Issue with Web Content Filtering – Indicators Not Working

Question

Hello,

I'm trying to set up site blocking using Web Content Filtering. After enabling all the necessary components in Advanced Features in security center:

Web Content Filtering

And configuring the following components in the system (via Intune):

SmartScreen for apps and files

Allow Behavior Monitoring = Allowed (Enables real-time behavior monitoring)

Allow Cloud Protection = Allowed (Enables Cloud Protection)

The "Web-based Email" blocking policy works as expected. However, it also blocks outlook.com, so I added an exception in Indicators. Additionally, I added youtube.com and tiktok.com to the blocked sites for testing.

The issue is that Web Content Filtering works, but the Indicators do not seem to take effect.

Checked the requirements

https://learn.microsoft.com/en-us/defender-endpoint/indicator-ip-domain

Microsoft Defender Antivirus version requirements

1. Your organization uses Microsoft Defender Antivirus. Microsoft Defender Antivirus must be in active mode for non-Microsoft browsers. With Microsoft browsers, like Microsoft Edge, Microsoft Defender Antivirus can be in active or passive mode.
2. Behavior Monitoring is enabled.
3. Cloud-based protection is turned on.
4. Cloud Protection network connectivity is turned on.
5. The anti-malware client version must be 4.18.1906.x or later. See Monthly platform and engine versions.
6. Behavior Monitoring is enabled

3. Cloud-based protection is turned on.

Changed 1 to 3 (SendAllSamples)

4. Cloud Protection network connectivity is turned on.

5. The anti-malware client version must be 4.18.1906.x or later

Could you please advise what might be causing this issue and how I can debug it?

Thank you.