mirror of
https://github.com/KelvinTegelaar/CIPP.git
synced 2026-04-25 16:26:09 +03:00
[GH-ISSUE #2886] [Feature Request]: Standards -> Check if Standard Protection or Strict Protection is ENABLED #1424
Labels
No labels
API
Feature
NotABug
NotABug
Planned
Sponsor Priority
Sponsor Priority
bug
documentation
duplicate
enhancement
needs more info
no-activity
no-priority
not-assigned
pull-request
react-conversion
react-conversion
roadmap
security
stale
unconfirmed-by-user
unconfirmed-by-user
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/CIPP#1424
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @erikhoenderdos on GitHub (Sep 6, 2024).
Original GitHub issue: https://github.com/KelvinTegelaar/CIPP/issues/2886
Description of the new feature - must be an in-depth explanation of the feature you want, reasoning why, and the added benefits for MSPs as a whole.
We would like to check if our custommers have the Preset Security Policies enabled (Standard Protection or Strict Protection)
Currently it is possible in CIPP to check the status of the default policys and their values. We don't use them because our client tenants use the preset security policies from Microsoft.
In example:
If i check the default policy for the value of Phishing email threshold my custommer reports 0
but i have the security defaults enabled. So there is an additionial policy at Policies & Rules > Threat policies > Anti -phising named "Standard Preset Security Policy" This default policy sets the Phishing email threshold to 3.
It's documented on this learn document: https://learn.microsoft.com/en-us/defender-office-365/preset-security-policies
for all the powershell cmdlets see: https://learn.microsoft.com/en-us/defender-office-365/preset-security-policies#preset-security-policies-in-exchange-online-powershell
So in short, could their be a mechanisme to check if these preset policys are enabled?
please be aware that you always need to enable the preset once using webinterface before using the powershell cmdlets below
The only supported method for creating the individual security policies for Standard or Strict preset security policies is to turn on the preset security policy in the Microsoft Defender portal for the first time.
PowerShell commands you would normally use to achieve above request
Standard preset security policy:
Get-EOPProtectionPolicyRule -Identity "Standard Preset Security Policy"
Get-ATPProtectionPolicyRule -Identity "Standard Preset Security Policy"
Enable-EOPProtectionPolicyRule -Identity "Standard Preset Security Policy"
Enable-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy"
Strict preset security policy
Get-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy"
Get-ATPProtectionPolicyRule -Identity "Strict Preset Security Policy"
Enable-EOPProtectionPolicyRule -Identity "Standard Preset Security Policy"; Enable-ATPProtectionPolicyRule -Identity "Standard Preset Security Policy"
Enable-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy"; Enable-ATPProtectionPolicyRule -Identity "Strict Preset Security Policy"
@KelvinTegelaar commented on GitHub (Sep 6, 2024):
We currently have an Feature Request stop as we're doing a rewrite; outside of our feature stop, only if you are sponsoring at the $99,- dollar level you are able to make feature requests.