From 2cbac221386ef7b6b2dc7423d6232feb17fd79fb Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 22 Sep 2020 13:14:20 -0700 Subject: [PATCH] Delete mcafee-to-microsoft-defender-onboard - Copy.md --- ...ee-to-microsoft-defender-onboard - Copy.md | 92 ------------------- 1 file changed, 92 deletions(-) delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard - Copy.md diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard - Copy.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard - Copy.md deleted file mode 100644 index fcd726467f..0000000000 --- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard - Copy.md +++ /dev/null @@ -1,92 +0,0 @@ ---- -title: McAfee to Microsoft Defender ATP - Onboard -description: This is phase 3, Onboard, for migrating from McAfee to Microsoft Defender ATP. -keywords: migration, windows defender advanced threat protection, atp, edr -search.product: eADQiWindows 10XVcnh -search.appverid: met150 -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.author: deniseb -author: denisebmsft -ms.localizationpriority: medium -manager: dansimp -audience: ITPro -ms.collection: -- M365-security-compliance -- m365solution-McAfeemigrate -ms.custom: migrationguides -ms.topic: article -ms.date: 09/03/2020 -ms.reviewer: jesquive, chventou, jonix, chriggs, owtho ---- - -# Migrate from McAfee - Phase 3: Onboard to Microsoft Defender ATP - -|[![Phase 1: Prepare](images/prepare.png)](mcafee-to-microsoft-defender-prepare.md)
[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |[![Phase 2: Set up](images/setup.png)](mcafee-to-microsoft-defender-setup.md)
[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |![Phase 3: Onboard](images/onboard.png)
Phase 3: Onboard | -|--|--|--| -|| |*You are here!* | - - -**Welcome to Phase 3 of [migrating from McAfee Endpoint Security (McAfee) to Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](mcafee-to-microsoft-defender-migration.md#the-migration-process)**. This migration phase includes the following steps: - -1. [Onboard devices to Microsoft Defender ATP](#onboard-devices-to-microsoft-defender-atp). -2. [Run a detection test](#run-a-detection-test). -3. [Uninstall McAfee](#uninstall-mcafee). -4. [Make sure Microsoft Defender ATP is in active mode](#make-sure-microsoft-defender-atp-is-in-active-mode). - -## Onboard devices to Microsoft Defender ATP - -1. Go to the Microsoft Defender Security Center ([https://aka.ms/MDATPportal](https://aka.ms/MDATPportal)) and sign in. - -2. Choose **Settings** > **Device management** > **Onboarding**. - -3. In the **Select operating system to start onboarding process** list, select an operating system. - -4. Under **Deployment method**, select an option. Follow the links and prompts to onboard your organization's devices. Need help? See [Onboarding methods](#onboarding-methods). - -### Onboarding methods - -Deployment methods vary, depending on which operating system is selected. Refer to the resources listed in the table below to get help with onboarding. - -|Operating system |Method | -|---------|---------| -|Windows 10 |- [Group Policy](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp)
- [Configuration Manager](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm)
- [Mobile Device Management (Intune)](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm)
- [Local script](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script)

**NOTE**: A local script is suitable for a proof of concept but should not be used for production deployment. For a production deployment, we recommend using Group Policy, Microsoft Endpoint Configuration Manager, or Intune. | -|- Windows 8.1 Enterprise
- Windows 8.1 Pro
- Windows 7 SP1 Enterprise
- Windows 7 SP1 Pro | [Microsoft Monitoring Agent](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel#install-and-configure-microsoft-monitoring-agent-mma-to-report-sensor-data-to-microsoft-defender-atp)

**NOTE**: Microsoft Monitoring Agent is now Azure Log Analytics agent. To learn more, see [Log Analytics agent overview](https://docs.microsoft.com/azure/azure-monitor/platform/log-analytics-agent). | -|- Windows Server 2019 and later
- Windows Server 2019 core edition
- Windows Server version 1803 and later |- [Local script](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script)
- [Group Policy](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp)
- [Configuration Manager](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm)
- [System Center Configuration Manager](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm#onboard-windows-10-devices-using-earlier-versions-of-system-center-configuration-manager)
- [VDI onboarding scripts for non-persistent devices](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi)

**NOTE**: A local script is suitable for a proof of concept but should not be used for production deployment. For a production deployment, we recommend using Group Policy, Microsoft Endpoint Configuration Manager, or Intune. | -|- Windows Server 2016
- Windows Server 2012 R2
- Windows Server 2008 R2 SP1 |- [Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints#option-1-onboard-servers-through-microsoft-defender-security-center)
- [Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-wdatp) | -|macOS
- 10.15 (Catalina)
- 10.14 (Mojave)
- 10.13 (High Sierra)

iOS

Linux:
- RHEL 7.2+
- CentOS Linux 7.2+
- Ubuntu 16 LTS, or higher LTS
- SLES 12+
- Debian 9+
- Oracle Linux 7.2 |[Onboard non-Windows devices](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows) | - -## Run a detection test - -To verify that your onboarded devices are properly connected to Microsoft Defender ATP, you can run a detection test. - - -|Operating system |Guidance | -|---------|---------| -|- Windows 10
- Windows Server 2019
- Windows Server, version 1803
- Windows Server 2016
- Windows Server 2012 R2 |See [Run a detection test](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/run-detection-test).

Visit the Microsoft Defender ATP demo scenarios site ([https://demo.wd.microsoft.com](https://demo.wd.microsoft.com)) and try one or more of the scenarios. For example, try the **Cloud-delivered protection** demo scenario. | -|macOS
- 10.15 (Catalina)
- 10.14 (Mojave)
- 10.13 (High Sierra) |Download and use the DIY app at [https://aka.ms/mdatpmacosdiy](https://aka.ms/mdatpmacosdiy).

For more information, see [Microsoft Defender Advanced Threat Protection for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac). | -|Linux:
- RHEL 7.2+
- CentOS Linux 7.2+
- Ubuntu 16 LTS, or higher LTS
- SLES 12+
- Debian 9+
- Oracle Linux 7.2 |1. Run the following command, and look for a result of **1**:
`mdatp health --field real_time_protection_enabled`.

2. Open a Terminal window, and run the following command:
`curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt`.

3. Run the following command to list any detected threats:
`mdatp threat list`.

For more information, see [Microsoft Defender ATP for Linux](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux). | - -## Uninstall McAfee - -Now that you have onboarded your organization's devices to Microsoft Defender ATP, your next step is to uninstall McAfee. - -To get help with this step, go to your McAfee support ServicePortal ([http://mysupport.mcafee.com](http://mysupport.mcafee.com)). - -## Make sure Microsoft Defender ATP is in active mode - -Now that you have uninstalled McAfee, your next step is to make sure that Microsoft Defender Antivirus and endpoint detection and response are enabled and in active mode. - -To do this, visit the Microsoft Defender ATP demo scenarios site ([https://demo.wd.microsoft.com](https://demo.wd.microsoft.com)). Try one or more of the demo scenarios on that page, including at least the following: -- Cloud-delivered protection -- Potentially Unwanted Applications (PUA) -- Network Protection (NP) - -## Next steps - -**Congratulations**! You have completed your [migration from McAfee to Microsoft Defender ATP](mcafee-to-microsoft-defender-migration.md#the-migration-process)! - -- [Visit your security operations dashboard](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard) in the Microsoft Defender Security Center ([https://aka.ms/MDATPportal](https://aka.ms/MDATPportal)). -- [Manage Microsoft Defender Advanced Threat Protection, post migration](manage-atp-post-migration.md).