Share via

Issue with Web Content Filtering – Indicators Not Working

Mountain Pond 1,506 Reputation points
2025-01-18T01:27:17.23+00:00

Hello,

I'm trying to set up site blocking using Web Content Filtering. After enabling all the necessary components in Advanced Features in security center:

Web Content Filtering

And configuring the following components in the system (via Intune):

SmartScreen for apps and files

Allow Behavior Monitoring = Allowed (Enables real-time behavior monitoring)

Allow Cloud Protection = Allowed (Enables Cloud Protection)

msedge_GLNzkBWhEs

msedge_e9ZVZ06WOH

The "Web-based Email" blocking policy works as expected. However, it also blocks outlook.com, so I added an exception in Indicators. Additionally, I added youtube.com and tiktok.com to the blocked sites for testing.

msedge_VgiGDvIXi1

msedge_vPgKkjaMSm

vmconnect_wQ71XaJzUI

The issue is that Web Content Filtering works, but the Indicators do not seem to take effect.

Checked the requirements

https://learn.microsoft.com/en-us/defender-endpoint/indicator-ip-domain

Microsoft Defender Antivirus version requirements

  1. Your organization uses Microsoft Defender Antivirus. Microsoft Defender Antivirus must be in active mode for non-Microsoft browsers. With Microsoft browsers, like Microsoft Edge, Microsoft Defender Antivirus can be in active or passive mode.
  2. Behavior Monitoring is enabled.
  3. Cloud-based protection is turned on.
  4. Cloud Protection network connectivity is turned on.
  5. The anti-malware client version must be 4.18.1906.x or later. See Monthly platform and engine versions.
  6. Behavior Monitoring is enabled

User's image

  1. Cloud-based protection is turned on.

User's image

Changed 1 to 3 (SendAllSamples)

  1. Cloud Protection network connectivity is turned on.

User's image

  1. The anti-malware client version must be 4.18.1906.x or later

User's image

Could you please advise what might be causing this issue and how I can debug it?

Thank you.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
5,769 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
10,809 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
467 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,569 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Mountain Pond 1,506 Reputation points
    2025-01-28T10:52:59.9+00:00

    Hi, @Catherine Kyalo

    The problem was solved very easily :)

    As far as I remember, I included in the Setting - Endpoint - Advanced Feature - Custom network indicators. But as it turned out, it was disabled. I just turned it on and everything worked, which is quite logical.

    And very stupid of me. However, I don’t understand why Microsoft doesn’t warn and doesn’t enable all available features by default.

    msedge_v9e1GTjAeV

    0 comments
  2. Harshitha Veeramalla 166 Reputation points Microsoft Vendor
    2025-02-05T10:03:47.59+00:00

    Hi @Mountain Pond

    I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to accept the answer.

    Solution :

    As far as I remember, I included in the Setting - Endpoint - Advanced Feature - Custom network indicators. But as it turned out, it was disabled. I just turned it on and everything worked, which is quite logical.

    And very stupid of me. However, I don’t understand why Microsoft doesn’t warn and doesn’t enable all available features by default.

    msedge_v9e1GTjAeV

    If the answer is helpful, please click Accept Answer and kindly upvote it so that other people who faces similar issue may get benefitted from it.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.