Filter › Best Practice
Best Practices for Configuring Securly's Microsoft Edge Extensions via Group Policy
This article outlines best practices for configuring Securly’s Microsoft Edge extensions using the Group Policy Editor.
All settings can be configured within your Group Policy Editor by following this path: (Computer Configuration or User Configuration) > Policies > Administrative Templates > Microsoft Edge > Extensions.
- To block unwanted extensions (such as VPNs or proxies), enable “Control which extensions cannot be installed” [ExtensionInstallBlocklist]. Click to enable it, then use the “Show” button to bring up the value box and enter “*.”
- Navigate back to: (Computer Configuration or User Configuration) > Policies > Administrative Templates > Microsoft Edge >
- Enable “Browser sign-in settings” [BrowserSignin] to require users to sign in to the browser, which can enhance functionality with other Office apps. Select "Force users to sign-in to use the browser (all profiles)".
- Enable “Block access to a list of URLs” and click "Show" to add the following URLs:
- edge://addresses
- edge://certificate-manager
- edge://extensions
- edge://flags
- edge://hang
- edge://inspect
- edge://kill
- edge://network
- edge://serviceworker-internals
- edge://settings/privacy
- edge://settings/reset
- edge://settings/signOut
- edge://settings/system
- edge://version
- data://*
- devtools://*
- javascript://*
- Enable “Configure InPrivate mode availability” [InPrivateModeAvailability] and select “InPrivate mode disabled.”
- Enable “Control where developer tools can be used” [DeveloperToolsAvailability] and select ‘Don’t allow using the developer tools.’
- Enable “Enable network prediction” and select ‘Don’t predict network actions on any network connection.’
- Consider enabling “Hide the First-run experience and splash screen” [HideFirstRunExperience].
- Disable “Enable guest mode” [BrowserGuestModeEnabled].
- Disable “Enable ending processes in the Browser task manager” [TaskManagerEndProcessEnabled].
After making changes to any Group Policy, run the command “gpupdate /force” to propagate the changes you made.