deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-18 08:17:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

migration guide updates

Browse Source
This commit is contained in:
Denise Vangel-MSFT 2021-02-11 16:09:44 -08:00
parent d2c1149d25
commit 55350263e3
2 changed files with 4 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-setup.md
View File

@ -200,6 +200,7 @@ To use CMPivot to get your file hash, follow these steps:
4. Select the **Query** tab. 4. Select the **Query** tab.
5. In the **Device Collection** list, and choose **All Systems (default)**. 5. In the **Device Collection** list, and choose **All Systems (default)**.
6. In the query box, type the following query:<br/> 6. In the query box, type the following query:<br/>
```kusto ```kusto
File(c:\\windows\\notepad.exe) File(c:\\windows\\notepad.exe)
| project Hash | project Hash
@ -219,9 +220,7 @@ To use CMPivot to get your file hash, follow these steps:
## Configure antimalware policies and real-time protection ## Configure antimalware policies and real-time protection
Using Configuration Manager and your device collection(s), configure your antimalware policies. Using Configuration Manager and your device collection(s), configure your antimalware policies.
- See [Create and deploy antimalware policies for Endpoint Protection in Configuration Manager](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-antimalware-policies). - See [Create and deploy antimalware policies for Endpoint Protection in Configuration Manager](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-antimalware-policies).
- While you create and configure your antimalware policies, make sure to review the [real-time protection settings](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-antimalware-policies#real-time-protection-settings) and [enable block at first sight](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus). - While you create and configure your antimalware policies, make sure to review the [real-time protection settings](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-antimalware-policies#real-time-protection-settings) and [enable block at first sight](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus).
> [!TIP] > [!TIP]

13
windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-onboard.md
View File

@ -40,11 +40,8 @@ ms.reviewer: depicker, yongrhee, chriggs
## Onboard devices to Microsoft Defender for Endpoint ## Onboard devices to Microsoft Defender for Endpoint
1. Go to the Microsoft Defender Security Center ([https://aka.ms/MDATPportal](https://aka.ms/MDATPportal)) and sign in. 1. Go to the Microsoft Defender Security Center ([https://aka.ms/MDATPportal](https://aka.ms/MDATPportal)) and sign in.
2. Choose **Settings** > **Device management** > **Onboarding**. 2. Choose **Settings** > **Device management** > **Onboarding**.
3. In the **Select operating system to start onboarding process** list, select an operating system. 3. In the **Select operating system to start onboarding process** list, select an operating system.
4. Under **Deployment method**, select an option. Follow the links and prompts to onboard your organization's devices. Need help? See [Onboarding methods](#onboarding-methods) (in this article). 4. Under **Deployment method**, select an option. Follow the links and prompts to onboard your organization's devices. Need help? See [Onboarding methods](#onboarding-methods) (in this article).
### Onboarding methods ### Onboarding methods
@ -63,7 +60,6 @@ Deployment methods vary, depending on which operating system is selected. Refer
To verify that your onboarded devices are properly connected to Microsoft Defender for Endpoint, you can run a detection test. To verify that your onboarded devices are properly connected to Microsoft Defender for Endpoint, you can run a detection test.
|Operating system |Guidance | |Operating system |Guidance |
|---------|---------| |---------|---------|
|- Windows 10 <br/>- Windows Server 2019 <br/>- Windows Server, version 1803 <br/>- Windows Server 2016 <br/>- Windows Server 2012 R2 |See [Run a detection test](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/run-detection-test). <br/><br/>Visit the Microsoft Defender for Endpoint demo scenarios site ([https://demo.wd.microsoft.com](https://demo.wd.microsoft.com)) and try one or more of the scenarios. For example, try the **Cloud-delivered protection** demo scenario. | |- Windows 10 <br/>- Windows Server 2019 <br/>- Windows Server, version 1803 <br/>- Windows Server 2016 <br/>- Windows Server 2012 R2 |See [Run a detection test](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/run-detection-test). <br/><br/>Visit the Microsoft Defender for Endpoint demo scenarios site ([https://demo.wd.microsoft.com](https://demo.wd.microsoft.com)) and try one or more of the scenarios. For example, try the **Cloud-delivered protection** demo scenario. |
@ -75,12 +71,11 @@ To verify that your onboarded devices are properly connected to Microsoft Defend
Now that you have onboarded your organization's devices to Microsoft Defender for Endpoint, your next step is to uninstall Symantec. Now that you have onboarded your organization's devices to Microsoft Defender for Endpoint, your next step is to uninstall Symantec.
1. [Disable Tamper Protection](https://knowledge.broadcom.com/external/article?legacyId=tech192023) in Symantec. 1. [Disable Tamper Protection](https://knowledge.broadcom.com/external/article?legacyId=tech192023) in Symantec.
2. Delete the uninstall password for Symantec:<br/>
2. Delete the uninstall password for Symantec:
1. On your Windows devices, open Registry Editor as an administrator. 1. On your Windows devices, open Registry Editor as an administrator.
2. Go to `HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC`. 2. Go to `HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC`.
3. Look for an entry named **SmcInstData**. Right-click the item, and then choose **Delete**. 3. Look for an entry named **SmcInstData**.
4. Right-click the item, and then choose **Delete**.
3. Remove Symantec from your devices. If you need help with this, see Broadcom's documentation. Here are a few Broadcom resources: 3. Remove Symantec from your devices. If you need help with this, see Broadcom's documentation. Here are a few Broadcom resources:
- [Uninstall Symantec Endpoint Protection](https://knowledge.broadcom.com/external/article/156148/uninstall-symantec-endpoint-protection.html) - [Uninstall Symantec Endpoint Protection](https://knowledge.broadcom.com/external/article/156148/uninstall-symantec-endpoint-protection.html)
- Windows devices: [Manually uninstall Endpoint Protection 14 clients on Windows](https://knowledge.broadcom.com/external/article?articleId=170040) - Windows devices: [Manually uninstall Endpoint Protection 14 clients on Windows](https://knowledge.broadcom.com/external/article?articleId=170040)
@ -99,7 +94,5 @@ To do this, visit the Microsoft Defender for Endpoint demo scenarios site ([http
## Next steps ## Next steps
**Congratulations**! You have completed your [migration from Symantec to Microsoft Defender for Endpoint](symantec-to-microsoft-defender-atp-migration.md#the-migration-process)! **Congratulations**! You have completed your [migration from Symantec to Microsoft Defender for Endpoint](symantec-to-microsoft-defender-atp-migration.md#the-migration-process)!
- [Visit your security operations dashboard](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard) in the Microsoft Defender Security Center ([https://aka.ms/MDATPportal](https://aka.ms/MDATPportal)). - [Visit your security operations dashboard](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard) in the Microsoft Defender Security Center ([https://aka.ms/MDATPportal](https://aka.ms/MDATPportal)).
- [Manage Microsoft Defender for Endpoint, post migration](manage-atp-post-migration.md). - [Manage Microsoft Defender for Endpoint, post migration](manage-atp-post-migration.md).