ASD's Blueprint for Secure Cloud

ASD Edge Hardening Guidelines

This section describes the configuration of device configuration profiles within Microsoft Intune associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

Estimated reading time: 2 minutes

Basics

ItemValue
NameASD Edge Hardening Guidelines
Description
PlatformWindows 10 and later

Assignments

Included groups

ItemValue
GroupsAll devices

Excluded groups

None

Scope tags

ItemValue
Scope tagsDefault

Configuration settings

Defender

ItemValue
Enable Network ProtectionEnabled (block mode)

Microsoft Edge

ItemValue
Ads setting for sites with intrusive adsEnabled
- Ads setting for sites with intrusive ads (Device)Block ads on sites with intrusive ads
Allow download restrictionsEnabled
- Download restrictions (Device)Block potentially dangerous downloads
Configure Do Not TrackEnabled
Control the mode of DNS-over-HTTPSEnabled
- Control the mode of DNS-over-HTTPS (Device)Disable DNS-over-HTTPS
Control where developer tools can be usedEnabled
- Control where developer tools can be used (Device)Don’t allow using the developer tools
DNS interception checks enabledDisabled
Content settings
Default pop-up window settingEnabled
- Default pop-up window setting (Device)Enabled
Password manager and protection
Enable saving passwords to the password managerDisabled
SmartScreen settings
Configure Microsoft Defender SmartScreenEnabled
Prevent bypassing Microsoft Defender SmartScreen prompts for sitesEnabled
Prevent bypassing of Microsoft Defender SmartScreen warnings about downloadsEnabled

Security & Governance

  • None identified

Design

  • None identified

Configuration

  • None identified

References

  • None identified

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at blueprint@asd.gov.au

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra