deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-17 15:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into repo_sync_working_branch

Browse Source
This commit is contained in:
Gary Moore 2020-12-17 17:38:48 -08:00 committed by GitHub
commit 4efc0338c9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
24 changed files with 61 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
View File

@ -56,7 +56,7 @@ sections:
> [!NOTE] > [!NOTE]
> TPM 2.0 is not supported in Legacy and CSM Modes of the BIOS. Devices with TPM 2.0 must have their BIOS mode configured as Native UEFI only. The Legacy and Compatibility Support Module (CSM) options must be disabled. For added security Enable the Secure Boot feature. > TPM 2.0 is not supported in Legacy and CSM Modes of the BIOS. Devices with TPM 2.0 must have their BIOS mode configured as Native UEFI only. The Legacy and Compatibility Support Module (CSM) options must be disabled. For added security Enable the Secure Boot feature.
>
> Installed Operating System on hardware in legacy mode will stop the OS from booting when the BIOS mode is changed to UEFI. Use the tool [MBR2GPT](https://docs.microsoft.com/windows/deployment/mbr-to-gpt) before changing the BIOS mode which will prepare the OS and the disk to support UEFI. > Installed Operating System on hardware in legacy mode will stop the OS from booting when the BIOS mode is changed to UEFI. Use the tool [MBR2GPT](https://docs.microsoft.com/windows/deployment/mbr-to-gpt) before changing the BIOS mode which will prepare the OS and the disk to support UEFI.
- question: How can I tell if a TPM is on my computer? - question: How can I tell if a TPM is on my computer?

24
windows/security/threat-protection/microsoft-defender-atp/android-intune.md
View File

@ -29,7 +29,7 @@ ms.topic: conceptual
- [Defender for Endpoint](microsoft-defender-atp-android.md) - [Defender for Endpoint](microsoft-defender-atp-android.md)
This topic describes deploying Defender for Endpoint for Android on Intune Learn how to deploy Defender for Endpoint for Android on Intune
Company Portal enrolled devices. For more information about Intune device enrollment, see [Enroll your Company Portal enrolled devices. For more information about Intune device enrollment, see [Enroll your
device](https://docs.microsoft.com/mem/intune/user-help/enroll-device-android-company-portal). device](https://docs.microsoft.com/mem/intune/user-help/enroll-device-android-company-portal).
@ -44,13 +44,13 @@ device](https://docs.microsoft.com/mem/intune/user-help/enroll-device-android-co
**Deploy Defender for Endpoint for Android on Intune Company Portal - Device **Deploy Defender for Endpoint for Android on Intune Company Portal - Device
Administrator enrolled devices** Administrator enrolled devices**
This topic describes how to deploy Defender for Endpoint for Android on Intune Company Portal - Device Administrator enrolled devices. Learn how to deploy Defender for Endpoint for Android on Intune Company Portal - Device Administrator enrolled devices.
### Add as Android store app ### Add as Android store app
1. In [Microsoft Endpoint Manager admin 1. In [Microsoft Endpoint Manager admin
center](https://go.microsoft.com/fwlink/?linkid=2109431) , go to **Apps** \> center](https://go.microsoft.com/fwlink/?linkid=2109431) , go to **Apps** \>
**Android Apps** \> **Add \> Android store app** and click **Select**. **Android Apps** \> **Add \> Android store app** and choose **Select**.
![Image of Microsoft Endpoint Manager Admin Center](images/mda-addandroidstoreapp.png) ![Image of Microsoft Endpoint Manager Admin Center](images/mda-addandroidstoreapp.png)
@ -60,13 +60,13 @@ center](https://go.microsoft.com/fwlink/?linkid=2109431) , go to **Apps** \>
- **Name** - **Name**
- **Description** - **Description**
- **Publisher** as Microsoft. - **Publisher** as Microsoft.
- **Appstore URL** as https://play.google.com/store/apps/details?id=com.microsoft.scmx (Defender for Endpoint app Google Play Store URL) - **App store URL** as https://play.google.com/store/apps/details?id=com.microsoft.scmx (Defender for Endpoint app Google Play Store URL)
Other fields are optional. Select **Next**. Other fields are optional. Select **Next**.
![Image of Microsoft Endpoint Manager Admin Center](images/mda-addappinfo.png) ![Image of Microsoft Endpoint Manager Admin Center](images/mda-addappinfo.png)
3. In the *Assignments* section, go to the **Required** section and select **Add group.** You can then choose the user group(s) that you would like to target Defender for Endpoint for Android app. Click **Select** and then **Next**. 3. In the *Assignments* section, go to the **Required** section and select **Add group.** You can then choose the user group(s) that you would like to target Defender for Endpoint for Android app. Choose **Select** and then **Next**.
>[!NOTE] >[!NOTE]
>The selected user group should consist of Intune enrolled users. >The selected user group should consist of Intune enrolled users.
@ -111,7 +111,7 @@ Defender for Endpoint for Android supports Android Enterprise enrolled devices.
For more information on the enrollment options supported by Intune, see For more information on the enrollment options supported by Intune, see
[Enrollment Options](https://docs.microsoft.com/mem/intune/enrollment/android-enroll). [Enrollment Options](https://docs.microsoft.com/mem/intune/enrollment/android-enroll).
**Currently, Personally-owned devices with work profile and Corporate-owned fully managed user device enrollments are supported for deployment.** **Currently, Personally owned devices with work profile and Corporate-owned fully managed user device enrollments are supported for deployment.**
@ -141,7 +141,7 @@ select **Approve**.
> ![A screenshot of a Managed Google Play](images/07e6d4119f265037e3b80a20a73b856f.png) > ![A screenshot of a Managed Google Play](images/07e6d4119f265037e3b80a20a73b856f.png)
4. You should now be presented with the permissions that Defender for Endpoint 4. You'll be presented with the permissions that Defender for Endpoint
obtains for it to work. Review them and then select **Approve**. obtains for it to work. Review them and then select **Approve**.
![A screenshot of Defender for Endpoint preview app approval](images/206b3d954f06cc58b3466fb7a0bd9f74.png) ![A screenshot of Defender for Endpoint preview app approval](images/206b3d954f06cc58b3466fb7a0bd9f74.png)
@ -218,7 +218,7 @@ Defender ATP should be visible in the apps list.
1. In the **Review + Create** page that comes up next, review all the information and then select **Create**. <br> 1. In the **Review + Create** page that comes up next, review all the information and then select **Create**. <br>
The app configuration policy for Defender for Endpoint auto-granting the storage permission is now assigned to the selected user group. The app configuration policy for Defender for Endpoint autogranting the storage permission is now assigned to the selected user group.
> [!div class="mx-imgBorder"] > [!div class="mx-imgBorder"]
> ![Image of create app configuration policy](images/android-review-create.png) > ![Image of create app configuration policy](images/android-review-create.png)
@ -244,11 +244,11 @@ above. Then select **Review + Save** and then **Save** again to commence
assignment. assignment.
### Auto Setup of Always-on VPN ### Auto Setup of Always-on VPN
Defender for Endpoint supports Device configuration policies for managed devices via Intune. This capability can be leveraged to **Auto setup of Always-on VPN** on Android Enterprise enrolled devices, so the end user does not need to setup VPN service while onboarding. Defender for Endpoint supports Device configuration policies for managed devices via Intune. This capability can be leveraged to **Auto setup of Always-on VPN** on Android Enterprise enrolled devices, so the end user does not need to set up VPN service while onboarding.
1. On **Devices** Page go to **Configuration Profiles** > **Create Profile** > **Platform** > **Android Enterprise** 1. On **Devices**, select **Configuration Profiles** > **Create Profile** > **Platform** > **Android Enterprise**
Select **Device restrictions** under one of the following, based on your device enrollment type Select **Device restrictions** under one of the following, based on your device enrollment type
- **Fully Managed, Dedicated, and Corporate-Owned Work Profile** - **Fully Managed, Dedicated, and Corporate-Owned Work Profile**
- **Personally-Owned Work Profile** - **Personally owned Work Profile**
Select **Create**. Select **Create**.
@ -292,7 +292,7 @@ displayed here.
> ![Image of device installation status](images/900c0197aa59f9b7abd762ab2b32e80c.png) > ![Image of device installation status](images/900c0197aa59f9b7abd762ab2b32e80c.png)
2. On the device, you can validate the onboarding status by going to the **work profile**. Confirm that Defender for Endpoint is available and that you are enrolled to the **Personally-owned devices with work profile**. If you are enrolled to a **Corporate-owned, fully managed user device**, you will have a single profile on the device where you can confirm that Defender for Endpoint is available. 2. On the device, you can validate the onboarding status by going to the **work profile**. Confirm that Defender for Endpoint is available and that you are enrolled to the **Personally owned devices with work profile**. If you are enrolled to a **Corporate-owned, fully managed user device**, you will have a single profile on the device where you can confirm that Defender for Endpoint is available.
![Image of app in mobile device](images/c2e647fc8fa31c4f2349c76f2497bc0e.png) ![Image of app in mobile device](images/c2e647fc8fa31c4f2349c76f2497bc0e.png)

2
windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
View File

@ -37,7 +37,7 @@ Each section corresponds to a separate article in this solution.
![Image of deployment phases with details from table](images/deployment-guide-phases.png) ![Image of deployment phases with details from table](images/deployment-guide-phases.png)
![Summary of deployment phases: prepare, setup, onboard](/windows/media/phase-diagrams/deployment-phases.png) ![Summary of deployment phases: prepare, setup, onboard](images/phase-diagrams/deployment-phases.png)
|Phase | Description | |Phase | Description |
|:-------|:-----| |:-------|:-----|

BIN
windows/security/threat-protection/microsoft-defender-atp/images/phase-diagrams/deployment-phases.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.6 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/phase-diagrams/migration-phases.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.6 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/phase-diagrams/onboard.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.9 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/phase-diagrams/prepare.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/phase-diagrams/setup.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

1
windows/security/threat-protection/microsoft-defender-atp/live-response.md
View File

@ -293,6 +293,7 @@ Each command is tracked with full details such as:
- Live response sessions are limited to 10 live response sessions at a time. - Live response sessions are limited to 10 live response sessions at a time.
- Large-scale command execution is not supported. - Large-scale command execution is not supported.
- Live response session inactive timeout value is 5 minutes.
- A user can only initiate one session at a time. - A user can only initiate one session at a time.
- A device can only be in one session at a time. - A device can only be in one session at a time.
- The following file size limits apply: - The following file size limits apply:

2
windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md
View File

@ -35,7 +35,7 @@ If you are planning to switch from McAfee Endpoint Security (McAfee) to [Microso
When you switch from McAfee to Microsoft Defender for Endpoint, you follow a process that can be divided into three phases, as described in the following table: When you switch from McAfee to Microsoft Defender for Endpoint, you follow a process that can be divided into three phases, as described in the following table:
![Migration phases - prepare setup onboard](/windows/media/phase-diagrams/migration-phases.png) ![Migration phases - prepare setup onboard](images/phase-diagrams/migration-phases.png)
|Phase |Description | |Phase |Description |

2
windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md
View File

@ -28,7 +28,7 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|[![Phase 1: Prepare](/windows/media/phase-diagrams/prepare.png)](mcafee-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |[![Phase 2: Set up](/windows/media/phase-diagrams/setup.png)](mcafee-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |![Phase 3: Onboard](/windows/media/phase-diagrams/onboard.png)<br/>Phase 3: Onboard | |[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](mcafee-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |[![Phase 2: Set up](images/phase-diagrams/setup.png)](mcafee-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |![Phase 3: Onboard](images/phase-diagrams/onboard.png)<br/>Phase 3: Onboard |
|--|--|--| |--|--|--|
|| |*You are here!* | || |*You are here!* |

2
windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md
View File

@ -29,7 +29,7 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|![Phase 1: Prepare](/windows/media/phase-diagrams/prepare.png)<br/>Phase 1: Prepare |[![Phase 2: Set up](/windows/media/phase-diagrams/setup.png)](mcafee-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |[![Phase 3: Onboard](/windows/media/phase-diagrams/onboard.png)](mcafee-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](mcafee-to-microsoft-defender-onboard.md) | |![Phase 1: Prepare](images/phase-diagrams/prepare.png)<br/>Phase 1: Prepare |[![Phase 2: Set up](images/phase-diagrams/setup.png)](mcafee-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |[![Phase 3: Onboard](images/phase-diagrams/onboard.png)](mcafee-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](mcafee-to-microsoft-defender-onboard.md) |
|--|--|--| |--|--|--|
|*You are here!*| | | |*You are here!*| | |

2
windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md
View File

@ -29,7 +29,7 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|[![Phase 1: Prepare](/windows/media/phase-diagrams/prepare.png)](mcafee-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |![Phase 2: Set up](/windows/media/phase-diagrams/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard](/windows/media/phase-diagrams/onboard.png)](mcafee-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](mcafee-to-microsoft-defender-onboard.md) | |[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](mcafee-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |![Phase 2: Set up](images/phase-diagrams/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard](images/phase-diagrams/onboard.png)](mcafee-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](mcafee-to-microsoft-defender-onboard.md) |
|--|--|--| |--|--|--|
||*You are here!* | | ||*You are here!* | |

2
windows/security/threat-protection/microsoft-defender-atp/onboarding.md
View File

@ -29,7 +29,7 @@ ms.topic: article
Deploying Defender for Endpoint is a three-phase process: Deploying Defender for Endpoint is a three-phase process:
| [![deployment phase - prepare](/windows/media/phase-diagrams/prepare.png)](prepare-deployment.md)<br>[Phase 1: Prepare](prepare-deployment.md) | [![deployment phase - setup](/windows/media/phase-diagrams/setup.png)](production-deployment.md)<br>[Phase 2: Setup](production-deployment.md) | ![deployment phase - onboard](/windows/media/phase-diagrams/onboard.png)<br>Phase 3: Onboard | | [![deployment phase - prepare](images/phase-diagrams/prepare.png)](prepare-deployment.md)<br>[Phase 1: Prepare](prepare-deployment.md) | [![deployment phase - setup](images/phase-diagrams/setup.png)](production-deployment.md)<br>[Phase 2: Setup](production-deployment.md) | ![deployment phase - onboard](images/phase-diagrams/onboard.png)<br>Phase 3: Onboard |
| ----- | ----- | ----- | | ----- | ----- | ----- |
| | |*You are here!*| | | |*You are here!*|

2
windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md
View File

@ -33,7 +33,7 @@ ms.topic: article
Deploying Defender for Endpoint is a three-phase process: Deploying Defender for Endpoint is a three-phase process:
| ![deployment phase - prepare](/windows/media/phase-diagrams/prepare.png)<br>Phase 1: Prepare | [![deployment phase - setup](/windows/media/phase-diagrams/setup.png)](production-deployment.md)<br>[Phase 2: Setup](production-deployment.md) | [![deployment phase - onboard](/windows/media/phase-diagrams/onboard.png)](onboarding.md)<br>[Phase 3: Onboard](onboarding.md) | | ![deployment phase - prepare](images/phase-diagrams/prepare.png)<br>Phase 1: Prepare | [![deployment phase - setup](images/phase-diagrams/setup.png)](production-deployment.md)<br>[Phase 2: Setup](production-deployment.md) | [![deployment phase - onboard](images/phase-diagrams/onboard.png)](onboarding.md)<br>[Phase 3: Onboard](onboarding.md) |
| ----- | ----- | ----- | | ----- | ----- | ----- |
|*You are here!* | || |*You are here!* | ||

2
windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
View File

@ -31,7 +31,7 @@ ms.topic: article
Deploying Defender for Endpoint is a three-phase process: Deploying Defender for Endpoint is a three-phase process:
| [![deployment phase - prepare](/windows/media/phase-diagrams/prepare.png)](prepare-deployment.md)<br>[Phase 1: Prepare](prepare-deployment.md) | ![deployment phase - setup](/windows/media/phase-diagrams/setup.png)<br>Phase 2: Setup | [![deployment phase - onboard](/windows/media/phase-diagrams/onboard.png)](onboarding.md)<br>[Phase 3: Onboard](onboarding.md) | | [![deployment phase - prepare](images/phase-diagrams/prepare.png)](prepare-deployment.md)<br>[Phase 1: Prepare](prepare-deployment.md) | ![deployment phase - setup](images/phase-diagrams/setup.png)<br>Phase 2: Setup | [![deployment phase - onboard](images/phase-diagrams/onboard.png)](onboarding.md)<br>[Phase 3: Onboard](onboarding.md) |
| ----- | ----- | ----- | | ----- | ----- | ----- |
| | *You are here!*|| | | *You are here!*||

2
windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-migration.md
View File

@ -35,7 +35,7 @@ If you are planning to switch from a non-Microsoft endpoint protection solution
When you switch to Microsoft Defender for Endpoint, you follow a process that can be divided into three phases, as described in the following table: When you switch to Microsoft Defender for Endpoint, you follow a process that can be divided into three phases, as described in the following table:
![Migration phases - prepare, setup, onboard](/windows/media/phase-diagrams/migration-phases.png) ![Migration phases - prepare, setup, onboard](images/phase-diagrams/migration-phases.png)
|Phase |Description | |Phase |Description |
|--|--| |--|--|

2
windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-onboard.md
View File

@ -25,7 +25,7 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
# Switch to Microsoft Defender for Endpoint - Phase 3: Onboard # Switch to Microsoft Defender for Endpoint - Phase 3: Onboard
|[![Phase 1: Prepare](/windows/media/phase-diagrams/prepare.png)](switch-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](switch-to-microsoft-defender-prepare.md) |[![Phase 2: Set up](/windows/media/phase-diagrams/setup.png)](switch-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](switch-to-microsoft-defender-setup.md) |![Phase 3: Onboard](/windows/media/phase-diagrams/onboard.png)<br/>Phase 3: Onboard | |[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](switch-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](switch-to-microsoft-defender-prepare.md) |[![Phase 2: Set up](images/phase-diagrams/setup.png)](switch-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](switch-to-microsoft-defender-setup.md) |![Phase 3: Onboard](images/phase-diagrams/onboard.png)<br/>Phase 3: Onboard |
|--|--|--| |--|--|--|
|| |*You are here!* | || |*You are here!* |

2
windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-prepare.md
View File

@ -25,7 +25,7 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
# Switch to Microsoft Defender for Endpoint - Phase 1: Prepare # Switch to Microsoft Defender for Endpoint - Phase 1: Prepare
|![Phase 1: Prepare](/windows/media/phase-diagrams/prepare.png)<br/>Phase 1: Prepare |[![Phase 2: Set up](/windows/media/phase-diagrams/setup.png)](switch-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](switch-to-microsoft-defender-setup.md) |[![Phase 3: Onboard](/windows/media/phase-diagrams/onboard.png)](switch-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](switch-to-microsoft-defender-onboard.md) | |![Phase 1: Prepare](images/phase-diagrams/prepare.png)<br/>Phase 1: Prepare |[![Phase 2: Set up](images/phase-diagrams/setup.png)](switch-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](switch-to-microsoft-defender-setup.md) |[![Phase 3: Onboard](images/phase-diagrams/onboard.png)](switch-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](switch-to-microsoft-defender-onboard.md) |
|--|--|--| |--|--|--|
|*You are here!*| | | |*You are here!*| | |

25
windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-setup.md
View File

@ -25,7 +25,7 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
# Switch to Microsoft Defender for Endpoint - Phase 2: Setup # Switch to Microsoft Defender for Endpoint - Phase 2: Setup
|[![Phase 1: Prepare](/windows/media/phase-diagrams/prepare.png)](switch-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](switch-to-microsoft-defender-prepare.md) |![Phase 2: Set up](/windows/media/phase-diagrams/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard](/windows/media/phase-diagrams/onboard.png)](switch-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](switch-to-microsoft-defender-onboard.md) | |[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](switch-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](switch-to-microsoft-defender-prepare.md) |![Phase 2: Set up](images/phase-diagrams/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard](images/phase-diagrams/onboard.png)](switch-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](switch-to-microsoft-defender-onboard.md) |
|--|--|--| |--|--|--|
||*You are here!* | | ||*You are here!* | |
@ -87,11 +87,11 @@ The [DisableAntiSpyware](https://docs.microsoft.com/windows-hardware/customize/d
`Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender` <br/> `Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender` <br/>
> [!NOTE] > [!NOTE]
> When using the DISM command within a task sequence running PS, the following path to cmd.exe is required. > When using the DISM command within a task sequence running PS, the following path to cmd.exe is required.
> Example:<br/> > Example:<br/>
> `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender-Features`<br/> > `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender-Features`<br/>
> `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender`<br/> > `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender`<br/>
3. To verify Microsoft Defender Antivirus is running, use the following PowerShell cmdlet: <br/> 3. To verify Microsoft Defender Antivirus is running, use the following PowerShell cmdlet: <br/>
@ -227,12 +227,13 @@ To use CMPivot to get your file hash, follow these steps:
6. In the query box, type the following query:<br/> 6. In the query box, type the following query:<br/>
```kusto ```kusto
File(c:\\windows\\notepad.exe) File(c:\\windows\\notepad.exe)
| project Hash | project Hash
``` ```
> [!NOTE]
> In the query above, replace *notepad.exe* with the your third-party security product process name. > [!NOTE]
> In the query above, replace *notepad.exe* with the your third-party security product process name.
## Set up your device groups, device collections, and organizational units ## Set up your device groups, device collections, and organizational units

2
windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-migration.md
View File

@ -35,7 +35,7 @@ If you are planning to switch from Symantec Endpoint Protection (Symantec) to [M
When you switch from Symantec to Microsoft Defender for Endpoint, you follow a process that can be divided into three phases, as described in the following table: When you switch from Symantec to Microsoft Defender for Endpoint, you follow a process that can be divided into three phases, as described in the following table:
![Migration phases - prepare, setup, onboard](/windows/media/phase-diagrams/migration-phases.png) ![Migration phases - prepare, setup, onboard](images/phase-diagrams/migration-phases.png)
|Phase |Description | |Phase |Description |
|--|--| |--|--|

2
windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-onboard.md
View File

@ -28,7 +28,7 @@ ms.reviewer: depicker, yongrhee, chriggs
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|[![Phase 1: Prepare](/windows/media/phase-diagrams/prepare.png)](symantec-to-microsoft-defender-atp-prepare.md)<br/>[Phase 1: Prepare](symantec-to-microsoft-defender-atp-prepare.md) |[![Phase 2: Set up](/windows/media/phase-diagrams/setup.png)](symantec-to-microsoft-defender-atp-setup.md)<br/>[Phase 2: Set up](symantec-to-microsoft-defender-atp-setup.md) |![Phase 3: Onboard](/windows/media/phase-diagrams/onboard.png)<br/>Phase 3: Onboard | |[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](symantec-to-microsoft-defender-atp-prepare.md)<br/>[Phase 1: Prepare](symantec-to-microsoft-defender-atp-prepare.md) |[![Phase 2: Set up](images/phase-diagrams/setup.png)](symantec-to-microsoft-defender-atp-setup.md)<br/>[Phase 2: Set up](symantec-to-microsoft-defender-atp-setup.md) |![Phase 3: Onboard](images/phase-diagrams/onboard.png)<br/>Phase 3: Onboard |
|--|--|--| |--|--|--|
|| |*You are here!* | || |*You are here!* |

2
windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-prepare.md
View File

@ -28,7 +28,7 @@ ms.reviewer: depicker, yongrhee, chriggs
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|![Phase 1: Prepare](/windows/media/phase-diagrams/prepare.png)<br/>Phase 1: Prepare |[![Phase 2: Set up](/windows/media/phase-diagrams/setup.png)](symantec-to-microsoft-defender-atp-setup.md)<br/>[Phase 2: Set up](symantec-to-microsoft-defender-atp-setup.md) |[![Phase 3: Onboard](/windows/media/phase-diagrams/onboard.png)](symantec-to-microsoft-defender-atp-onboard.md)<br/>[Phase 3: Onboard](symantec-to-microsoft-defender-atp-onboard.md) | |![Phase 1: Prepare](images/phase-diagrams/prepare.png)<br/>Phase 1: Prepare |[![Phase 2: Set up](images/phase-diagrams/setup.png)](symantec-to-microsoft-defender-atp-setup.md)<br/>[Phase 2: Set up](symantec-to-microsoft-defender-atp-setup.md) |[![Phase 3: Onboard](images/phase-diagrams/onboard.png)](symantec-to-microsoft-defender-atp-onboard.md)<br/>[Phase 3: Onboard](symantec-to-microsoft-defender-atp-onboard.md) |
|--|--|--| |--|--|--|
|*You are here!*| | | |*You are here!*| | |

35
windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-setup.md
View File

@ -28,7 +28,7 @@ ms.reviewer: depicker, yongrhee, chriggs
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|[![Phase 1: Prepare](/windows/media/phase-diagrams/prepare.png)](symantec-to-microsoft-defender-atp-prepare.md)<br/>[Phase 1: Prepare](symantec-to-microsoft-defender-atp-prepare.md) |![Phase 2: Set up](/windows/media/phase-diagrams/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard](/windows/media/phase-diagrams/onboard.png)](symantec-to-microsoft-defender-atp-onboard.md)<br/>[Phase 3: Onboard](symantec-to-microsoft-defender-atp-onboard.md) | |[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](symantec-to-microsoft-defender-atp-prepare.md)<br/>[Phase 1: Prepare](symantec-to-microsoft-defender-atp-prepare.md) |![Phase 2: Set up](images/phase-diagrams/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard](images/phase-diagrams/onboard.png)](symantec-to-microsoft-defender-atp-onboard.md)<br/>[Phase 3: Onboard](symantec-to-microsoft-defender-atp-onboard.md) |
|--|--|--| |--|--|--|
||*You are here!* | | ||*You are here!* | |
@ -64,15 +64,16 @@ Now that you're moving from Symantec to Microsoft Defender for Endpoint, you'll
1. As a local administrator on the endpoint or device, open Windows PowerShell. 1. As a local administrator on the endpoint or device, open Windows PowerShell.
2. Run the following PowerShell cmdlets: <br/> 2. Run the following PowerShell cmdlets:
`Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender-Features` <br/>
`Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender` <br/>
> [!NOTE] `Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender-Features` <br/>
> When using the DISM command within a task sequence running PS, the following path to cmd.exe is required. `Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender`
> Example:<br/>
> `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender-Features`<br/> > [!NOTE]
> `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender`<br/> > When using the DISM command within a task sequence running PS, the following path to cmd.exe is required.
> Example:<br/>
> `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender-Features`<br/>
> `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender`<br/>
3. To verify Microsoft Defender Antivirus is running, use the following PowerShell cmdlet: <br/> 3. To verify Microsoft Defender Antivirus is running, use the following PowerShell cmdlet: <br/>
`Get-Service -Name windefend` `Get-Service -Name windefend`
@ -174,10 +175,12 @@ To add exclusions to Microsoft Defender for Endpoint, you create [indicators](ht
3. On the **File hashes** tab, choose **Add indicator**. 3. On the **File hashes** tab, choose **Add indicator**.
3. On the **Indicator** tab, specify the following settings: 3. On the **Indicator** tab, specify the following settings:
- File hash (Need help? See [Find a file hash using CMPivot](#find-a-file-hash-using-cmpivot) in this article.) - File hash (Need help? See [Find a file hash using CMPivot](#find-a-file-hash-using-cmpivot) in this article.)
- Under **Expires on (UTC)**, choose **Never**. - Under **Expires on (UTC)**, choose **Never**.
4. On the **Action** tab, specify the following settings: 4. On the **Action** tab, specify the following settings:
- **Response Action**: **Allow** - **Response Action**: **Allow**
- Title and description - Title and description
@ -203,12 +206,14 @@ To use CMPivot to get your file hash, follow these steps:
6. In the query box, type the following query:<br/> 6. In the query box, type the following query:<br/>
```kusto ```kusto
File(c:\\windows\\notepad.exe) File(c:\\windows\\notepad.exe)
| project Hash | project Hash
``` ```
> [!NOTE]
> In the query above, replace *notepad.exe* with the your third-party security product process name. > [!NOTE]
> In the query above, replace *notepad.exe* with the your third-party security product process name.
## Set up your device groups, device collections, and organizational units ## Set up your device groups, device collections, and organizational units