deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-17 19:33:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update symantec-to-microsoft-defender-atp-part1.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT
2020-06-11 11:05:07 -07:00
parent 80c450311f
commit c561d7ba49
1 changed files with 16 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-part1.md
View File

@ -22,28 +22,28 @@ ms.topic: article
| [Overview](symantec-to-microsoft-defender-atp-migration.md) | Part 1 <br/>*You are here!* | [Part 2](symantec-to-microsoft-defender-atp-part2.md) | [Part 3](symantec-to-microsoft-defender-atp-part3.md) | [Post migration<br/>management](microsoft-defender-atp-post-migration-management.md) |
|--|--|--|--|--|
Part 1 of [migrating from Symantec to Microsoft Defender ATP](symantec-to-microsoft-defender-atp-migration.md#planning-for-migration-the-process-at-a-high-level) includes the following steps:
Welcome to Part 1 of [migrating from Symantec to Microsoft Defender ATP](symantec-to-microsoft-defender-atp-migration.md#planning-for-migration-the-process-at-a-high-level). This migration phase includes the following steps:
1. [Get Microsoft Defender ATP](#get-microsoft-defender-atp).
2. [Grant access to the Microsoft Defender Security Center](#grant-access-to-the-microsoft-defender-security-center).
3. [Configure device proxy and internet connectivity settings](#configure-device-proxy-and-internet-connectivity-settings)
## Get Microsoft Defender ATP
To get started, you must have Microsoft Defender ATP with licenses assigned and provisioned per the following steps:
To get started, you must have Microsoft Defender ATP, with licenses assigned and provisioned.
1. Buy or try Microsoft Defender ATP today. [Visit Microsoft Defender ATP to start a free trial or request a quote](https://aka.ms/mdatp).
2. Verify that your licenses are properly provisioned. See [Check license state](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment#check-license-state).
2. Verify that your licenses are properly provisioned. [Check your license state](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment#check-license-state).
3. As a global administrator or security administrator, set up your dedicated cloud instance of Microsoft Defender ATP. See [Microsoft Defender ATP setup: Tenant configuration](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment#tenant-configuration).
4. If endpoints in your organization use a proxy to access the internet, see [Microsoft Defender ATP setup: Network configuration](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment#network-configuration).
4. If endpoints (such as devices) in your organization use a proxy to access the internet, see [Microsoft Defender ATP setup: Network configuration](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/production-deployment#network-configuration).
At this point, you are ready to grant access to the Microsoft Defender Security Center, which is sometimes referred to as the Microsoft Defender ATP portal.
At this point, you are ready to grant access to those who'll use the Microsoft Defender Security Center, which is sometimes referred to as the Microsoft Defender ATP portal.
## Grant access to the Microsoft Defender Security Center
The Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) is where you can access the features and capabilities of Microsoft Defender ATP. [Get an overview of the Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/use).
The Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) is where you access and configure features and capabilities of Microsoft Defender ATP. [Get an overview of the Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/use).
Permissions to the Microsoft Defender Security Center can be granted by using either basic permissions or role-based access control (RBAC). We recommend using RBAC so that you have more granular control over permissions.
@ -51,52 +51,24 @@ Permissions to the Microsoft Defender Security Center can be granted by using ei
2. Set up and configure RBAC. You can choose from one of several different methods. We recommend using [Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune), especially if your organization is using Windows 10, macOS, iOS, and Android devices. See [setting up RBAC using Intune](https://docs.microsoft.com/mem/intune/fundamentals/role-based-access-control).
Depending on your organization's needs, you can use a different method, such as one of the following:
Although we recommend using Intune, you can use a different method to suit your organization's needs. Other methods include the following:
- [Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/servers/deploy/configure/configure-role-based-administration)
- [Advanced Group Policy Management](https://docs.microsoft.com/microsoft-desktop-optimization-pack/agpm)
- [Windows Admin Center](https://docs.microsoft.com/windows-server/manage/windows-admin-center/overview)
3. After your roles are defined and RBAC is set up, grant access to the Microsoft Defender Security Center. See [Manage portal access using RBAC](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/rbac).
3. Grant access to the Microsoft Defender Security Center. [Manage portal access using RBAC](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/rbac).
## Configure device proxy and internet connectivity settings
For MDATP (EDR):
Windows:
Windows 10, Windows Server 1803 and Windows Server 2019:
Configure machine proxy and Internet connectivity settings
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet
To enable communication between your devices and Microsoft Defender ATP, configure proxy and internet settings. These settings should be configured for certain capabilities in Microsoft Defender ATP and for certain operating systems, as listed in the following table:
Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016:
Configure proxy and Internet connectivity settings
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel#configure-proxy-and-internet-connectivity-settings
Enable access to Microsoft Defender ATP service URLs in the proxy server
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server
macOS:
Network connections -- Microsoft Defender Advanced Threat Protection for Mac
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac#network-connections
Linux:
EDR Endpoints:
https://winatp-gw-cus.microsoft.com/
https://winatp-gw-eus.microsoft.com/
https://winatp-gw-weu.microsoft.com/
https://winatp-gw-neu.microsoft.com/
https://winatp-gw-ukw.microsoft.com/
https://winatp-gw-uks.microsoft.com/
https://us4-v20.events.data.microsoft.com/
https://us5-v20.events.data.microsoft.com/
https://eu-v20.events.data.microsoft.com/
https://us-v20.events.data.microsoft.com/
https://au-v20.events.data.microsoft.com/
https://uk-v20.events.data.microsoft.com/
https://de-v20.events.data.microsoft.com/
https://v20.events.data.microsoft.com/
For MDAV/SCEP:
Windows:
Allow connections to the Windows Defender Antivirus cloud service (Proxy and/or Firewall)
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud-service
| Features/Capabilities | Operating System | Resources to learn more |
|--|--|--|
|Endpoint detection and response (EDR) | Windows 10 <br/>Windows Server 1803 or later <br/>Windows Server 2019 |[Configure machine proxy and Internet connectivity settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet) |
|EDR |Windows 7 SP1 <br/>Windows Server 2008 R2 SP1 <br/>Windows 8.1 <br/>Windows Server 2012 R2<br/>Windows Server 2016 |[Configure proxy and Internet connectivity settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel#configure-proxy-and-internet-connectivity-settings) |
|EDR |mac OS 10.15 (Catalina) <br/>macOS 10.14 (Mojave) <br/>macOS 10.13 (High Sierra) |[Microsoft Defender ATP for Mac: Network connections](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac#network-connections) |
|EDR |Linux |[Microsoft Defender ATP for Linux: Network connections](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux#network-connections) |
|Microsoft Defender Antivirus (Microsoft Defender AV) |Windows |[Configure and validate Microsoft Defender Antivirus network connections](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus)<br/> |
Important changes to Microsoft Active Protection Service (MAPS) endpoint
https://techcommunity.microsoft.com/t5/configuration-manager-archive/important-changes-to-microsoft-active-protection-service-maps/ba-p/274006
macOS: