mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-29 05:37:22 +00:00
update sccm
This commit is contained in:
Joey Caparas
parent
f1c3b00930
commit
0e5ec76630
@ -45,9 +45,9 @@ Deploying Microsoft Defender ATP is a three-phase process:
|
||||
</table>
|
||||
You are currently in the configuration phase.
|
||||
|
||||
## Onboarding using System Center Configuration Manager
|
||||
## Onboarding using Microsoft Endpoint Configuration Manager
|
||||
### Collection creation
|
||||
To onboard Windows 10 devices with System Center Configuration Manager, the
|
||||
To onboard Windows 10 devices with Microsoft Endpoint Configuration Manager, the
|
||||
deployment can target either and existing collection or a new collection can be
|
||||
created for testing. The onboarding like group policy or manual method does
|
||||
not install any agent on the system. Within the Configuration Manager console
|
||||
@ -57,41 +57,41 @@ maintain that configuration for as long as the Configuration Manager client
|
||||
continues to receive this policy from the management point. Follow the steps
|
||||
below to onboard systems with Configuration Manager.
|
||||
|
||||
1. In System Center Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Device Collections**.
|
||||
1. In Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Device Collections**.
|
||||
|
||||
|
||||
|
||||
|
||||
2. Right Click **Device Collection** and select **Create Device Collection**.
|
||||
|
||||
|
||||
|
||||
|
||||
3. Provide a **Name** and **Limiting Collection**, then select **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
4. Select **Add Rule** and choose **Query Rule**.
|
||||
|
||||
|
||||
|
||||
|
||||
5. Click **Next** on the **Direct Membership Wizard** and click on **Edit Query Statement**.
|
||||
|
||||
|
||||
|
||||
|
||||
6. Select **Criteria** and then choose the star icon.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Keep criterion type as **simple value**, choose where as **Operating System - build number**, operator as **is equal to** and value **10240** and click on **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
8. Select **Next** and **Close**.
|
||||
|
||||
|
||||
|
||||
|
||||
9. Select **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
After completing this task, you now have a device collection with all the Windows 10 endpoints in the environment.
|
||||
|
||||
@ -105,7 +105,7 @@ Manager and deploy that policy to Windows 10 devices.
|
||||
|
||||
|
||||
|
||||
2. Under Deployment method select the supported version of **System Center Configuration Manager**.
|
||||
2. Under Deployment method select the supported version of **Microsoft Endpoint Configuration Manager **.
|
||||
|
||||
|
||||
|
||||
@ -114,15 +114,15 @@ Manager and deploy that policy to Windows 10 devices.
|
||||
|
||||
|
||||
4. Save the package to an accessible location.
|
||||
5. In System Center Configuration Manager, navigate to: **Assets and Compliance > Overview > Endpoint Protection > Microsoft Defender ATP Policies**.
|
||||
5. In Microsoft Endpoint Configuration Manager , navigate to: **Assets and Compliance > Overview > Endpoint Protection > Microsoft Defender ATP Policies**.
|
||||
|
||||
6. Right-click **Microsoft Defender ATP Policies** and select **Create Microsoft Defender ATP Policy**.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Enter the name and description, verify **Onboarding** is selected, then select **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
8. Click **Browse**.
|
||||
|
||||
@ -145,7 +145,7 @@ Manager and deploy that policy to Windows 10 devices.
|
||||
|
||||
15. Click **Close** when the Wizard completes.
|
||||
|
||||
16. In the System Center Configuration Manager console, right-click the Microsoft Defender ATP policy you just created and select **Deploy**.
|
||||
16. In the Microsoft Endpoint Configuration Manager console, right-click the Microsoft Defender ATP policy you just created and select **Deploy**.
|
||||
|
||||
|
||||
|
||||
@ -211,14 +211,14 @@ Specifically, for Windows 7 SP1, the following patches must be installed:
|
||||
[KB3154518](https://support.microsoft.com/help/3154518/support-for-tls-system-default-versions-included-in-the-net-framework).
|
||||
Do not install both on the same system.
|
||||
|
||||
To deploy the MMA with System Center Configuration Manager, follow the steps
|
||||
To deploy the MMA with Microsoft Endpoint Configuration Manager , follow the steps
|
||||
below to utilize the provided batch files to onboard the systems. The CMD file
|
||||
when executed, will require the system to copy files from a network share by the
|
||||
System, the System will install MMA, Install the DependencyAgent, and configure
|
||||
MMA for enrollment into the workspace.
|
||||
|
||||
|
||||
1. In System Center Configuration Manager console, navigate to **Software
|
||||
1. In Microsoft Endpoint Configuration Manager console, navigate to **Software
|
||||
Library**.
|
||||
|
||||
2. Expand **Application Management**.
|
||||
@ -227,15 +227,15 @@ MMA for enrollment into the workspace.
|
||||
|
||||
4. Provide a Name for the package, then click **Next**
|
||||
|
||||
|
||||
|
||||
|
||||
5. Verify **Standard Program** is selected.
|
||||
|
||||
|
||||
|
||||
|
||||
6. Click **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Enter a program name.
|
||||
|
||||
@ -251,17 +251,17 @@ MMA for enrollment into the workspace.
|
||||
|
||||
13. Click **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
14. Verify the configuration, then click **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
15. Click **Next**.
|
||||
|
||||
16. Click **Close**.
|
||||
|
||||
17. In the System Center Configuration Manager console, right-click the Microsoft Defender ATP
|
||||
17. In the Microsoft Endpoint Configuration Manager console, right-click the Microsoft Defender ATP
|
||||
Onboarding Package just created and select **Deploy**.
|
||||
|
||||
18. On the right panel select the appropriate collection.
|
||||
@ -271,7 +271,7 @@ MMA for enrollment into the workspace.
|
||||
## Next generation protection
|
||||
Microsoft Defender Antivirus is a built-in antimalware solution that provides next generation protection for desktops, portable computers, and servers.
|
||||
|
||||
1. In the System Center Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Antimalware Polices** and choose **Create Antimalware Policy**.
|
||||
1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Antimalware Polices** and choose **Create Antimalware Policy**.
|
||||
|
||||
|
||||
|
||||
@ -321,9 +321,9 @@ Protection. All these features provide an audit mode and a block mode. In audit
|
||||
|
||||
To set ASR rules in Audit mode:
|
||||
|
||||
1. In the System Center Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
|
||||
1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
2. Select **Attack Surface Reduction**.
|
||||
@ -331,26 +331,26 @@ To set ASR rules in Audit mode:
|
||||
|
||||
3. Set rules to **Audit** and click **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
4. Confirm the new Exploit Guard policy by clicking on **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
5. Once the policy is created click **Close**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
6. Right-click on the newly created policy and choose **Deploy**.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Target the policy to the newly created Windows 10 collection and click **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
After completing this task, you now have successfully configured ASR rules in audit mode.
|
||||
|
||||
@ -381,7 +381,7 @@ detections](https://docs.microsoft.com/windows/security/threat-protection/micros
|
||||
|
||||
|
||||
### To set Network Protection rules in Audit mode:
|
||||
1. In the System Center Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
|
||||
1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
|
||||
|
||||
|
||||
|
||||
@ -401,42 +401,42 @@ detections](https://docs.microsoft.com/windows/security/threat-protection/micros
|
||||
|
||||
6. Right-click on the newly created policy and choose **Deploy**.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Select the policy to the newly created Windows 10 collection and choose **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
After completing this task, you now have successfully configured Network
|
||||
Protection in audit mode.
|
||||
|
||||
### To set Controlled Folder Access rules in Audit mode:
|
||||
|
||||
1. In the System Center Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
|
||||
1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
|
||||
|
||||
|
||||
|
||||
|
||||
2. Select **Controlled folder access**.
|
||||
|
||||
3. Set the configuration to **Audit** and click **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
4. Confirm the new Exploit Guard Policy by clicking on **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
5. Once the policy is created click on **Close**.
|
||||
|
||||
|
||||
|
||||
|
||||
6. Right-click on the newly created policy and choose **Deploy**.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Target the policy to the newly created Windows 10 collection and click **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
After completing this task, you now have successfully configured Controlled folder access in audit mode.
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user