mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-18 00:07:23 +00:00
Various corrections to layout
Second-level list items often do not correctly get a hanging indentation unless automatic number (1, 1, 1) is used. When a list is not sequential, it should use bullets not a number/letter sequence.
This commit is contained in:
Gary Moore
parent
114959efee
commit
867d8bd2bc
@ -34,7 +34,7 @@ ms.technology: mde
|
||||
|
||||
> [!NOTE]
|
||||
> To use Group Policy (GP) updates to deploy the package, you must be on Windows Server 2008 R2 or later.
|
||||
|
||||
>
|
||||
> For Windows Server 2019, you may need to replace NT AUTHORITY\Well-Known-System-Account with NT AUTHORITY\SYSTEM of the XML file that the Group Policy preference creates.
|
||||
|
||||
## Onboard devices using Group Policy
|
||||
@ -48,13 +48,13 @@ Check out the [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/publ
|
||||
|
||||
1. Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
|
||||
|
||||
a. In the navigation pane, select **Settings** > **Onboarding**.
|
||||
1. In the navigation pane, select **Settings** > **Onboarding**.
|
||||
|
||||
b. Select Windows 10 as the operating system.
|
||||
1. Select Windows 10 as the operating system.
|
||||
|
||||
c. In the **Deployment method** field, select **Group policy**.
|
||||
1. In the **Deployment method** field, select **Group policy**.
|
||||
|
||||
d. Click **Download package** and save the .zip file.
|
||||
1. Click **Download package** and save the .zip file.
|
||||
|
||||
2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the device. You should have a folder called *OptionalParamsPolicy* and the file *WindowsDefenderATPOnboardingScript.cmd*.
|
||||
|
||||
@ -84,16 +84,16 @@ You can use Group Policy (GP) to configure settings, such as settings for the sa
|
||||
1. On your GP management device, copy the following files from the
|
||||
configuration package:
|
||||
|
||||
a. Copy _AtpConfiguration.admx_ into _C:\\Windows\\PolicyDefinitions_
|
||||
- Copy _AtpConfiguration.admx_ into _C:\\Windows\\PolicyDefinitions_
|
||||
|
||||
b. Copy _AtpConfiguration.adml_ into _C:\\Windows\\PolicyDefinitions\\en-US_
|
||||
- Copy _AtpConfiguration.adml_ into _C:\\Windows\\PolicyDefinitions\\en-US_
|
||||
|
||||
If you are using a [Central Store for Group Policy Administrative Templates](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra), copy the following files from the
|
||||
configuration package:
|
||||
|
||||
a. Copy _AtpConfiguration.admx_ into _\\\\\<forest.root\>\\SysVol\\\<forest.root\>\\Policies\\PolicyDefinitions_
|
||||
- Copy _AtpConfiguration.admx_ into _\\\\\<forest.root\>\\SysVol\\\<forest.root\>\\Policies\\PolicyDefinitions_
|
||||
|
||||
b. Copy _AtpConfiguration.adml_ into _\\\\\<forest.root\>\\SysVol\\\<forest.root\>\\Policies\\PolicyDefinitions\\en-US_
|
||||
- Copy _AtpConfiguration.adml_ into _\\\\\<forest.root\>\\SysVol\\\<forest.root\>\\Policies\\PolicyDefinitions\\en-US_
|
||||
|
||||
2. Open the [Group Policy Management Console](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11), right-click the GPO you want to configure and click **Edit**.
|
||||
|
||||
@ -123,13 +123,14 @@ Policy | Setting
|
||||
:---|:---
|
||||
Enable\Disable Sample collection| Enabled - "Enable sample collection on machines" checked
|
||||
|
||||
|
||||
<br/>
|
||||
**Policy location:** \Windows Components\Windows Defender Antivirus
|
||||
|
||||
Policy | Setting
|
||||
:---|:---
|
||||
Configure detection for potentially unwanted applications | Enabled, Block
|
||||
|
||||
<br/>
|
||||
**Policy location:** \Windows Components\Windows Defender Antivirus\MAPS
|
||||
|
||||
Policy | Setting
|
||||
@ -137,6 +138,7 @@ Policy | Setting
|
||||
Join Microsoft MAPS | Enabled, Advanced MAPS
|
||||
Send file samples when further analysis is required | Enabled, Send safe samples
|
||||
|
||||
<br/>
|
||||
**Policy location:** \Windows Components\Windows Defender Antivirus\Real-time Protection
|
||||
|
||||
Policy | Setting
|
||||
@ -146,7 +148,7 @@ Turn on behavior monitoring|Enabled
|
||||
Scan all downloaded files and attachments|Enabled
|
||||
Monitor file and program activity on your computer|Enabled
|
||||
|
||||
|
||||
<br/>
|
||||
**Policy location:** \Windows Components\Windows Defender Antivirus\Scan
|
||||
|
||||
These settings configure periodic scans of the endpoint. We recommend performing a weekly quick scan, performance permitting.
|
||||
@ -156,15 +158,17 @@ Policy | Setting
|
||||
Check for the latest virus and spyware security intelligence before running a scheduled scan |Enabled
|
||||
|
||||
|
||||
|
||||
**Policy location:** \Windows Components\Windows Defender Antivirus\Windows Defender Exploit Guard\Attack Surface Reduction
|
||||
<br/>**Policy location:** \Windows Components\Windows Defender Antivirus\Windows Defender Exploit Guard\Attack Surface Reduction
|
||||
|
||||
Get the current list of attack surface reduction GUIDs from [Customize attack surface reduction rules](customize-attack-surface-reduction.md)
|
||||
|
||||
1. Open the **Configure Attack Surface Reduction** policy.
|
||||
2. Select **Enabled**.
|
||||
3. Select the **Show…** button.
|
||||
4. Add each GUID in the **Value Name** field with a Value of 2.
|
||||
|
||||
1. Select **Enabled**.
|
||||
|
||||
1. Select the **Show** button.
|
||||
|
||||
1. Add each GUID in the **Value Name** field with a Value of 2.
|
||||
|
||||
This will set each up for audit only.
|
||||
|
||||
@ -186,13 +190,13 @@ For security reasons, the package used to Offboard devices will expire 30 days a
|
||||
|
||||
1. Get the offboarding package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
|
||||
|
||||
a. In the navigation pane, select **Settings** > **Offboarding**.
|
||||
1. In the navigation pane, select **Settings** > **Offboarding**.
|
||||
|
||||
b. Select Windows 10 as the operating system.
|
||||
1. Select Windows 10 as the operating system.
|
||||
|
||||
c. In the **Deployment method** field, select **Group policy**.
|
||||
1. In the **Deployment method** field, select **Group policy**.
|
||||
|
||||
d. Click **Download package** and save the .zip file.
|
||||
1. Click **Download package** and save the .zip file.
|
||||
|
||||
2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the device. You should have a file named *WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd*.
|
||||
|
||||
@ -218,6 +222,7 @@ For security reasons, the package used to Offboard devices will expire 30 days a
|
||||
With Group Policy there isn’t an option to monitor deployment of policies on the devices. Monitoring can be done directly on the portal, or by using the different deployment tools.
|
||||
|
||||
## Monitor devices using the portal
|
||||
|
||||
1. Go to [Microsoft Defender Security Center](https://securitycenter.windows.com/).
|
||||
2. Click **Devices list**.
|
||||
3. Verify that devices are appearing.
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user