From 25639799b98e9991fc68a3dfc6bf306f2ae6c9ed Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 5 Nov 2018 16:21:00 -0800 Subject: [PATCH] add pre-reqs --- ...ures-windows-defender-advanced-threat-protection.md | 7 +++++++ .../information-protection-in-windows-config.md | 6 ++++++ .../information-protection-in-windows-overview.md | 10 +++++++--- 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index 60b3dcbd64..f9464104e2 100644 --- a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -92,6 +92,13 @@ Enabling this setting forwards Windows Defender ATP signals to Microsoft Cloud A ## Azure Information Protection Turning this setting on forwards signals to Azure Information Protection, giving data owners and administrators visibility into protected data on onboarded machines and machine risk ratings. +>[!NOTE] +>You'll need to fulfill the following requirements for the integration to work: +>- Endpoints need to be on Windows 10, version 1809 or later +>- You'll need the appropriate license to leverage the Windows Defender ATP and Azure Information Protection integration +>- Your tenant needs to be onboarded to Azure Information Protection analytics, for more information see, [Configure a Log Analytics workspace for the reports](https://docs.microsoft.comazure/information-protection/reports-aip#configure-a-log-analytics-workspace-for-the-reports) +>- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data. + ## Microsoft Intune connection This feature is only available if you have an active Microsoft Intune (Intune) license. diff --git a/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-config.md b/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-config.md index 23e8cd5af4..350c042352 100644 --- a/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-config.md +++ b/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-config.md @@ -21,6 +21,12 @@ ms.date: 10/24/2018 Learn how you can use Windows Defender ATP to expand the coverage of Windows Information Protection (WIP) to protect files based on their label, regardless of their origin. +## Prerequisites +- Endpoints need to be on Windows 10, version 1809 or later +- You'll need the appropriate license to leverage the Windows Defender ATP and Azure Information Protection integration. +- Your tenant needs to be onboarded to Azure Information Protection analytics, for more information see, [Configure a Log Analytics workspace for the reports](https://docs.microsoft.comazure/information-protection/reports-aip#configure-a-log-analytics-workspace-for-the-reports) +- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data. + 1. Define a WIP policy and assign it to the relevant devices. For more information, see [Protect your enterprise data using Windows Information Protection (WIP)](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip). If WIP is already configured on the relevant devices, skip this step. 2. Define which labels need to get WIP protection in Office 365 Security and Compliance. diff --git a/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-overview.md b/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-overview.md index f9824cf6e1..968b5d702f 100644 --- a/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-overview.md +++ b/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-overview.md @@ -36,16 +36,20 @@ Windows Defender ATP automatically discovers files with Azure Information Protec ![Image of settings page with Azure Information Protection](images/atp-settings-aip.png) - >[!NOTE] -> You'll need the appropriate license to leverage the Windows Defender ATP and Azure Information Protection integration. +>- Endpoints need to be on Windows 10, version 1809 or later +>- You'll need the appropriate license to leverage the Windows Defender ATP and Azure Information Protection integration +>- Your tenant needs to be onboarded to Azure Information Protection analytics, for more information see, [Configure a Log Analytics workspace for the reports](https://docs.microsoft.comazure/information-protection/reports-aip#configure-a-log-analytics-workspace-for-the-reports) +>- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data. + + After enabling the Azure Information Protection integration, data discovery signals are immediately forwarded to Azure Information Protection from the device. When a labeled file is created or modified on a Windows device, Windows Defender ATP automatically reports the signal to AIP. The reported signals can be viewed on the Azure Information Protection - Data discovery dashboard. ### Azure Information Protection - Data discovery dashboard -This dashboard presents a summarized discovery information of data discovered by both Windows Defender ATP and AIP scanner. Data from Windows Defender ATP is marked with Location Type – Endpoint. +This dashboard presents a summarized discovery information of data discovered by both Windows Defender ATP and AIP scanner. Data from Windows Defender ATP is marked with Location Type - Endpoint. ![Image of Azure Information Protection - Data discovery](images/azure-data-discovery.png)