Menu
A proxy URL to use for creating HTTPS connections outside the cluster. If this is not specified, then httpProxy is used for both HTTP and HTTPS connections. The URL scheme must be http; https is currently not supported. 3: A comma-separated list of destination domain names, domains, IP addresses or other network CIDRs to exclude proxying. NMac Ked MacProxy provides system-wide network proxy support for the Mac. It forwards network traffic from applications that do not support proxies and avoids. MacProxy provides system-wide network proxy support for the Mac. MacProxy provides system-wide network proxy support for the Mac. It forwards network traffic from applications that do not support proxies and avoids complex setup for applications that do. MacProxy allows you to surf the Internet from behind a firewall, connect securely when using public Wi-Fi net.
- Mac Proxy 3 0 4 – System Wide Network Proxy Support Phone Number
- Mac Proxy 3 0 4 – System Wide Network Proxy Supported
- Mac Proxy 3 0 4 – System Wide Network Proxy Supports
- For example: 10.0.0.6:8080. The registry value DisableEnterpriseAuthProxy should be set to 1. Configure the proxy server manually using netsh command. Use netsh to configure a system-wide static proxy.
- MacProxy for Mac OS v.1.1.1 Provides system-wide network proxy support for the Mac, including for applications without proxy support. Avoid proxy setup for each application, just enable MacProxy and your Macs network connections are forwarded to a proxy. MacProxy allows you to. NI Mail Agent v.4.7.0.1 The program for email mass sending with.
Important
Welcome to Microsoft Defender for Endpoint, the new name for Microsoft Defender Advanced Threat Protection. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future.
Applies to:
Want to experience Microsoft Defender ATP? Sign up for a free trial.
The Microsoft Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Microsoft Defender ATP service.
The embedded Microsoft Defender ATP sensor runs in system context using the LocalSystem account. The sensor uses Microsoft Windows HTTP Services (WinHTTP) to enable communication with the Microsoft Defender ATP cloud service.
Tip
For organizations that use forward proxies as a gateway to the Internet, you can use network protection to investigate behind a proxy. For more information, see Investigate connection events that occur behind forward proxies.
The WinHTTP configuration setting is independent of the Windows Internet (WinINet) Internet browsing proxy settings and can only discover a proxy server by using the following discovery methods:
- Auto-discovery methods:
- Transparent proxy
- Web Proxy Auto-discovery Protocol (WPAD)NoteIf you're using Transparent proxy or WPAD in your network topology, you don't need special configuration settings. For more information on Microsoft Defender ATP URL exclusions in the proxy, see Enable access to Microsoft Defender ATP service URLs in the proxy server.
- Manual static proxy configuration:
- Registry based configuration
- WinHTTP configured using netsh command – Suitable only for desktops in a stable topology (for example: a desktop in a corporate network behind the same proxy)
Configure the proxy server manually using a registry-based static proxy
Configure a registry-based static proxy to allow only Microsoft Defender ATP sensor to report diagnostic data and communicate with Microsoft Defender ATP services if a computer is not be permitted to connect to the Internet.
The static proxy is configurable through Group Policy (GP). The group policy can be found under:
- Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure Authenticated Proxy usage for the Connected User Experience and Telemetry Service
- Set it to Enabled and select Disable Authenticated Proxy usage:
- Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure connected user experiences and telemetry:
- Configure the proxy:The policy sets two registry values
TelemetryProxyServer
as REG_SZ andDisableEnterpriseAuthProxy
as REG_DWORD under the registry keyHKLMSoftwarePoliciesMicrosoftWindowsDataCollection
.The registry valueTelemetryProxyServer
takes the following string format:For example: 10.0.0.6:8080The registry valueDisableEnterpriseAuthProxy
should be set to 1.
Configure the proxy server manually using netsh command
Use netsh to configure a system-wide static proxy.
Note
- This will affect all applications including Windows services which use WinHTTP with default proxy.
- Laptops that are changing topology (for example: from office to home) will malfunction with netsh. Use the registry-based static proxy configuration.
- Open an elevated command-line:a. Go to Start and type cmd.b. Right-click Command prompt and select Run as administrator.
- Enter the following command and press Enter:For example: netsh winhttp set proxy 10.0.0.6:8080
To reset the winhttp proxy, enter the following command and press Enter
See Netsh Command Syntax, Contexts, and Formatting to learn more.
Enable access to Microsoft Defender ATP service URLs in the proxy server
If a proxy or firewall is blocking all traffic by default and allowing only specific domains through, add the domains listed in the downloadable sheet to the allowed domains list.
Item | Description |
---|---|
Spreadsheet | The spreadsheet provides specific DNS records for service locations, geographic locations, and OS. |
If a proxy or firewall has HTTPS scanning (SSL inspection) enabled, exclude the domains listed in the above table from HTTPS scanning.
Note
settings-win.data.microsoft.com is only needed if you have Windows 10 devices running version 1803 or earlier.
Note
URLs that include v20 in them are only needed if you have Windows 10 devices running version 1803 or later. For example,
us-v20.events.data.microsoft.com
is needed for a Windows 10 device running version 1803 or later and onboarded to US Data Storage region.Note
If you are using Microsoft Defender Antivirus in your environment, please refer to the following article for details on allowing connections to the Microsoft Defender Antivirus cloud service: https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus
If a proxy or firewall is blocking anonymous traffic, as Microsoft Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the previously listed URLs.
Log analytics agent requirements
The information below list the proxy and firewall configuration information required to communicate with Log Analytics agent (often referred to as Microsoft Monitoring Agent) for the previous versions of Windows such as Windows 7 SP1, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2, and Windows Server 2016.
Agent Resource | Ports | Direction | Bypass HTTPS inspection |
---|---|---|---|
*.ods.opinsights.azure.com | Port 443 | Outbound | Yes |
*.oms.opinsights.azure.com | Port 443 | Outbound | Yes |
*.blob.core.windows.net | Port 443 | Outbound | Yes |
Microsoft Defender ATP service backend IP range
If your network devices don't support the URLs added to an 'allow' list in the prior section, you can use the following information.
Microsoft Defender ATP is built on Azure cloud, deployed in the following regions:
- +<Region Name='uswestcentral'>
- +<Region Name='useast2'>
- +<Region Name='useast'>
- +<Region Name='europenorth'>
- +<Region Name='europewest'>
- +<Region Name='uksouth'>
- +<Region Name='ukwest'>
You can find the Azure IP range on Microsoft Azure Datacenter IP Ranges.
Note
As a cloud-based solution, the IP range can change. It's recommended you move to DNS resolving setting.
Verify client connectivity to Microsoft Defender ATP service URLs
Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Microsoft Defender ATP service URLs.
- Download the MDATP Client Analyzer tool to the PC where Microsoft Defender ATP sensor is running on.
- Extract the contents of MDATPClientAnalyzer.zip on the device.
- Open an elevated command-line:a. Go to Start and type cmd.b. Right-click Command prompt and select Run as administrator.
- Enter the following command and press Enter:Replace HardDrivePath with the path where the MDATPClientAnalyzer tool was downloaded to, for example
- Extract the MDATPClientAnalyzerResult.zip file created by tool in the folder used in the HardDrivePath.
- Open MDATPClientAnalyzerResult.txt and verify that you have performed the proxy configuration steps to enable server discovery and access to the service URLs.
The tool checks the connectivity of Microsoft Defender ATP service URLs that Microsoft Defender ATP client is configured to interact with. It then prints the results into the MDATPClientAnalyzerResult.txt file for each URL that can potentially be used to communicate with the Microsoft Defender ATP services. For example:
If at least one of the connectivity options returns a (200) status, then the Microsoft Defender ATP client can communicate with the tested URL properly using this connectivity method.
However, if the connectivity check results indicate a failure, an HTTP error is displayed (see HTTP Status Codes). You can then use the URLs in the table shown in Enable access to Microsoft Defender ATP service URLs in the proxy server. The URLs you'll use will depend on the region selected during the onboarding procedure.
Note
The Connectivity Analyzer tool is not compatible with ASR rule Block process creations originating from PSExec and WMI commands. You will need to temporarily disable this rule to run the connectivity tool.
Note
When the TelemetryProxyServer is set, in Registry or via Group Policy, Microsoft Defender ATP will fall back to direct if it can't access the defined proxy.
Related topics
- Advertisement
- BiDiTeX for Windows v.0.0.6BiDiTeX - automatic bidirectional support for LaTeX.
- Anon Proxy Server v.0.103Anon Proxy Server is a fast http, https, socks caching proxy server.
- Robust FTP And Download Manager v.4.2.0.0Perfect tool for Web developers or anyone that moves files on the Internet. Ftp Client & Download Manager all in one. Features: Browser integration, Clipboard monitoring, Upload/Download resume , Firewall/Proxy support, one click directory transfers.
- Zilla FTP and Download Manager v.6.3.0.2Perfect tool for Web developers or anyone that moves files on the Internet. Ftp Client & Download Manager all in one. Features: Browser integration, Clipboard monitoring, Upload/Download resume , Firewall/Proxy support, one click directory transfers.
- Free FTP And Download Manager v.5.2.0.0Perfect tool for Web developers or anyone that moves files on the Internet. Ftp Client & Download Manager all in one. Features: Browser integration, Clipboard monitoring, Upload/Download resume , Firewall/Proxy support, one click directory transfers ...
- Free FTP and Download Accelerator v.1.1.0.0Ftp and download accelerator is a Perfect tool for Web developers,anyone that moves files on the Internet. Ftp Client & Download Manager all in one. Features: Browser integration, Clipboard monitoring, Upload/Download resume , Firewall/Proxy support.
- FlashFXP v.4.0.0.1523FlashFXP uses a familiar explorer-like interface that even the most novice user can master in minutes. It offers features such as drag-and-drop, FTP, SFTP, and SSL/TLS transfers, enterprise-friendly rollout options, firewall and proxysupport.
- LeapFTP v.3.0.0.43LeapFTP Features Program * FTP, FXP, FTP+SSL, SFTP, HTTP, and HTTPS * Proxysupport include SOCKS4 / 5, HTTP, CheckPoint, WinGate, and others * Multiple user modes adapt to local, network, and portable installations * Context-sensitive and HTML help ...
- .NET EMail Component EMail.NET POP3,SMTP v.1.00Easy yet powerful POP3, SMTP, IMAP components for .NET with MIME, SSLTLS and proxysupport. Well-designed, these components include lots of demos, tutorials and comprehensive documentation. Key features: - Easy-to-use feature-rich components - ...
- Chilkat FTP .NET Component v.1.3FTP component to upload/download/delete files. Get FTP directory listing, upload directory trees with restart, xfer to/from memory, create/delete remote dirs, session logging, MGET/MPUT, proxysupport, active/passive modes, binary/ascii modes.
- HiProxy v.2.3HiProxy is a proxysupport utility for the Internet. Shields your IP address for privacy. Easy change browser proxy settings,import proxy lists,verify HTTP/HTTPS/SOCKS proxies,proxy ban list,proxy country,etc.
- SmartCode ServerX VNC Server v.1.1.4.0Supports all features that can be found in a standard VNC server.● Includes UltraVNC Repeater proxysupport.● Includes UltraVNC DSM encryption plug-in support.● Exposes VNC server functionality through a powerful set of ActiveX ...
- EasyUploader v.1.4Standalone application for uploading files to Easy-share.com - the free file hosting service. No registration needed. Allows multiple parallel file upload, proxysupport, export of uploaded files urls. Portable and lightweight software. Add as many ...
- FTP Scheduler for Mac OS v.2.1Automate your FTP tasks with this JAVA based FTP Scheduler. Create multiple upload or download sessions, proxysupport (http, https, socks), session watchdog, FTP in ascii, binary, passive or active mode, overwrite, delete, log transfers, append ...
- MacProxy for Mac OS v.1.1.1Provides system-wide network proxysupport for the Mac, including for applications without proxysupport. Avoid proxy setup for each application, just enable MacProxy and your Macs network connections are forwarded to a proxy. MacProxy allows you to ...
- NI Mail Agent v.4.7.0.1The program for email mass sending with socks proxysupport. The program supports plain text letters and letters in format HTML including attachments. Dispatch is enough considerable quantity of letters is possible at the expense of use in one ...
- File Transfer v.1.0Client-server transfers files/folders p2p, fast and secure: transparent compression/encryption (SSL), pause/resume, TCP/UDP connection, auto-discover, proxysupport (HTTP, SOCKS5), NAT Traversal (Teredo, UPnP), HTTP/FTP downloads, speed graph, ...
- KuFTP v.1.5.0KuFTP is a graphical FTP client for the K Desktop Environment. Tab Sessions like Firefox,bookmark manager,queue manager,speed limit,proxysupport,SSL/TSL support, multi charsets support and some small nifty ...
- Loly - lossless to loosely v.0.01.2LOLY stands for 'lossless to loosely', which is a bash script decode the lossless audio file, split the wavchunk and encode the split wav file into loosely encoded files with automatic tagging support (m4a only so far) according to the CUE sheet ...
- Proxyconnect v.0.0.1proxyconnect send HTTP CONNECT request to HTTP proxy to build transparent tunnel between its stdin/stdout and dedicated port on remote host.can be used to provide proxysupport for SSH by adding a ProxyCommand directive in ...
Automatic Proxy Support software by TitlePopularityFreewareLinuxMac
Mac Proxy 3 0 4 – System Wide Network Proxy Support Phone Number
Today's Top Ten Downloads for Automatic Proxy Support
Mac Proxy 3 0 4 – System Wide Network Proxy Supported
- Robust FTP And Download Manager Perfect tool for Web developers or anyone that moves files
- Zilla FTP and Download Manager Perfect tool for Web developers or anyone that moves files
- Free FTP And Download Manager Perfect tool for Web developers or anyone that moves files
- Anon Proxy Server Anon Proxy Server is a fast http, https, socks caching
- Super Network Tunnel Super Network Tunnel = SocksCap+Bidirectional Http Tunnel
- Super Network Tunnel Portable Version Super Network Tunnel = SocksCap+Bidirectional Http Tunnel
- Free FTP and Download Accelerator Ftp and download accelerator is a Perfect tool for Web
- HiProxy HiProxy is a proxy support utility for the Internet.
- Easy AutoUpdate Easy AutoUpdate is a comprehensive updating solution for
- .NET FTP Library The .NET FTP Library by Kellerman Software is the standard