I'm looking to establish a setup where servers can only browse approved websites, essentially implementing an allowlist, and I want this allowlist to be managed centrally. Is it possible to achieve this with Microsoft Defender for Endpoint?
2 Answers
Unfortunately, you can't do a strict allowlist-only browsing with Microsoft Defender for Endpoint. While it has some web content filtering features, it doesn't support a deny by default approach where everything is blocked except for the allowed sites. You might have some luck trying to enforce it through the local firewall, but that could get pretty complicated.
Have you thought about managing the allowlist at your edge firewall instead? It might be a more efficient solution compared to trying to handle it solely with Defender for Endpoint.
I considered that option, but the need for central management in our setup rules it out.