mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-19 12:23:37 +00:00
update all mcas content
This commit is contained in:
Joey Caparas
@ -307,7 +307,7 @@
|
||||
######## [Create and manage machine tags](windows-defender-atp/machine-tags-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
##### [Configure Managed security service provider support](windows-defender-atp/configure-mssp-support-windows-defender-advanced-threat-protection.md)
|
||||
##### [Configure managed security service provider (MSSP) support](windows-defender-atp/configure-mssp-support-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
#### Configure Microsoft threat protection integration
|
||||
|
||||
@ -304,7 +304,7 @@
|
||||
###### [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md)
|
||||
####### [Create and manage machine tags](machine-tags-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#### [Configure Managed security service provider support](configure-mssp-support-windows-defender-advanced-threat-protection.md)
|
||||
#### [Configure managed security service provider (MSSP) support](configure-mssp-support-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
### Configure Microsoft threat protection integration
|
||||
#### [Configure conditional access](configure-conditional-access-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
@ -30,7 +30,7 @@ You'll need to take the following configuration steps to enable the managed secu
|
||||
> - MSSP customers: Organizations that engage the services of MSSPs.
|
||||
|
||||
The integration will allow MSSPs to take the following actions:
|
||||
- Get access to MSSP customer<EFBFBD>s Windows Defender Security Center portal
|
||||
- Get access to MSSP customer's Windows Defender Security Center portal
|
||||
- Get email notifications, and
|
||||
- Fetch alerts through security information and event management (SIEM) tools
|
||||
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 68 KiB After Width: | Height: | Size: 67 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 65 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 112 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 7.1 KiB After Width: | Height: | Size: 6.9 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 21 KiB After Width: | Height: | Size: 24 KiB |
@ -20,9 +20,15 @@ ms.date: 09/03/2018
|
||||
[!include[Prerelease<73>information](prerelease.md)]
|
||||
|
||||
|
||||
To benefit from Windows Defender Advanced Threat Protection (ATP) cloud app discovery signals, turn on Microsoft Cloud App Security integration in the **Windows Defender ATP Settings** page, under **Advanced features**:
|
||||
To benefit from Windows Defender Advanced Threat Protection (ATP) cloud app discovery signals, turn on Microsoft Cloud App Security integration.
|
||||
|
||||
|
||||
1. In the navigation pane, select **Preferences setup** > **Advanced features**.
|
||||
2. Select **Microsoft Cloud App Security** and switch the toggle to **On**.
|
||||
3. Click **Save preferences**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Once activated, Windows Defender ATP will immediately start forwarding discovery signals to Cloud App Security.
|
||||
|
||||
@ -32,13 +38,15 @@ Once activated, Windows Defender ATP will immediately start forwarding discovery
|
||||
|
||||
2. Navigate to the Cloud Discovery dashboard.
|
||||
|
||||
|
||||
|
||||
3. Select **Win10 Endpoint Users report**, which contains the data coming from Windows Defender ATP.
|
||||
|
||||
|
||||
|
||||
|
||||
This report is similar to the existing discovery report with one major difference: you can now benefit from visibility to the machine context.
|
||||
|
||||
Notice the new **Machine**s tab that allows you to view the data split to the device dimensions. This is available in the main report page or any subpage (e.g., when drilling down to a specific cloud app).
|
||||
Notice the new **Machines** tab that allows you to view the data split to the device dimensions. This is available in the main report page or any subpage (for example, when drilling down to a specific cloud app).
|
||||
|
||||
|
||||
|
||||
@ -48,5 +56,4 @@ For more information about cloud discovery, see [Working with discovered apps](h
|
||||
If you are interested in trying Microsoft Cloud App Security, see [Microsoft Cloud App Security Trial](https://signup.microsoft.com/Signup?OfferId=757c4c34-d589-46e4-9579-120bba5c92ed&ali=1).
|
||||
|
||||
## Related topic
|
||||
|
||||
- [Microsoft Cloud App Security integration](microsoft-cloud-app-security-integration.md)
|
||||
@ -7,32 +7,30 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: ellevin
|
||||
author: levinec
|
||||
ms.author: macapara
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: high
|
||||
ms.date: 09/03/2018
|
||||
---
|
||||
|
||||
# Microsoft Cloud App Security integration overview
|
||||
**Applies to:**
|
||||
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
|
||||
|
||||
[!include[Prerelease<73>information](prerelease.md)]
|
||||
|
||||
[Cloud App Security](https://docs.microsoft.com/cloud-app-security/what-is-cloud-app-security) gives you visibility into your cloud apps and services by allowing you to control and limit access to cloud apps, while enforcing compliance requirements on data stored in the cloud.
|
||||
Microsoft Cloud App Security (Cloud App Security) is a comprehensive solution that gives you visibility into your cloud apps and services by allowing you to control and limit access to cloud apps, while enforcing compliance requirements on data stored in the cloud. For more information, see [Cloud App Security](https://docs.microsoft.com/cloud-app-security/what-is-cloud-app-security).
|
||||
|
||||
Cloud App Security integrates into your eco-system in two places:
|
||||
## Windows Defender ATP and Cloud App Security integration
|
||||
|
||||
1. Firewall and proxy servers route your endpoints traffic to the web and forward cloud traffic logs to Cloud App Security.
|
||||
Cloud App Security discovery relies on cloud traffic logs being forwarded to it from enterprise firewall and proxy servers. Windows Defender ATP integrates with Cloud App Security by collecting and forwarding all cloud app networking activities, thereby enhancing data optics on cloud application related activities.
|
||||
|
||||
2. Cloud App Security connects to your cloud app public API to enable control and governance of the data stored on cloud apps.
|
||||
|
||||
|
||||
|
||||
Microsoft Cloud App Security (Cloud App Security) is a comprehensive solution that helps you keep control of assets through improved visibility over cloud apps that are being used across an organization. Cloud Discovery analyzes network traffic data to provide you with ongoing visibility into cloud use, Shadow IT, and the risk Shadow IT poses into your organization.
|
||||
|
||||
Windows Defender ATP provides one-click integration with Cloud Discovery by forwarding network connection data gathered from onboarded machines and users. These signals are sent to Cloud App Security, giving administrators deeper visibility into cloud usage, including the use of unsanctioned cloud services.
|
||||
|
||||
By leveraging the Windows Defender ATP endpoint network sensor signals, this integration further enhances Cloud App Security visibility into machine related activity and expanding coverage of off-network traffic.
|
||||
The integration provides the following major improvements to the existing Cloud App Security discovery:
|
||||
|
||||
- Available everywhere - Since the network activity is collected directly from the endpoint, it's available wherever the device is, on or off corporate network, as it's no longer depended on traffic routed through the enterprise firewall or proxy servers.
|
||||
- Works out of the box, no configuration required <20> Forwarding cloud traffic logs to Cloud App Security requires firewall and proxy server configuration. With the Windows Defender ATP and Cloud App Security integration, there<72>s no configuration required. Just switch it on in Windows Defender Security Center settings and you<6F>re good to go.
|
||||
|
||||
- Device context <20> Cloud traffic logs lack device context. Windows Defender ATP network activity is reported with the device context (which device accessed the cloud app), so you are able to understand exactly where (device) the network activity took place, in addition to who (user) performed it.
|
||||
|
||||
## Related topic
|
||||
|
||||
|
||||
@ -31,7 +31,7 @@ To address this demand, managed security service providers (MSSP) offer to deliv
|
||||
Windows Defender ATP adds support for this scenario by providing MSSP integration.
|
||||
|
||||
The integration will allow MSSPs to take the following actions:
|
||||
- Get access to MSSP customer<EFBFBD>s Windows Defender Security Center portal
|
||||
- Get access to MSSP customer's Windows Defender Security Center portal
|
||||
- Get email notifications, and
|
||||
- Fetch alerts through security information and event management (SIEM) tools
|
||||
|
||||
|
||||
Reference in New Issue
Block a user