deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

updates to non windows onboarding

Browse Source
This commit is contained in:
Joey Caparas 2019-04-09 13:21:14 -07:00
parent d0cff85f59
commit 47e6746cd4
2 changed files with 22 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
it-client Submodule

@ -0,0 +1 @@
Subproject commit 61e0a21977430f3c0eef1c32e398999dc090c332

51
windows/security/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md
View File

@ -28,57 +28,44 @@ ms.topic: article
Windows Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Windows Defender Security Center and better protect your organization's network. This experience leverages on a third-party security products sensor data.
Windows Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Windows Defender Security Center and better protect your organization's network.
You'll need to know the exact Linux distros and macOS versions that are compatible with Windows Defender ATP for the integration to work.
## Onboarding non-Windows machines
You'll need to take the following steps to onboard non-Windows machines:
1. Turn on third-party integration.
2. Follow instructions provided by the third-party tool.
3. Run a detection test.
1. Select your preferred method of onboarding:
## Turn on third-party integration
- For macOS devices, you can choose to onboard through Windows Defender ATP or through a third-party solution. For more information, see [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac).
- For other non-Windows devices choose **Onboard non-Windows machines through third-party integration**.
1. In the navigation pane, select **Settings** > **Onboarding**. Make sure the third-party solution is listed.
1. In the navigation pane, select **Interoperability** > **Partners**. Make sure the third-party solution is listed.
2. Select **Linux, macOS, iOS and Android** as the operating system.
2. In the **Partner Applications** tab, select the partner that supports your non-Windows devices.
3. Turn on the third-party solution integration.
3. Select **Open partner page** to open the partner's page. Follow the instructions provided on the page.
4. Click **Generate access token** button and then **Copy**.
5. Youll need to copy and paste the token to the third-party solution youre using. The implementation may vary depending on the solution.
4. After creating an account or subscribing to the partner solution, you should get to a stage where a tenant Global Admin in your organization is asked to accept a permission request from the partner application. Read the permission request carefully to make sure that it is aligned with the service that you require.
>[!WARNING]
>The access token has a limited validity period. If needed, regenerate the token close to the time you need to share it with the third-party solution.
## Follow instructions provided by the third-party tool
After turning on the integration and generating the access token, you'll need to follow the instructions provided by the third-party tool you're using.
For more information, see:
- Bitdefender - Get telemetry from macOS and Linux machines with [Bitdefender antivirus](https://go.microsoft.com/fwlink/?linkid=860032).
- SentinelOne - Get telemetry from macOS and Linux machines with the [SentinelOne agent](https://go.microsoft.com/fwlink/?linkid=866934).
- Ziften - Get telemetry from macOS and Linux machines with the [Ziften agent](https://go.microsoft.com/fwlink/?linkid=862988).
### Run detection test
Create an EICAR test file by saving the string displayed on the portal in an empty text file. Then, introduce the test file to a machine running the third-party antivirus solution.
The file should trigger a detection and a corresponding alert on Windows Defender ATP.
2. Run a detection test by following the instructions of the third-party solution.
## Offboard non-Windows machines
To effectively offboard the machine from the service, you'll need to disable the data push on the third-party portal first then switch the toggle to off in Windows Defender Security Center. The toggle in the portal only blocks the data inbound flow.
To effectively offboard the machine from the service, you'll need to disable the data push on the third-party portal first.
1. Follow the third-party documentation to opt-out on the third-party service side.
2. In the navigation pane, select **Settings** > **Onboarding**.
2. In the navigation pane, select **Settings** > **Offboarding**.
1. For macOS devices, you can choose to offboard through Windows Defender ATP or through a third-party solution. For more information, see [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac#uninstallation).
2. For other non-Windows devices choose **Offboard non-Windows machines by disabling third-party integration**.
3. Turn off the third-party solution integration.
>[!WARNING]
>If you decide to turn on the third-party integration again after disabling the integration, you'll need to regenerate the token and reapply it on machines.
## Related topics
- [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md)