deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 14:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

update machine groups topic

Browse Source
This commit is contained in:
Joey Caparas 2018-04-12 17:04:18 -07:00
parent 300d44b893
commit c3b82b93b8
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
windows/security/threat-protection/windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md
View File

@ -26,7 +26,7 @@ ms.date: 04/16/2018
[!include[Prerelease information](prerelease.md)] [!include[Prerelease information](prerelease.md)]
In a typical enterprise scenario, security operation teams are typically assigned a set of machines. These machines are grouped together based on a set of attributes such as their domains, computer names, or designated tags. In an enterprise scenario, security operation teams are typically assigned a set of machines. These machines are grouped together based on a set of attributes such as their domains, computer names, or designated tags.
In Windows Defender ATP, you can create machine groups and use them to: In Windows Defender ATP, you can create machine groups and use them to:
- Limit access to related alerts and data to specific Azure AD user groups with [assigned RBAC roles](rbac-windows-defender-advanced-threat-protection.md) - Limit access to related alerts and data to specific Azure AD user groups with [assigned RBAC roles](rbac-windows-defender-advanced-threat-protection.md)
@ -67,19 +67,22 @@ As part of the process of creating a machine group, you'll:
5. Assign the user groups that can access the machine group you created. 5. Assign the user groups that can access the machine group you created.
>[!NOTE] >[!NOTE]
>You can only grant access to Azure AD user groups with assigned RBAC roles. >You can only grant access to Azure AD user groups that have been assigned to RBAC roles.
6. Click **Close**. 6. Click **Close**.
7. Apply the configuration settings. 7. Apply the configuration settings.
## Understand matching and manage groups ## Understand matching and manage groups
You can promote the rank of a machine group so that it is given higher priority during matching. When a machine is matched to more than one group, it is added only to the highest ranked group. You can also edit and delete groups.
You can promote the rank of a machine group so that it is given higher priority during matching. When a machine is matched to more than one group, it is added only to the highest ranked group. By default, machine groups are accessible by all users with portal access. You can change the default behavior by assigning Azure AD user groups to the machine group.
Machines that are not matched to any groups are added to **Ungrouped machines (default)** group. By default, remediations performed on machines in this group require approval, but you can also define the remediation level for this group. By default, ungrouped machines are accessible by all users with portal access. You can change the default behavior by assigning the ungrouped machines to specific Azure AD user groups. Machines that are not matched to any groups are added to Ungrouped machines (default) group. You cannot change the rank of this group or delete it. However, you can change the remediation level of this group, and define the Azure AD user groups that can access this group.
>[!NOTE]
>Applying changes to machine group configuration may take up to several minutes.
You can also edit and delete groups.