deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-17 11:23:45 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into redirectPSscript

Browse Source
This commit is contained in:
Thomas Raya
2021-03-02 14:36:09 -08:00
committed by GitHub
parent da7cc13ad9 514e9348aa
commit 14847a035c
13 changed files with 29 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md
View File

@ -23,8 +23,6 @@ ms.technology: mde
Applies to: Applies to:
- Windows 10 multi-session running on Windows Virtual Desktop (WVD) - Windows 10 multi-session running on Windows Virtual Desktop (WVD)
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)

9
windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md
View File

@ -1,5 +1,5 @@
--- ---
title: Onboard non-Windows devices to the Microsoft Defender ATP service title: Onboard non-Windows devices to the Microsoft Defender for Endpoint service
description: Configure non-Windows devices so that they can send sensor data to the Microsoft Defender ATP service. description: Configure non-Windows devices so that they can send sensor data to the Microsoft Defender ATP service.
keywords: onboard non-Windows devices, macos, linux, device management, configure Windows ATP devices, configure Microsoft Defender Advanced Threat Protection devices keywords: onboard non-Windows devices, macos, linux, device management, configure Windows ATP devices, configure Microsoft Defender Advanced Threat Protection devices
search.product: eADQiWindows 10XVcnh search.product: eADQiWindows 10XVcnh
@ -24,12 +24,13 @@ ms.technology: mde
**Applies to:** **Applies to:**
- macOS
- Linux
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
**Platforms**
- macOS
- Linux
>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-nonwindows-abovefoldlink) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-nonwindows-abovefoldlink)
Defender for Endpoint provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Microsoft Defender Security Center and better protect your organization's network. Defender for Endpoint provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Microsoft Defender Security Center and better protect your organization's network.

4
windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
View File

@ -114,7 +114,7 @@ The following downloadable spreadsheet lists the services and their associated U
|**Spreadsheet of domains list**|**Description**| |**Spreadsheet of domains list**|**Description**|
|:-----|:-----| |:-----|:-----|
|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) |![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx)
If a proxy or firewall has HTTPS scanning (SSL inspection) enabled, exclude the domains listed in the above table from HTTPS scanning. If a proxy or firewall has HTTPS scanning (SSL inspection) enabled, exclude the domains listed in the above table from HTTPS scanning.
@ -157,7 +157,7 @@ Please see the following guidance to eliminate the wildcard (*) requirement for
3. Run the TestCloudConnection.exe tool from “C:\Program Files\Microsoft Monitoring Agent\Agent” to validate the connectivity and to see the required URLs for your specific workspace. 3. Run the TestCloudConnection.exe tool from “C:\Program Files\Microsoft Monitoring Agent\Agent” to validate the connectivity and to see the required URLs for your specific workspace.
4. Check the Microsoft Defender for Endpoint URLs list for the complete list of requirements for your region (please refer to the Service URLs [Spreadsheet](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)). 4. Check the Microsoft Defender for Endpoint URLs list for the complete list of requirements for your region (please refer to the Service URLs [Spreadsheet](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx)).
![Image of administrator in Windows PowerShell](images/admin-powershell.png) ![Image of administrator in Windows PowerShell](images/admin-powershell.png)

3
windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
View File

@ -31,9 +31,6 @@ ms.technology: mde
- Windows Server (SAC) version 1803 and later - Windows Server (SAC) version 1803 and later
- Windows Server 2019 and later - Windows Server 2019 and later
- Windows Server 2019 core edition - Windows Server 2019 core edition
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configserver-abovefoldlink) > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configserver-abovefoldlink)

8
windows/security/threat-protection/microsoft-defender-atp/evaluate-exploit-protection.md
View File

@ -1,6 +1,6 @@
--- ---
title: See how Exploit protection works in a demo title: See how Exploit protection works in a demo
description: See how exploit protection can prevent suspicious behaviors from occurring on specific apps. description: See how Exploit Protection can prevent suspicious behaviors from occurring on specific apps.
keywords: Exploit protection, exploits, kernel, events, evaluate, demo, try, mitigation keywords: Exploit protection, exploits, kernel, events, evaluate, demo, try, mitigation
search.product: eADQiWindows 10XVcnh search.product: eADQiWindows 10XVcnh
ms.prod: m365-security ms.prod: m365-security
@ -30,14 +30,14 @@ ms.technology: mde
[Exploit protection](exploit-protection.md) helps protect devices from malware that uses exploits to spread and infect other devices. Mitigation can be applied to either the operating system or to an individual app. Many of the features that were part of the Enhanced Mitigation Experience Toolkit (EMET) are included in exploit protection. (The EMET has reached its end of support.) [Exploit protection](exploit-protection.md) helps protect devices from malware that uses exploits to spread and infect other devices. Mitigation can be applied to either the operating system or to an individual app. Many of the features that were part of the Enhanced Mitigation Experience Toolkit (EMET) are included in exploit protection. (The EMET has reached its end of support.)
Use exploit protection in audit mode to review related events in Event Viewer. By enabling audit mode, you'll see how mitigation works for certain apps in a test environment. Audit mode shows what *would* have happened if you enabled exploit protection in your production environment. This way, you can verify that exploit protection doesn't adversely affect your line-of-business apps, and see which suspicious or malicious events occur. In audit, you can see how mitigation works for certain apps in a test environment. This shows what *would* have happened if you enabled exploit protection in your production environment. This way, you can verify that exploit protection doesn't adversely affect your line-of-business apps, and see which suspicious or malicious events occur.
> [!TIP] > [!TIP]
> You can also visit the Microsoft Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to see how exploit protection works. > You can also visit the Microsoft Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to see how exploit protection works.
## Enable exploit protection in audit mode ## Enable exploit protection for testing
You can set mitigations in audit mode for specific programs by using the Windows Security app or Windows PowerShell. You can set mitigations in a testing mode for specific programs by using the Windows Security app or Windows PowerShell.
### Windows Security app ### Windows Security app

2
windows/security/threat-protection/microsoft-defender-atp/gov.md
View File

@ -115,7 +115,7 @@ The following downloadable spreadsheet lists the services and their associated U
Spreadsheet of domains list | Description Spreadsheet of domains list | Description
:-----|:----- :-----|:-----
![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) ![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx)
For more information, see [Configure device proxy and Internet connectivity settings](configure-proxy-internet.md). For more information, see [Configure device proxy and Internet connectivity settings](configure-proxy-internet.md).

3
windows/security/threat-protection/microsoft-defender-atp/machine-groups.md
View File

@ -24,11 +24,8 @@ ms.technology: mde
**Applies to:** **Applies to:**
- Azure Active Directory - Azure Active Directory
- Office 365 - Office 365
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)

2
windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
View File

@ -109,7 +109,7 @@ The following downloadable spreadsheet lists the services and their associated U
|**Spreadsheet of domains list**|**Description**| |**Spreadsheet of domains list**|**Description**|
|:-----|:-----| |:-----|:-----|
|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) |![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx)
> [!NOTE] > [!NOTE]
> For a more specific URL list, see [Configure proxy and internet connectivity settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server). > For a more specific URL list, see [Configure proxy and internet connectivity settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server).

2
windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
View File

@ -104,7 +104,7 @@ The following downloadable spreadsheet lists the services and their associated U
|**Spreadsheet of domains list**|**Description**| |**Spreadsheet of domains list**|**Description**|
|:-----|:-----| |:-----|:-----|
|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>Download the spreadsheet here: [mdatp-urls.xlsx](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx). |![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>Download the spreadsheet here: [mdatp-urls.xlsx](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx).
Microsoft Defender for Endpoint can discover a proxy server by using the following discovery methods: Microsoft Defender for Endpoint can discover a proxy server by using the following discovery methods:
- Proxy autoconfig (PAC) - Proxy autoconfig (PAC)

8
windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
View File

@ -24,14 +24,14 @@ ms.technology: mde
**Applies to:** **Applies to:**
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
**Platforms**
- macOS - macOS
- Linux - Linux
- Windows Server 2012 R2 - Windows Server 2012 R2
- Windows Server 2016 - Windows Server 2016
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-offboarddevices-abovefoldlink) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-offboarddevices-abovefoldlink)

5
windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md
View File

@ -24,13 +24,14 @@ ms.technology: mde
**Applies to:** **Applies to:**
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
**Platforms**
- Windows 7 SP1 Enterprise - Windows 7 SP1 Enterprise
- Windows 7 SP1 Pro - Windows 7 SP1 Pro
- Windows 8.1 Pro - Windows 8.1 Pro
- Windows 8.1 Enterprise - Windows 8.1 Enterprise
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
>Want to experience Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-downlevel-abovefoldlink). >Want to experience Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-downlevel-abovefoldlink).

2
windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
View File

@ -226,7 +226,7 @@ The following downloadable spreadsheet lists the services and their associated U
|**Spreadsheet of domains list**|**Description**| |**Spreadsheet of domains list**|**Description**|
|:-----|:-----| |:-----|:-----|
|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) |![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx)
### Microsoft Defender for Endpoint service backend IP range ### Microsoft Defender for Endpoint service backend IP range

4
windows/security/threat-protection/microsoft-defender-atp/rbac.md
View File

@ -25,13 +25,9 @@ ms.technology: mde
**Applies to:** **Applies to:**
- Azure Active Directory - Azure Active Directory
- Office 365 - Office 365
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-rbac-abovefoldlink) > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-rbac-abovefoldlink)
Using role-based access control (RBAC), you can create roles and groups within your security operations team to grant appropriate access to the portal. Based on the roles and groups you create, you have fine-grained control over what users with access to the portal can see and do. Using role-based access control (RBAC), you can create roles and groups within your security operations team to grant appropriate access to the portal. Based on the roles and groups you create, you have fine-grained control over what users with access to the portal can see and do.
> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bJ2a] > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bJ2a]