Category: At least Windows Server 2012, Windows 8 or Windows RT

This policy setting configures a local override for the configuration of network protection against exploits of known vulnerabilities. This setting can only be set by Group Policy. If you enable this setting the local preference setting will take priority over Group Policy. If you disable or do not configure this setting Group Policy will take priority over the local preference setting.

This policy setting allows you to configure Information Protection Control (IPC). If you enable this setting IPC will be enabled. If you disable or do not configure this setting IPC will be disabled.

This policy setting allows you to configure network protection against exploits of known vulnerabilities. If you enable or do not configure this setting the network protection will be enabled. If you disable this setting the network protection will be disabled.

This policy setting allows you to configure scanning for all downloaded files and attachments. If you enable or do not configure this setting scanning for all downloaded files and attachments will be enabled. If you disable this setting scanning for all downloaded files and attachments will be disabled.

This policy setting allows you to configure monitoring for file and program activity. If you enable or do not configure this setting monitoring for file and program activity will be enabled. If you disable this setting monitoring for file and program activity will be disabled.

This policy setting controls whether raw volume write notifications are sent to behavior monitoring. If you enable or do not configure this setting raw write notifications will be enabled. If you disable this setting raw write notifications be disabled.

This policy setting limits the rate at which detection events for network protection against exploits of known vulnerabilities will be logged. Logging will be limited to not more often than one event per the defined interval. The interval value is defined in minutes. The default interval is 60 minutes. If you enable this setting detection events will not be logged if there is more than one similar report (by definition GUID) in the specified number of minutes. If you disable or do not configure this setting detection events will be logged at the default rate.

This policy if defined will prevent network protection against exploits of known vulnerabilities from inspecting the specified IP addresses. IP addresses should be added under the Options for this setting. Each entry must be listed as a name value pair where the name should be a string representation of an IP address range. As an example a range might be defined as: 157. 1. 45. 123-60. 1. 1. 1. The value is not used and it is recommended that this be set to 0.

This policy setting defines a list of TCP port numbers from which network traffic inspection will be disabled. Port numbers should be added under the Options for this setting. Each entry must be listed as a name value pair where the name should be a string representation of a TCP port number. As an example a range might be defined as: 8080. The value is not used and it is recommended that this be set to 0.

This policy setting defines processes from which outbound network traffic will not be inspected. Process names should be added under the Options for this setting. Each entry must be listed as a name value pair where the name should be a string representation of a process path and name. As an example a process might be defined as: “C: -> Windows -> System32 -> App. exe” . The value is not used and it is recommended that this be set to 0.