Microsoft Defender for Business is now in preview, and will roll out gradually to customers and IT Partners who sign-up here to request it. We will onboard an initial set of customers and partners in the coming weeks and will expand the preview leading up to general availability. Note that preview will launch with an initial set of scenarios, and we will be adding capabilities regularly.
Some information in this article relates to prereleased products/services that might be substantially modified before they are commercially released. Microsoft makes no warranties, express or implied, for the information provided here.
Microsoft Defender for Business (preview) includes default policies that use recommended settings to protect your company’s devices from day one. For example, you have Next-generation protection policies and Firewall policies that are built in using recommended security settings. But you’re not limited to your default policies. You can create new policies, too, as described in this article.
If you want to edit an existing policy, see View or edit policies in Microsoft Defender for Business (preview).
Create a new policy
- Go to the Microsoft 365 Defender portal (https://security.microsoft.com), and sign in.
- In the navigation pane, choose Device configuration. Policies are organized by operating system (such as Windows client) and policy type (such as Next-generation protection and Firewall).
- Select an operating system tab (for example, Windows clients), and then review the list of Next-generation protection policies.
- Under Next-generation protection or Firewall, select + Add.
- On the General information tab, take the following steps:
- Specify a name and description. This information will help you and your team identify the policy later on.
- Review the policy order, and edit it if necessary. (For more information, see Policy order.)
- Choose Next.
- On the Device groups tab, either create a new device group, or use an existing group. Policies are assigned to devices through device groups. Here are some things to keep in mind:
- Initially, you might only have your default device group, which includes the devices people in your company are using to access company data and email. You can keep and use your default device group.
- Create a new device group to apply a policy with specific settings that are different from the default policy.
- When you set up your device group, you specify certain criteria, such as the operating system version. Devices that meet the criteria are included in that device group, unless you exclude them.
- All device groups, including the default and custom device groups that you define, are stored in Azure Active Directory (Azure AD).
To learn more about device groups, see Device groups in Defender for Business (preview).
- On the Configuration settings tab, specify the settings for your policy, and then choose Next. For more information about the individual settings, see Configuration settings for Microsoft Defender for Business (preview).
- On the Review your policy tab, review the general information, targeted devices, and configuration settings.
- Make any needed changes by selecting Edit.
- When you’re ready to proceed, choose Create policy.