![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 98%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAE%3C/text%3E%3C/svg%3E)
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,669 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 35%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
@A.Elrayes,Thanks for posting in Q&A.
From your description, I know you are looking for a replacement of Defender Intrusion Prevention feature in Intune.
Based on my research, Defender Intrusion Prevention is a feature that helps protect devices from network-based attacks, however you can create a real-time protection policy under Microsoft Defender Antivirus and enable network protection under Microsoft Defender for Endpoint Baseline to protect your devices from being attacked by network to replace Defender Intrusion Prevention.
Here are steps about how to configure real-time protection you can refer.
1.Go to the Microsoft Endpoint Manager admin center > Go to Endpoint security > Antivirus > Microsoft Defender Antivirus.
2.Select Create Policy > Select Windows 10 and Windows 11, and Windows Server (ConfigMgr) as Platform and Select Microsoft Defender Antivirus as Profile > In Configuration settings page, select Real-time protection > Set Turn on real-time protection Yes.
3.In Assignments page, assign it to device group.
Here are steps about how to configure Microsoft Defender for Endpoint Baseline you can refer.
1.Go to the Microsoft Intune admin center > Go to Endpoint security > Security baselines > Microsoft Defender for Endpoint Baseline.
2.Select Create a profile > In the Configuration settings section, go to Attack Surface Reduction Rules > set Enable for Enable network protection.
3.In Assignments, assign it to device group.
Hope above information can help you.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.