mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 13:27:23 +00:00
updates to non windows onboarding
This commit is contained in:
Joey Caparas
parent
d0cff85f59
commit
47e6746cd4
1
it-client
Submodule
1
it-client
Submodule
@ -0,0 +1 @@
|
||||
Subproject commit 61e0a21977430f3c0eef1c32e398999dc090c332
|
||||
@ -28,57 +28,44 @@ ms.topic: article
|
||||
|
||||
|
||||
|
||||
Windows Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Windows Defender Security Center and better protect your organization's network. This experience leverages on a third-party security products’ sensor data.
|
||||
Windows Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Windows Defender Security Center and better protect your organization's network.
|
||||
|
||||
You'll need to know the exact Linux distros and macOS versions that are compatible with Windows Defender ATP for the integration to work.
|
||||
|
||||
|
||||
|
||||
## Onboarding non-Windows machines
|
||||
You'll need to take the following steps to onboard non-Windows machines:
|
||||
1. Turn on third-party integration.
|
||||
2. Follow instructions provided by the third-party tool.
|
||||
3. Run a detection test.
|
||||
1. Select your preferred method of onboarding:
|
||||
|
||||
## Turn on third-party integration
|
||||
- For macOS devices, you can choose to onboard through Windows Defender ATP or through a third-party solution. For more information, see [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac).
|
||||
- For other non-Windows devices choose **Onboard non-Windows machines through third-party integration**.
|
||||
|
||||
1. In the navigation pane, select **Interoperability** > **Partners**. Make sure the third-party solution is listed.
|
||||
|
||||
1. In the navigation pane, select **Settings** > **Onboarding**. Make sure the third-party solution is listed.
|
||||
2. In the **Partner Applications** tab, select the partner that supports your non-Windows devices.
|
||||
|
||||
2. Select **Linux, macOS, iOS and Android** as the operating system.
|
||||
3. Select **Open partner page** to open the partner's page. Follow the instructions provided on the page.
|
||||
|
||||
3. Turn on the third-party solution integration.
|
||||
4. After creating an account or subscribing to the partner solution, you should get to a stage where a tenant Global Admin in your organization is asked to accept a permission request from the partner application. Read the permission request carefully to make sure that it is aligned with the service that you require.
|
||||
|
||||
4. Click **Generate access token** button and then **Copy**.
|
||||
|
||||
5. You’ll need to copy and paste the token to the third-party solution you’re using. The implementation may vary depending on the solution.
|
||||
|
||||
|
||||
>[!WARNING]
|
||||
>The access token has a limited validity period. If needed, regenerate the token close to the time you need to share it with the third-party solution.
|
||||
|
||||
## Follow instructions provided by the third-party tool
|
||||
After turning on the integration and generating the access token, you'll need to follow the instructions provided by the third-party tool you're using.
|
||||
|
||||
For more information, see:
|
||||
|
||||
- Bitdefender - Get telemetry from macOS and Linux machines with [Bitdefender antivirus](https://go.microsoft.com/fwlink/?linkid=860032).
|
||||
- SentinelOne - Get telemetry from macOS and Linux machines with the [SentinelOne agent](https://go.microsoft.com/fwlink/?linkid=866934).
|
||||
- Ziften - Get telemetry from macOS and Linux machines with the [Ziften agent](https://go.microsoft.com/fwlink/?linkid=862988).
|
||||
|
||||
### Run detection test
|
||||
Create an EICAR test file by saving the string displayed on the portal in an empty text file. Then, introduce the test file to a machine running the third-party antivirus solution.
|
||||
|
||||
The file should trigger a detection and a corresponding alert on Windows Defender ATP.
|
||||
|
||||
2. Run a detection test by following the instructions of the third-party solution.
|
||||
|
||||
## Offboard non-Windows machines
|
||||
To effectively offboard the machine from the service, you'll need to disable the data push on the third-party portal first then switch the toggle to off in Windows Defender Security Center. The toggle in the portal only blocks the data inbound flow.
|
||||
To effectively offboard the machine from the service, you'll need to disable the data push on the third-party portal first.
|
||||
|
||||
|
||||
1. Follow the third-party documentation to opt-out on the third-party service side.
|
||||
|
||||
2. In the navigation pane, select **Settings** > **Onboarding**.
|
||||
2. In the navigation pane, select **Settings** > **Offboarding**.
|
||||
1. For macOS devices, you can choose to offboard through Windows Defender ATP or through a third-party solution. For more information, see [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac#uninstallation).
|
||||
|
||||
2. For other non-Windows devices choose **Offboard non-Windows machines by disabling third-party integration**.
|
||||
|
||||
|
||||
|
||||
3. Turn off the third-party solution integration.
|
||||
|
||||
>[!WARNING]
|
||||
>If you decide to turn on the third-party integration again after disabling the integration, you'll need to regenerate the token and reapply it on machines.
|
||||
|
||||
## Related topics
|
||||
- [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user