I have prepared Azure environment, VMs:winsrv2019, winsrv2012. Both VMs are deployed in the isolated azure subnet (only traffic to security tools and to proxy server is allowed). In second subnet I deployed Ubuntu 16 proxy squid server, I configured squid, used user and password for authentication, traffic to Windows Defender Security Center web platform is allowed. I have Windows Defender Security Center web platform configured. I was able to on-board winsrv2012 VM (MMA agent configuration using proxy server and user and password, I used provided by MS workspace ID and Workspace key), and this VM is successfully on-boarded to Windows Defender Security Center web platform. In case of winsrv2019 I have a problem. Connection winsrv2019 –> Proxy server has been tested using PowerShell, and its ok. On a VM I can use web browser and connect to public web sites via proxy server (once I select a public web site I am prompted for user and pass authentication). Sense service (Defender service for windows server 2019) is not connecting via proxy server VM, winsrv2019 is not onboarded to Windows Defender Security Center web platform, I dont see winsrv2019 on the Device Inventory panel. On my winsrv2019, I made some registry changes, listed below:
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 1 reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /t REG_SZ /d name:port reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyUser /t REG_SZ /d username reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyPass /t REG_SZ /d password netsh winhttp import proxy source=ie
Answer
Attribution
Source : Link , Question Author : tester81 , Answer Author : Community
