mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-17 15:57:23 +00:00
Update migrate-symantec-to-microsoft-defender-atp.md
This commit is contained in:
Denise Vangel-MSFT
parent
fd2f947df6
commit
5b854741c0
@ -69,20 +69,75 @@ To get started, you must have Microsoft Defender ATP with licenses assigned and
|
|||||||
|
|
||||||
## Step 2: Grant access to the Microsoft Defender Security Center
|
## Step 2: Grant access to the Microsoft Defender Security Center
|
||||||
|
|
||||||
The Microsoft Defender Security Center ([https://securitycenter.windows.com/](https://securitycenter.windows.com/)), also referred to as the Microsoft Defender ATP portal, is where you can access the features and capabilities of Microsoft Defender ATP. [Get an overview of the Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/use).
|
The Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)), also referred to as the Microsoft Defender ATP portal, is where you can access the features and capabilities of Microsoft Defender ATP. [Get an overview of the Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/use).
|
||||||
|
|
||||||
Permissions to the Microsoft Defender Security Center can be granted using either basic permissions or role-based access control (RBAC). We recommend using RBAC so that you have more granular control over permissions.
|
Permissions to the Microsoft Defender Security Center can be granted by using either basic permissions or role-based access control (RBAC). We recommend using RBAC so that you have more granular control over permissions.
|
||||||
|
|
||||||
1. Plan roles and permissions. See [Role-based access control](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment#role-based-access-control).
|
1. Plan the roles and permissions for your security administrators and security operators. See [Role-based access control](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment#role-based-access-control).
|
||||||
|
|
||||||
2. RBAC can be set up and configured using one of several different methods. We recommend using [Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune), especially if your organization is using Windows 10, macOS, iOS, and Android devices. See [setting up RBAC using Intune](https://docs.microsoft.com/mem/intune/fundamentals/role-based-access-control).
|
2. Set up and configure RBAC. You can choose from one of several different methods. We recommend using [Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune), especially if your organization is using Windows 10, macOS, iOS, and Android devices. See [setting up RBAC using Intune](https://docs.microsoft.com/mem/intune/fundamentals/role-based-access-control).
|
||||||
|
|
||||||
Depending on your organization's needs, you can another method, such as [Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/servers/deploy/configure/configure-role-based-administration), [Advanced Group Policy Management](https://docs.microsoft.com/microsoft-desktop-optimization-pack/agpm), or the [Windows Admin Center](https://docs.microsoft.com/windows-server/manage/windows-admin-center/overview).
|
Depending on your organization's needs, you can use a different method, such as one of the following:
|
||||||
|
|
||||||
|
- [Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/servers/deploy/configure/configure-role-based-administration)
|
||||||
|
|
||||||
|
- [Advanced Group Policy Management](https://docs.microsoft.com/microsoft-desktop-optimization-pack/agpm)
|
||||||
|
|
||||||
|
- [Windows Admin Center](https://docs.microsoft.com/windows-server/manage/windows-admin-center/overview)
|
||||||
|
|
||||||
3. After your roles are defined and RBAC is set up, grant access to the Microsoft Defender Security Center. See [Manage portal access using RBAC](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/rbac).
|
3. After your roles are defined and RBAC is set up, grant access to the Microsoft Defender Security Center. See [Manage portal access using RBAC](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/rbac).
|
||||||
|
|
||||||
## Step 3: Configure device proxy and internet connectivity settings
|
## Step 3: Configure device proxy and internet connectivity settings
|
||||||
|
|
||||||
|
|
|
||||||
|
For MDATP (EDR):
|
||||||
|
Windows:
|
||||||
|
Windows 10, Windows Server 1803 and Windows Server 2019:
|
||||||
|
Configure machine proxy and Internet connectivity settings
|
||||||
|
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet
|
||||||
|
|
||||||
|
Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016:
|
||||||
|
Configure proxy and Internet connectivity settings
|
||||||
|
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel#configure-proxy-and-internet-connectivity-settings
|
||||||
|
Enable access to Microsoft Defender ATP service URLs in the proxy server
|
||||||
|
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server
|
||||||
|
|
||||||
|
macOS:
|
||||||
|
Network connections -- Microsoft Defender Advanced Threat Protection for Mac
|
||||||
|
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac#network-connections
|
||||||
|
|
||||||
|
Linux:
|
||||||
|
EDR Endpoints:
|
||||||
|
https://winatp-gw-cus.microsoft.com/
|
||||||
|
https://winatp-gw-eus.microsoft.com/
|
||||||
|
https://winatp-gw-weu.microsoft.com/
|
||||||
|
https://winatp-gw-neu.microsoft.com/
|
||||||
|
https://winatp-gw-ukw.microsoft.com/
|
||||||
|
https://winatp-gw-uks.microsoft.com/
|
||||||
|
https://us4-v20.events.data.microsoft.com/
|
||||||
|
https://us5-v20.events.data.microsoft.com/
|
||||||
|
https://eu-v20.events.data.microsoft.com/
|
||||||
|
https://us-v20.events.data.microsoft.com/
|
||||||
|
https://au-v20.events.data.microsoft.com/
|
||||||
|
https://uk-v20.events.data.microsoft.com/
|
||||||
|
https://de-v20.events.data.microsoft.com/
|
||||||
|
https://v20.events.data.microsoft.com/
|
||||||
|
For MDAV/SCEP:
|
||||||
|
Windows:
|
||||||
|
Allow connections to the Windows Defender Antivirus cloud service (Proxy and/or Firewall)
|
||||||
|
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud-service
|
||||||
|
Important changes to Microsoft Active Protection Service (MAPS) endpoint
|
||||||
|
https://techcommunity.microsoft.com/t5/configuration-manager-archive/important-changes-to-microsoft-active-protection-service-maps/ba-p/274006
|
||||||
|
macOS:
|
||||||
|
Network connections -- Microsoft Defender Advanced Threat Protection for Mac
|
||||||
|
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac#network-connections
|
||||||
|
|
||||||
|
Linux:
|
||||||
|
AV Endpoints
|
||||||
|
https://cdn.x.cp.wd.microsoft.com/
|
||||||
|
https://eu-cdn.x.cp.wd.microsoft.com/
|
||||||
|
https://wu-cdn.x.cp.wd.microsoft.com/
|
||||||
|
https://x.cp.wd.microsoft.com/api/
|
||||||
|
|
||||||
|
|
||||||
## Step 4: Set Microsoft Defender ATP to passive mode
|
## Step 4: Set Microsoft Defender ATP to passive mode
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user