
- Web content filtering blocks
- Web threat summary