SWIF.ai

The table below mirrors the Apple glossary you already saw, but for Windows 10 or later (Pro, Enterprise, Education, SE and LTSC where noted).

Use it when you’re inside Device Management → Policies → New Policy → Windows and need to know what each payload does.

BitLocker Auto is the recommended payload for most orgs—enables encryption silently with escrow to Swif’s key vault.

AppLocker supports rules per Publisher-SID for modern (AppX/MSIX) apps and traditional binaries.

Policies tagged Pro 10 + require at least Windows 10 Pro; Home editions will ignore the payload.

- BitLocker Auto is the recommended payload for most orgs—enables encryption silently with escrow to Swif’s key vault.
- AppLocker supports rules per Publisher-SID for modern (AppX/MSIX) apps and traditional binaries.
- Policies tagged Pro 10 + require at least Windows 10 Pro; Home editions will ignore the payload.

Need <a href="https://help.swif.ai/en/articles/11526597-linux-specific-mdm-policies-available-in-swif">Linux</a> or <a href="https://help.swif.ai/en/articles/11526498-apple-specific-mdm-policies-available-in-swif">Apple</a> equivalents? Switch tabs in the wizard—each OS family has its own glossary.

To write a custom policy, you can find more details at <a href="https://help.swif.ai/en/articles/10738981-configuring-windows-custom-csp-policies-in-swif">Configuring Windows Custom CSP Policies in Swif</a>.

Windows-specific MDM policies available in Swif

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Policy (alphabetical)	What it controls	Supported editions / min. OS
AppLocker	Create allow / deny rules for EXE, MSI, Script, Packaged apps	Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 +
BitLocker Auto	One-click silent BitLocker enable/disable (no advanced options)	Windows 10 +
BitLocker (deprecated)	Legacy BitLocker settings payload	Windows 10 +
Certificate Install (SCEP/PKI)	Push user/computer certs (PFX, SCEP) & trust anchors	Windows 10 +
Connectivity	WLAN/LAN proxy, metered-network flag, tethering, hotspot	Windows 10 +
Defender	Real-time protection, cloud heuristics, engine updates, exclusions	Windows 10 +
Edge Extension Deployment	Force-install / block Edge add-ons via policies.json	Windows 10 +
Firefox Extension Deployment	Force-install / block Firefox add-ons via policies.json	Windows 10 +
Google Chrome Extension Deployment & Blocking	Force or block Chrome Web-Store extensions	Windows 10 +
Google SSO	Configure Google Workspace login at Windows lock screen	Windows 10 +
Logon Message	Custom legal banner title & body before sign-in	Windows 10 +
Microsoft Remote Desktop	Allow RDP, network-level auth, encryption, clipboard rules	Windows 10 +
Password	Length, complexity, history, grace period rules	Windows 10 +
PIN	Windows Hello for Business PIN length, complexity, expiration	Windows 10 +
Power	AC/DC sleep, lid close, hibernate, display timeout	Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 +
Radius (802.1X)	PEAP/MS-CHAPv2 or EAP-TLS wired, Wi-Fi, and VPN profiles	Windows 10 +
Remote Desktop (Windows)	Initiate on-demand RDP session from Swif console	Windows 10 +
SCEP Certificate	SCEP profile for auto-enrolling certificates	Windows 10 +
Security	Device Guard, Credential Guard, SMB signing, TLS protocol ciphers	Windows 10 +
Settings	Hundreds of CSP tweaks (privacy, notifications, telemetry, Cortana)	Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 +
Shared PC	Shared-PC mode, guest account lifetime, local storage limits	Windows 10 +
Software Update	Quality & feature update deferral, automatic reboots, bandwidth	Windows 10 +
Tracking	Diagnostic data level, Advertising ID, location services	Windows 10 +
USB	Allow / block removable storage, set read-only, specify device IDs	Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 +
User Authorization	Local account creation, admin elevation, guest enable/disable	Windows 10 +
VPN	IKEv2, L2TP, SSTP, Automatic, Always-On VPN profiles	Windows 10 +
Wi-Fi	WPA2/WPA3 Enterprise & PSK network profiles	Windows 10 +

Windows-specific MDM policies available in Swif

Tips