mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-17 19:33:37 +00:00
fix chars
This commit is contained in:
Binary file not shown.
Before Width: | Height: | Size: 12 KiB After Width: | Height: | Size: 9.3 KiB |
@ -37,8 +37,8 @@ to the table below as appropriate for your organization.
|
|||||||
|----------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------|
|
|----------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------|
|
||||||
| Enter name and email | **Chief Information Security Officer (CISO)** *An executive representative who serves as sponsor inside the organization for the new technology deployment.* | SO |
|
| Enter name and email | **Chief Information Security Officer (CISO)** *An executive representative who serves as sponsor inside the organization for the new technology deployment.* | SO |
|
||||||
| Enter name and email | **Head of Cyber Defense Operations Center (CDOC)** *A representative from the CDOC team in charge of defining how this change is aligned with the processes in the customers security operations team.* | SO |
|
| Enter name and email | **Head of Cyber Defense Operations Center (CDOC)** *A representative from the CDOC team in charge of defining how this change is aligned with the processes in the customers security operations team.* | SO |
|
||||||
| Enter name and email | **Security Architect** *A representative from the Security team in charge of defining how this change is aligned with the core Security architecture in the customer's organization.* | R |
|
| Enter name and email | **Security Architect** *A representative from the Security team in charge of defining how this change is aligned with the core Security architecture in the organization.* | R |
|
||||||
| Enter name and email | **Workplace Architect** *A representative from the IT team in charge of defining how this change is aligned with the core workplace architecture in the customer's organization.* | R |
|
| Enter name and email | **Workplace Architect** *A representative from the IT team in charge of defining how this change is aligned with the core workplace architecture in the organization.* | R |
|
||||||
| Enter name and email | **Security Analyst** *A representative from the CDOC team who can provide input on the detection capabilities, user experience and overall usefulness of this change from a security operations perspective.* | I |
|
| Enter name and email | **Security Analyst** *A representative from the CDOC team who can provide input on the detection capabilities, user experience and overall usefulness of this change from a security operations perspective.* | I |
|
||||||
|
|
||||||
## Project Management
|
## Project Management
|
||||||
@ -117,9 +117,7 @@ Microsoft Defender ATP supports two ways to manage permissions:
|
|||||||
|
|
||||||
- **Role-based access control (RBAC)**: Set granular permissions by defining
|
- **Role-based access control (RBAC)**: Set granular permissions by defining
|
||||||
roles, assigning Azure AD user groups to the roles, and granting the user
|
roles, assigning Azure AD user groups to the roles, and granting the user
|
||||||
groups access to machine groups. For more information on RBAC, see [Manage
|
groups access to machine groups. For more information. see [Manage portal access using role-based access control](rbac.md).
|
||||||
portal access using role-based access
|
|
||||||
control](rbac.md).
|
|
||||||
|
|
||||||
Microsoft recommends leveraging RBAC to ensure that only users that have a
|
Microsoft recommends leveraging RBAC to ensure that only users that have a
|
||||||
business justification can access Microsoft Defender ATP.
|
business justification can access Microsoft Defender ATP.
|
||||||
@ -133,9 +131,9 @@ structure required for your environment.
|
|||||||
|
|
||||||
| Tier | Description | Permission Required |
|
| Tier | Description | Permission Required |
|
||||||
|--------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------|
|
|--------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------|
|
||||||
| Tier 1 | **Local security operations team / IT team**<br> This team usually triages and investigates alerts contained within their geolocation and escalates to Tier 2 in cases where an active remediation is required. | |
|
| Tier 1 | **Local security operations team / IT team**<br>This team usually triages and investigates alerts contained within their geolocation and escalates to Tier 2 in cases where an active remediation is required. | |
|
||||||
| Tier 2 | **Regional security operations team**<br> This team can see all the machines for their region and perform remediation actions. | View data |
|
| Tier 2 | **Regional security operations team**<br>This team can see all the machines for their region and perform remediation actions. | View data |
|
||||||
| Tier 3 | **Global security operations team**<br> This team consists of security experts and are authorized to see and perform all actions from the portal. | View data <br> Alerts investigation Active remediation ctions <br> Alerts investigation Active remediation actions <br> Manage portal system settings <br> Manage security settings |
|
| Tier 3 | **Global security operations team**<br>This team consists of security experts and are authorized to see and perform all actions from the portal. | View data <br> Alerts investigation Active remediation ctions <br> Alerts investigation Active remediation actions <br> Manage portal system settings <br> Manage security settings |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -35,8 +35,7 @@ Proper planning is the foundation of a successful deployment. In this deployment
|
|||||||
|
|
||||||
## Tenant Configuration
|
## Tenant Configuration
|
||||||
|
|
||||||
When accessing [Microsoft Defender Security Center](https://securitycenter.windows.com/)<EFBFBD>for the first time there will be a setup wizard that will guide you through some initial steps. At the end of the setup wizard there will be a dedicated cloud instance of Microsoft Defender ATP created. The easiest method is to perform these steps from a Windows 10 client
|
When accessing [Microsoft Defender Security Center](https://securitycenter.windows.com/) for the first time there will be a setup wizard that will guide you through some initial steps. At the end of the setup wizard there will be a dedicated cloud instance of Microsoft Defender ATP created. The easiest method is to perform these steps from a Windows 10 client machine.
|
||||||
machine.
|
|
||||||
|
|
||||||
1. From a web browser, navigate to <https://securitycenter.windows.com>.
|
1. From a web browser, navigate to <https://securitycenter.windows.com>.
|
||||||
|
|
||||||
@ -90,13 +89,13 @@ there is no need for special configuration settings. For more information on
|
|||||||
Microsoft Defender ATP URL exclusions in the proxy, see the
|
Microsoft Defender ATP URL exclusions in the proxy, see the
|
||||||
Appendix section in this document for the URLs Whitelisting or on
|
Appendix section in this document for the URLs Whitelisting or on
|
||||||
[Microsoft
|
[Microsoft
|
||||||
Docs](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection#enable-access-to-windows-defender-atp-service-urls-in-the-proxy-server)
|
Docs](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection#enable-access-to-windows-defender-atp-service-urls-in-the-proxy-server).
|
||||||
|
|
||||||
**Manual static proxy configuration:**
|
**Manual static proxy configuration:**
|
||||||
|
|
||||||
- Registry based configuration
|
- Registry based configuration
|
||||||
|
|
||||||
- WinHTTP configured using netsh command - Suitable only for desktops in a
|
- WinHTTP configured using netsh command <br> Suitable only for desktops in a
|
||||||
stable topology (for example: a desktop in a corporate network behind the
|
stable topology (for example: a desktop in a corporate network behind the
|
||||||
same proxy)
|
same proxy)
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user