Update symantec-to-microsoft-defender-atp-part3.md

windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-part3.md

@@ -43,71 +43,6 @@ You can choose from several methods to onboard devices to Microsoft Defender ATP
 
 stuff (will draw from existing content here)
 
-For Windows 10, Windows Server 2016, and Windows Server 2019:
-1.	Deploy MDATP (EDR) can run side-by-side with any 3rd party EDR and/or AV and/or other security products.
-2.	SCCM Antimalware policies can be deployed ahead of time to the “Device Collections”.
-3.	SCCM ADR for MDAV “Platform update” and SCEP “Platform update” can be deployed ahead of time to the “Device Collections”.
-4.	MDAV (for Windows 10, Windows Server 2016, and Windows Server 2019) can run in passive-mode (no real-time protection) while the SEP AV is installed.
-Note:  Set “Passive Mode” registry for Windows Server 2016 and Windows Server 2019.
-5.	Uninstall 3rd party EDR (RSA NetWitness)
-6.	Uninstall 3rd party SEP AV
-1)	Unblock password (Anti-tamper, in order to remove)
-2)	Refresh SEP policy 
-<Add the command here.>
-3)	Uninstall the Endpoint Protection client using the command prompt
-https://support.symantec.com/us/en/article.tech102470.html
-
-There is an example for both PowerShell and DOS.  This script could be automated to check for a ReturnValue to equal zero and if not then run “CleanWipe”
-
-4)	Download the CleanWipe removal tool to uninstall Endpoint Protection
-https://support.symantec.com/us/en/article.howto124983.html
-Note:  SEP 14 now forces end-user interaction.
-
-Article has the download and readme.
- 
- 
- 
-Select all apps in the tool and once completed it will require a reboot and once you log back in the software will continue and show completion.  You will need to periodically check this article as they update the software versions often.  You can also verify when running if it requires an update.
-7.	Change Passive Mode registry to disabled for Windows Server 2016 and Windows Server 2019.
-8.	Restart
-
-What does this accomplish?
-You stay protected with MDATP (EDR) while your 3rd party EDR is uninstalled.
-Also protects you since after SEP is uninstalled, MDAV AV goes from “Passive Mode” to “Active Mode”. 
-
-For Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, and Windows Server 2012 R2:
-	WARNING:  Unlike MDAV, SCEP cannot run in passive-mode while any 3rd party AV (e.g. SEP AV) is installed.
-
-1.	Deploy MDATP (EDR) can run side-by-side with any 3rd party EDR and/or AV and/or other security products.
-2.	Uninstall 3rd party EDR
-3.	Uninstall 3rd party SEP AV
-1)	Unblock password (Anti-tamper, in order to remove)
-2)	Refresh SEP policy 
-%ProgramFiles(x86)\Symantec\Symantec Endpoint Protection\Smc.exe” -UpdateConfig
-
-3)	Uninstall the Endpoint Protection client using the command prompt
-https://support.symantec.com/us/en/article.tech102470.html
-TIP:  Watch out for the different versions of SEP, instead of using the uninstall GUID, use the Powershell/WMI command in the article above.
-
-There is an example for both PowerShell and DOS.  This script could be automated to check for a ReturnValue to equal zero and if not then run “CleanWipe”
-
-4)	Download the CleanWipe removal tool to uninstall Endpoint Protection
-https://support.symantec.com/us/en/article.howto124983.html
-
-Article has the download and readme.
- 
- 
- 
-Select all apps in the tool and once completed it will require a reboot and once you log back in the software will continue and show completion.  You will need to periodically check this article as they update the software versions often.  You can also verify when running if it requires an update.
-4.	Install SCEP (for Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, and Windows Server 2012 R2)
-Add instructions on how to setup “Client Settings” in SCCM.
-About uninstall of SEP
-And install of SCEP.
-5.	Restart
-
-What does this accomplish?
-You stay protected with MDATP (EDR) while your 3rd party AV and/or EDR are uninstalled.
-
 
 
 <br/><br/><br/><br/><br/>