deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-28 13:17:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update Onboard-Windows-10-multi-session-device.md

Browse Source
This commit is contained in:
Daniel Simpson 2020-10-15 21:01:10 -07:00 committed by GitHub
parent c7cd6ebfe5
commit c559f3db81
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md
View File

@ -22,10 +22,10 @@ manager: dansimp
6 minutes to read
Applies to:
- Windows 10 Multi-session running on Windows Virtual Desktop (WVD)
- Windows 10 multi-session running on Windows Virtual Desktop (WVD)
> [!WARNING]
> Microsoft Defender ATP support for Windows Virtual Desktop multi-user scenarios is currently in Preview and limited up to 25 concurrent sessions per host/VM. However, single session scenarios on Windows Virtual Desktop are fully supported.
> Microsoft Defender ATP support for Windows Virtual Desktop multi-session scenarios is currently in Preview and limited up to 25 concurrent sessions per host/VM. However, single session scenarios on Windows Virtual Desktop are fully supported.
Microsoft Defender for Endpoint supports monitoring both VDI as well as Windows Virtual Desktop sessions. Depending on your organization's needs, you might need to implement VDI or Windows Virtual Desktop sessions to help your employees access corporate data and apps from an unmanaged device, remote location, or similar scenario. With Microsoft Defender for Endpoint, you can monitor these virtual machines for anomalous activity.
@ -53,7 +53,7 @@ There are several ways to onboard a WVD host machine:
#### *Scenario 1: Using local group policy*
This scenario requires placing the script in a golden image and uses local group policy to run early in the boot process.
Use the instructions in [https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi#onboard-non-persistent-virtual-desktop-infrastructure-vdi-devices-1 ](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi#onboard-non-persistent-virtual-desktop-infrastructure-vdi-devices-1).
Use the instructions in [Onboard non-persistent virtual desktop infrastructure VDI devices](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi#onboard-non-persistent-virtual-desktop-infrastructure-vdi-devices-1).
Follow the instructions for a single entry for each device.
@ -87,7 +87,7 @@ Click **OK** and close any open GPMC windows.
If you plan to manage your machines using a management tool, you can onboard devices with Microsoft Endpoint Configuration Manager.
For more information, see: [https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm)
For more information, see: [Onboard Windows 10 devices using Configuration Manager](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm)
> [!WARNING]
> If you plan to use [Attack Surface reduction Rules](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction), please note that rule “[Block process creations originating from PSExec and WMI commands](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction#block-process-creations-originating-from-psexec-and-wmi-commands)" should not be used as it is incompatible with management through Microsoft Endpoint Configuration Manager because this rule blocks WMI commands the Configuration Manager client uses to function correctly.
@ -98,11 +98,11 @@ For more information, see: [https://docs.microsoft.com/en-us/windows/security/th
#### Tagging your machines when building your golden image
As part of your onboarding, you may want to consider setting a machine tag to be able to differentiate WVD machines more easily in the Microsoft Security Center. For more information, see
[https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/machine-tags#add-device-tags-by-setting-a-registry-key-value](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine-tags#add-device-tags-by-setting-a-registry-key-value).
[Add device tags by setting a registry key value](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine-tags#add-device-tags-by-setting-a-registry-key-value).
#### Other recommended configuration settings
When building your golden image, you may want to configure initial protection settings as well. For more information, see [https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp#other-recommended-configuration-settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp#other-recommended-configuration-settings).
When building your golden image, you may want to configure initial protection settings as well. For more information, see [Other recommended configuration settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp#other-recommended-configuration-settings).
In addition, if you are using FSlogix user profiles, we recommend you exclude the following files from always-on protection:
@ -126,4 +126,4 @@ In addition, if you are using FSlogix user profiles, we recommend you exclude th
#### Licensing requirements
Windows 10 Multi-session is a client OS. Licensing requirements for Microsoft Defender Advanced Threat Protection can be found at: [https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements#licensing-requirements ](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements#licensing-requirements).
Windows 10 Multi-session is a client OS. Licensing requirements for Microsoft Defender Advanced Threat Protection can be found at: [Licensing requirements](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements#licensing-requirements).