From 3bb3a424ef703c6504fe3547ebdedbf9f43fdd9f Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 21 Jul 2020 08:09:03 -0700 Subject: [PATCH] Update manage-atp-post-migration-other-tools.md --- .../manage-atp-post-migration-other-tools.md | 23 ++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md index a30f564442..f55f370783 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md @@ -19,12 +19,22 @@ ms.topic: article # Manage Microsoft Defender Advanced Threat Protection with PowerShell, WMI, and MPCmdRun.exe -We recommend using Intune to manage your threat protection features in Microsoft Defender ATP. However, you can +We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview), which includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and [Configuration Manager](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection), to manage your organization's threat protection features in Microsoft Defender ATP. However, you can use PowerShell, Windows Management Instrumentation (WMI), and the Microsoft Malware Protection Command Line Utility (MPCmdRun.exe) to perform some tasks, such as managing Microsoft Defender Antivirus. + ## Configure Microsoft Defender ATP with PowerShell You can use PowerShell to manage Microsoft Defender Antivirus, exploit protection, and your attack surface reduction rules. +> [!NOTE] +> PowerShell cmdlets should not be used as a replacement for a full network policy management infrastructure, such as [Configuration Manager](https://docs.microsoft.com/configmgr), [Group Policy Management Console](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731212(v=ws.11)), or [Microsoft Defender Antivirus Group Policy ADMX templates](https://www.microsoft.com/download/101445). Changes made with PowerShell will affect local settings on the device where the changes are deployed or made. Policies that are deployed using Group Policy, Configuration Manager, or Intune can overwrite changes made with PowerShell. + + +|Task |Resources to learn more | +|---------|---------| +|Manage Microsoft Defender Antivirus |[Use PowerShell cmdlets to configure and manage Microsoft Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus) | +|Configure exploit protection | | +|Configure attack surface reduction rules | | ## Configure Microsoft Defender ATP with Windows Management Instrumentation (WMI) @@ -33,8 +43,15 @@ steps ## Configure Microsoft Defender ATP with Microsoft Malware Protection Command Line Utility (MPCmdRun.exe) -steps + +|Task |Resources to learn more | +|---------|---------| +|Manage Microsoft Defender Antivirus |[Configure and manage Microsoft Defender Antivirus with the mpcmdrun.exe command-line tool](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus) | +|Row2 | | + ## Next steps -step +- [Get an overview of threat and vulnerability management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt) + +- [Visit the Microsoft Defender Security Center security operations dashboard](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard)