From 1b13821c16b9ce0a525d06b0ca0bee461beb764c Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Sun, 29 Oct 2023 02:32:39 +0530 Subject: [PATCH 1/5] Update Set-MpPreference.md Updated DisableNetworkProtectionPerfTelemetry, DisableSmtpParsing, IntelTDTEnabled and ThrottleForScheduledScanOnly Fixes https://github.com/MicrosoftDocs/windows-powershell-docs/issues/3504 Fixes https://github.com/MicrosoftDocs/windows-powershell-docs/issues/3505 Fixes https://github.com/MicrosoftDocs/windows-powershell-docs/issues/3506 Fixes https://github.com/MicrosoftDocs/windows-powershell-docs/issues/3508 --- .../defender/Set-MpPreference.md | 82 ++++++++++++++++++- 1 file changed, 81 insertions(+), 1 deletion(-) diff --git a/docset/winserver2022-ps/defender/Set-MpPreference.md b/docset/winserver2022-ps/defender/Set-MpPreference.md index 050b94e09e..18d7c3733e 100644 --- a/docset/winserver2022-ps/defender/Set-MpPreference.md +++ b/docset/winserver2022-ps/defender/Set-MpPreference.md @@ -19,6 +19,7 @@ Configures preferences for Windows Defender scans and updates. ```powershell Set-MpPreference [-ExclusionPath ] [-ExclusionExtension ] [-ExclusionProcess ] [-ExclusionIpAddress ] [-RealTimeScanDirection ] + [-IntelTDTEnabled ] [-QuarantinePurgeItemsAfterDelay ] [-RemediationScheduleDay ] [-RemediationScheduleTime ] [-ReportingAdditionalActionTimeOut ] [-ReportingCriticalFailureTimeOut ] [-ReportingNonCriticalTimeOut ] @@ -57,8 +58,9 @@ Set-MpPreference [-ExclusionPath ] [-ExclusionExtension ] [- [-ProxyServer ] [-ProxyBypass ] [-ForceUseProxyOnly ] [-OobeEnableRtpAndSigUpdate ] [-DisableTlsParsing ] [-DisableHttpParsing ] [-DisableDnsParsing ] - [-DisableFtpParsing ] + [-DisableFtpParsing ] [-DisableSmtpParsing ] [-DisableDnsOverTcpParsing ] [-DisableSshParsing ] + [-DisableNetworkProtectionPerfTelemetry ] [-PlatformUpdatesChannel ] [-EngineUpdatesChannel ] [-SignaturesUpdatesChannel ] [-DisableGradualRelease ] [-AllowNetworkProtectionDownLevel ] [-AllowDatagramProcessingOnWinServer ] @@ -613,6 +615,24 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -DisableNetworkProtectionPerfTelemetry +This setting disables the gathering and send of performance telemetry from Network Protection. +The accepted values are 0 and 1 +1- Network protection telemetry is disabled. +0 (Default)- Network protection telemetry is enabled. + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: dnpp + +Required: False +Position: Named +Default value: 0 +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -DisablePrivacyMode **This is a legacy setting that does not have any affect on current platforms**. The intent of this parameter was to disable privacy mode, which prevented users, other than administrators, from displaying threat history. When this parameter was in use, if you specified a value of $False or did not specify a value, privacy mode was enabled. @@ -754,6 +774,24 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -DisableSmtpParsing +This setting disables SMTP Parsing for Network Protection. +The accepted values are 0 and 1 +1- SMTP parsing is disabled. +0 (Default)- SMTP parsing is enabled. + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: dsp + +Required: False +Position: Named +Default value: 0 +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -DisableTlsParsing Specifies whether to disable inspection of TLS traffic. Network protection inspects TLS traffic (also known as HTTPS traffic) to see if a connection is being made to a malicious website, and to provide metadata to behavior monitoring. TLS connections to malicious websites can also be blocked if "-EnableNetworkProtection" is set to enabled. HTTP inspection can be disabled by setting this value to "$true". By default, network protection inspects TLS traffic. @@ -1002,6 +1040,27 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -IntelTDTEnabled +This policy setting configures the Intel TDT integration level for Intel TDT-capable devices. +The acceptable values for this parameter are: + +- 0 (Default) - If you don't configure this setting, the default value will be applied. The default value is controlled by Microsoft security intelligence updates. Microsoft will enable Intel TDT if there is a known threat. +- 1 - If you configure this setting to enabled, Intel TDT integration will turn on. +- 2 - If you configure this setting to disabled, Intel TDT integration will turn off. + +```yaml +Type: UInt32 +Parameter Sets: (All) +Aliases: itdte +Accepted values: 0,1 and 2 + +Required: False +Position: Named +Default value: 0 +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -LowThreatDefaultAction Specifies which automatic remediation action to take for a low level threat. The acceptable values for this parameter are: @@ -1884,6 +1943,27 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -ThrottleForScheduledScanOnly +A CPU usage limit can be applied to scheduled scans only, or to scheduled and custom scans. The default value applies a CPU usage limit to scheduled scans only. +The acceptable values for this parameter are: + +1 (Default) - If you enable this setting, CPU throttling will apply only to scheduled scans. +0- If you disable this setting, CPU throttling will apply to scheduled and custom scans. + + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: 1 +Accept pipeline input: False +Accept wildcard characters: False +``` + + ### -UILockdown Indicates whether to disable UI lockdown mode. If you specify a value of $True, Windows Defender disables UI lockdown mode. From 441489660d80ac9a51de7beb359171c4f03023ad Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Mon, 30 Oct 2023 14:28:32 +0530 Subject: [PATCH 2/5] Update docset/winserver2022-ps/defender/Set-MpPreference.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- docset/winserver2022-ps/defender/Set-MpPreference.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/docset/winserver2022-ps/defender/Set-MpPreference.md b/docset/winserver2022-ps/defender/Set-MpPreference.md index 18d7c3733e..f347e94215 100644 --- a/docset/winserver2022-ps/defender/Set-MpPreference.md +++ b/docset/winserver2022-ps/defender/Set-MpPreference.md @@ -1946,10 +1946,8 @@ Accept wildcard characters: False ### -ThrottleForScheduledScanOnly A CPU usage limit can be applied to scheduled scans only, or to scheduled and custom scans. The default value applies a CPU usage limit to scheduled scans only. The acceptable values for this parameter are: - -1 (Default) - If you enable this setting, CPU throttling will apply only to scheduled scans. -0- If you disable this setting, CPU throttling will apply to scheduled and custom scans. - +- 1 (Default) - If you enable this setting, CPU throttling will apply only to scheduled scans. +- 0 - If you disable this setting, CPU throttling will apply to scheduled and custom scans. ```yaml Type: Boolean From b7f4b78a865492f7681a6803d0a8e391fdd15344 Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Mon, 30 Oct 2023 14:28:52 +0530 Subject: [PATCH 3/5] Update docset/winserver2022-ps/defender/Set-MpPreference.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- docset/winserver2022-ps/defender/Set-MpPreference.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docset/winserver2022-ps/defender/Set-MpPreference.md b/docset/winserver2022-ps/defender/Set-MpPreference.md index f347e94215..17216a1f38 100644 --- a/docset/winserver2022-ps/defender/Set-MpPreference.md +++ b/docset/winserver2022-ps/defender/Set-MpPreference.md @@ -616,10 +616,10 @@ Accept wildcard characters: False ``` ### -DisableNetworkProtectionPerfTelemetry -This setting disables the gathering and send of performance telemetry from Network Protection. -The accepted values are 0 and 1 -1- Network protection telemetry is disabled. -0 (Default)- Network protection telemetry is enabled. +This setting disables the gathering and sending of performance telemetry from network protection. +The accepted values are 0 and 1. +- 1- Network protection telemetry is disabled. +- 0 (Default) - Network protection telemetry is enabled. ```yaml Type: Boolean From 4b319699c3c7450a9c567bf882ad624eec267996 Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Mon, 30 Oct 2023 14:29:00 +0530 Subject: [PATCH 4/5] Update docset/winserver2022-ps/defender/Set-MpPreference.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- docset/winserver2022-ps/defender/Set-MpPreference.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docset/winserver2022-ps/defender/Set-MpPreference.md b/docset/winserver2022-ps/defender/Set-MpPreference.md index 17216a1f38..54e8ce7aa5 100644 --- a/docset/winserver2022-ps/defender/Set-MpPreference.md +++ b/docset/winserver2022-ps/defender/Set-MpPreference.md @@ -775,10 +775,10 @@ Accept wildcard characters: False ``` ### -DisableSmtpParsing -This setting disables SMTP Parsing for Network Protection. -The accepted values are 0 and 1 -1- SMTP parsing is disabled. -0 (Default)- SMTP parsing is enabled. +This setting disables SMTP parsing for network protection. +The accepted values are 0 and 1. +- 1 - SMTP parsing is disabled. +- 0 (Default) - SMTP parsing is enabled. ```yaml Type: Boolean From 19140d6d43711695c90426c44e6c6b8fbf04848e Mon Sep 17 00:00:00 2001 From: Sriraman M S <45987684+msbemba@users.noreply.github.com> Date: Mon, 30 Oct 2023 14:29:30 +0530 Subject: [PATCH 5/5] Update docset/winserver2022-ps/defender/Set-MpPreference.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- docset/winserver2022-ps/defender/Set-MpPreference.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docset/winserver2022-ps/defender/Set-MpPreference.md b/docset/winserver2022-ps/defender/Set-MpPreference.md index 54e8ce7aa5..26c5c9b90f 100644 --- a/docset/winserver2022-ps/defender/Set-MpPreference.md +++ b/docset/winserver2022-ps/defender/Set-MpPreference.md @@ -1043,7 +1043,6 @@ Accept wildcard characters: False ### -IntelTDTEnabled This policy setting configures the Intel TDT integration level for Intel TDT-capable devices. The acceptable values for this parameter are: - - 0 (Default) - If you don't configure this setting, the default value will be applied. The default value is controlled by Microsoft security intelligence updates. Microsoft will enable Intel TDT if there is a known threat. - 1 - If you configure this setting to enabled, Intel TDT integration will turn on. - 2 - If you configure this setting to disabled, Intel TDT integration will turn off.