From 89ff7cf3c9dbf275dda5ffb77f0b3cbeea5e652a Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 22 Sep 2020 13:12:33 -0700 Subject: [PATCH] Update symantec-to-microsoft-defender-atp-setup.md --- ...ymantec-to-microsoft-defender-atp-setup.md | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-setup.md b/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-setup.md index c0601a22de..a1ad76e0b1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-setup.md +++ b/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-setup.md @@ -1,6 +1,6 @@ --- -title: Symantec to Microsoft Defender ATP - Phase 2, Setting Up -description: This is Phase 2, Setup, of migrating from Symantec to Microsoft Defender ATP +title: Symantec to Microsoft Defender for Endpoint - Phase 2, Setting Up +description: This is Phase 2, Setup, of migrating from Symantec to Microsoft Defender for Endpoint keywords: migration, windows defender advanced threat protection, atp, edr search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -22,7 +22,7 @@ ms.custom: migrationguides ms.reviewer: depicker, yongrhee, chriggs --- -# Migrate from Symantec - Phase 2: Set up Microsoft Defender ATP +# Migrate from Symantec - Phase 2: Set up Microsoft Defender for Endpoint [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] @@ -32,12 +32,12 @@ ms.reviewer: depicker, yongrhee, chriggs ||*You are here!* | | -**Welcome to the Setup phase of [migrating from Symantec to Microsoft Defender ATP](symantec-to-microsoft-defender-atp-migration.md#the-migration-process)**. This phase includes the following steps: +**Welcome to the Setup phase of [migrating from Symantec to Microsoft Defender for Endpoint](symantec-to-microsoft-defender-atp-migration.md#the-migration-process)**. This phase includes the following steps: 1. [Enable or reinstall Microsoft Defender Antivirus (for certain versions of Windows)](#enable-or-reinstall-microsoft-defender-antivirus-for-certain-versions-of-windows). 2. [Enable Microsoft Defender Antivirus](#enable-microsoft-defender-antivirus). -3. [Add Microsoft Defender ATP to the exclusion list for Symantec](#add-microsoft-defender-atp-to-the-exclusion-list-for-symantec). +3. [Add Microsoft Defender for Endpoint to the exclusion list for Symantec](#add-microsoft-defender-atp-to-the-exclusion-list-for-symantec). 4. [Add Symantec to the exclusion list for Microsoft Defender Antivirus](#add-symantec-to-the-exclusion-list-for-microsoft-defender-antivirus). -5. [Add Symantec to the exclusion list for Microsoft Defender ATP](#add-symantec-to-the-exclusion-list-for-microsoft-defender-atp). +5. [Add Symantec to the exclusion list for Microsoft Defender for Endpoint](#add-symantec-to-the-exclusion-list-for-microsoft-defender-atp). 6. [Set up your device groups, device collections, and organizational units](#set-up-your-device-groups-device-collections-and-organizational-units). 7. [Configure antimalware policies and real-time protection](#configure-antimalware-policies-and-real-time-protection). @@ -48,7 +48,7 @@ ms.reviewer: depicker, yongrhee, chriggs On certain versions of Windows, Microsoft Defender Antivirus might have been uninstalled or disabled. This is because Microsoft Defender Antivirus does not enter passive or disabled mode when you install a third-party antivirus product, such as Symantec. To learn more, see [Microsoft Defender Antivirus compatibility](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility). -Now that you're moving from Symantec to Microsoft Defender ATP, you'll need to enable or reinstall Microsoft Defender Antivirus, and set it to passive mode. +Now that you're moving from Symantec to Microsoft Defender for Endpoint, you'll need to enable or reinstall Microsoft Defender Antivirus, and set it to passive mode. ### Reinstall Microsoft Defender Antivirus on Windows Server @@ -74,7 +74,7 @@ Now that you're moving from Symantec to Microsoft Defender ATP, you'll need to e ### Set Microsoft Defender Antivirus to passive mode on Windows Server -Because your organization is still using Symantec, you must set Microsoft Defender Antivirus to passive mode. That way, Symantec and Microsoft Defender Antivirus can run side by side until you have finished onboarding to Microsoft Defender ATP. +Because your organization is still using Symantec, you must set Microsoft Defender Antivirus to passive mode. That way, Symantec and Microsoft Defender Antivirus can run side by side until you have finished onboarding to Microsoft Defender for Endpoint. 1. Open Registry Editor, and then navigate to
`Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Windows Advanced Threat Protection`. @@ -113,9 +113,9 @@ Microsoft Defender Antivirus can run alongside Symantec if you set Microsoft Def > [!NOTE] > You might see *Windows Defender Antivirus* instead of *Microsoft Defender Antivirus* in some versions of Windows. -## Add Microsoft Defender ATP to the exclusion list for Symantec +## Add Microsoft Defender for Endpoint to the exclusion list for Symantec -This step of the setup process involves adding Microsoft Defender ATP to the exclusion list for Symantec and any other security products your organization is using. The specific exclusions to configure depend on which version of Windows your endpoints or devices are running, and are listed in the following table: +This step of the setup process involves adding Microsoft Defender for Endpoint to the exclusion list for Symantec and any other security products your organization is using. The specific exclusions to configure depend on which version of Windows your endpoints or devices are running, and are listed in the following table: |OS |Exclusions | |--|--| @@ -145,9 +145,9 @@ You can choose from several methods to add your exclusions to Microsoft Defender |Local group policy object |1. On the endpoint or device, open the Local Group Policy Editor.

2. Go to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Exclusions**.
**NOTE**: You might see *Windows Defender Antivirus* instead of *Microsoft Defender Antivirus* in some versions of Windows.

3. Specify your path and process exclusions. | |Registry key |1. Export the following registry key: `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\exclusions`.

2. Import the registry key. Here are two examples:
- Local path: `regedit.exe /s c:\temp\ MDAV_Exclusion.reg`
- Network share: `regedit.exe /s \\FileServer\ShareName\MDAV_Exclusion.reg` | -## Add Symantec to the exclusion list for Microsoft Defender ATP +## Add Symantec to the exclusion list for Microsoft Defender for Endpoint -To add exclusions to Microsoft Defender ATP, you create [indicators](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/manage-indicators#create-indicators-for-files). +To add exclusions to Microsoft Defender for Endpoint, you create [indicators](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/manage-indicators#create-indicators-for-files). 1. Go to the Microsoft Defender Security Center ([https://aka.ms/MDATPportal](https://aka.ms/MDATPportal)) and sign in. @@ -213,6 +213,6 @@ Using Configuration Manager and your device collection(s), configure your antima ## Next step -**Congratulations**! You have completed the Setup phase of [migrating from Symantec to Microsoft Defender ATP](symantec-to-microsoft-defender-atp-migration.md#the-migration-process)! +**Congratulations**! You have completed the Setup phase of [migrating from Symantec to Microsoft Defender for Endpoint](symantec-to-microsoft-defender-atp-migration.md#the-migration-process)! -- [Proceed to Phase 3: Onboard to Microsoft Defender ATP](symantec-to-microsoft-defender-atp-onboard.md) +- [Proceed to Phase 3: Onboard to Microsoft Defender for Endpoint](symantec-to-microsoft-defender-atp-onboard.md)