mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-18 00:07:23 +00:00
Merge pull request #4412 from MicrosoftDocs/lsaldanha-4620497-batch13
updated-24620497 M3D-converged
This commit is contained in:
Tina Burden
GitHub
commit
cf274a90af
@ -23,6 +23,16 @@ ms.technology: mde
|
||||
|
||||
Applies to:
|
||||
- Windows 10 multi-session running on Windows Virtual Desktop (WVD)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
> [!IMPORTANT]
|
||||
> Welcome to Microsoft Defender for Endpoint, the new name for Microsoft Defender for Endpoint. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future.
|
||||
|
||||
> [!WARNING]
|
||||
> Microsoft Defender for Endpoint support for Windows Virtual Desktop multi-session scenarios is currently in Preview and limited up to 25 concurrent sessions per host/VM. However, single session scenarios on Windows Virtual Desktop are fully supported.
|
||||
|
||||
Microsoft Defender for Endpoint supports monitoring both VDI as well as Windows Virtual Desktop sessions. Depending on your organization's needs, you might need to implement VDI or Windows Virtual Desktop sessions to help your employees access corporate data and apps from an unmanaged device, remote location, or similar scenario. With Microsoft Defender for Endpoint, you can monitor these virtual machines for anomalous activity.
|
||||
|
||||
|
||||
@ -21,10 +21,13 @@ ms.technology: mde
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
|
||||
- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
[!include[Microsoft Defender for Endpoint API URIs for US Government](../../includes/microsoft-defender-api-usgov.md)]
|
||||
|
||||
|
||||
@ -28,7 +28,9 @@ ms.technology: mde
|
||||
- Linux
|
||||
- Windows Server 2012 R2
|
||||
- Windows Server 2016
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
|
||||
|
||||
>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-offboarddevices-abovefoldlink)
|
||||
|
||||
@ -22,9 +22,9 @@ ms.technology: mde
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
[!include[Prerelease information](../../includes/prerelease.md)]
|
||||
|
||||
|
||||
@ -29,7 +29,8 @@ ms.technology: mde
|
||||
- Windows 7 SP1 Pro
|
||||
- Windows 8.1 Pro
|
||||
- Windows 8.1 Enterprise
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
|
||||
>Want to experience Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-downlevel-abovefoldlink).
|
||||
|
||||
@ -25,7 +25,11 @@ ms.technology: mde
|
||||
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
|
||||
To onboard devices without Internet access, you'll need to take the following general steps:
|
||||
|
||||
|
||||
@ -24,8 +24,11 @@ ms.technology: mde
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
|
||||
Configure and manage all the Defender for Endpoint capabilities to get the best security protection for your organization.
|
||||
|
||||
|
||||
@ -25,8 +25,10 @@ ms.technology: mde
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
|
||||
This article is part of the Deployment guide and acts as an example onboarding method.
|
||||
@ -76,39 +78,40 @@ Follow the steps below to onboard endpoints using Microsoft Endpoint Configurati
|
||||
|
||||
1. In Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Device Collections**.
|
||||
|
||||
|
||||
|
||||
|
||||
2. Right Click **Device Collection** and select **Create Device Collection**.
|
||||
|
||||
|
||||
|
||||
|
||||
3. Provide a **Name** and **Limiting Collection**, then select **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
4. Select **Add Rule** and choose **Query Rule**.
|
||||
|
||||
|
||||
|
||||
|
||||
5. Click **Next** on the **Direct Membership Wizard** and click on **Edit Query Statement**.
|
||||
|
||||
|
||||
|
||||
|
||||
6. Select **Criteria** and then choose the star icon.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Keep criterion type as **simple value**, choose where as **Operating System - build number**, operator as **is greater than or equal to** and value **14393** and click on **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
8. Select **Next** and **Close**.
|
||||
|
||||
|
||||
|
||||
|
||||
9. Select **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
After completing this task, you now have a device collection with all the Windows 10 endpoints in the environment.
|
||||
|
||||
@ -133,22 +136,23 @@ Manager and deploy that policy to Windows 10 devices.
|
||||
|
||||
2. Under Deployment method select the supported version of **Microsoft Endpoint Configuration Manager**.
|
||||
|
||||
|
||||
|
||||
|
||||
3. Select **Download package**.
|
||||
|
||||
|
||||
|
||||
|
||||
4. Save the package to an accessible location.
|
||||
5. In Microsoft Endpoint Configuration Manager, navigate to: **Assets and Compliance > Overview > Endpoint Protection > Microsoft Defender ATP Policies**.
|
||||
|
||||
6. Right-click **Microsoft Defender ATP Policies** and select **Create Microsoft Defender ATP Policy**.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Enter the name and description, verify **Onboarding** is selected, then select **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
8. Click **Browse**.
|
||||
|
||||
@ -157,25 +161,25 @@ Manager and deploy that policy to Windows 10 devices.
|
||||
10. Click **Next**.
|
||||
11. Configure the Agent with the appropriate samples (**None** or **All file types**).
|
||||
|
||||
|
||||
|
||||
|
||||
12. Select the appropriate telemetry (**Normal** or **Expedited**) then click **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
14. Verify the configuration, then click **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
15. Click **Close** when the Wizard completes.
|
||||
|
||||
16. In the Microsoft Endpoint Configuration Manager console, right-click the Defender for Endpoint policy you just created and select **Deploy**.
|
||||
|
||||
|
||||
|
||||
|
||||
17. On the right panel, select the previously created collection and click **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Previous versions of Windows Client (Windows 7 and Windows 8.1)
|
||||
@ -238,7 +242,7 @@ Microsoft Defender Antivirus is a built-in antimalware solution that provides ne
|
||||
|
||||
2. Select **Scheduled scans**, **Scan settings**, **Default actions**, **Real-time protection**, **Exclusion settings**, **Advanced**, **Threat overrides**, **Cloud Protection Service** and **Security intelligence updates** and choose **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
In certain industries or some select enterprise customers might have specific
|
||||
needs on how Antivirus is configured.
|
||||
@ -248,30 +252,29 @@ needs on how Antivirus is configured.
|
||||
|
||||
For more details, see [Windows Security configuration framework](https://docs.microsoft.com/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
3. Right-click on the newly created antimalware policy and select **Deploy**.
|
||||
|
||||
|
||||
|
||||
|
||||
4. Target the new antimalware policy to your Windows 10 collection and click **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
After completing this task, you now have successfully configured Windows
|
||||
Defender Antivirus.
|
||||
@ -286,34 +289,35 @@ To set ASR rules in Audit mode:
|
||||
|
||||
1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
2. Select **Attack Surface Reduction**.
|
||||
|
||||
|
||||
3. Set rules to **Audit** and click **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
4. Confirm the new Exploit Guard policy by clicking on **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
5. Once the policy is created click **Close**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
6. Right-click on the newly created policy and choose **Deploy**.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Target the policy to the newly created Windows 10 collection and click **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
After completing this task, you now have successfully configured ASR rules in audit mode.
|
||||
|
||||
@ -331,11 +335,11 @@ endpoints. (This may take few minutes)
|
||||
|
||||
4. Click **Configuration** tab in Attack surface reduction rules reports. It shows ASR rules configuration overview and ASR rules status on each devices.
|
||||
|
||||
|
||||
|
||||
|
||||
5. Click each device shows configuration details of ASR rules.
|
||||
|
||||
|
||||
|
||||
|
||||
See [Optimize ASR rule deployment and
|
||||
detections](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr) for more details.
|
||||
@ -344,29 +348,31 @@ detections](https://docs.microsoft.com/windows/security/threat-protection/micros
|
||||
#### Set Network Protection rules in Audit mode:
|
||||
1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
|
||||
|
||||
|
||||
|
||||
|
||||
2. Select **Network protection**.
|
||||
|
||||
3. Set the setting to **Audit** and click **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
4. Confirm the new Exploit Guard Policy by clicking **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
5. Once the policy is created click on **Close**.
|
||||
|
||||
|
||||
|
||||
|
||||
6. Right-click on the newly created policy and choose **Deploy**.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Select the policy to the newly created Windows 10 collection and choose **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
After completing this task, you now have successfully configured Network
|
||||
Protection in audit mode.
|
||||
@ -375,29 +381,29 @@ Protection in audit mode.
|
||||
|
||||
1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
|
||||
|
||||
|
||||
|
||||
|
||||
2. Select **Controlled folder access**.
|
||||
|
||||
3. Set the configuration to **Audit** and click **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
4. Confirm the new Exploit Guard Policy by clicking on **Next**.
|
||||
|
||||
|
||||
|
||||
|
||||
5. Once the policy is created click on **Close**.
|
||||
|
||||
|
||||
|
||||
|
||||
6. Right-click on the newly created policy and choose **Deploy**.
|
||||
|
||||
|
||||
|
||||
|
||||
7. Target the policy to the newly created Windows 10 collection and click **OK**.
|
||||
|
||||
|
||||
|
||||
|
||||
You have now successfully configured Controlled folder access in audit mode.
|
||||
|
||||
|
||||
@ -25,10 +25,11 @@ ms.technology: mde
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
This article is part of the Deployment guide and acts as an example onboarding method.
|
||||
|
||||
@ -94,12 +95,12 @@ needs.<br>
|
||||
2. Open **Groups > New Group**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
3. Enter details and create a new group.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
4. Add your test user or device.
|
||||
|
||||
@ -110,7 +111,7 @@ needs.<br>
|
||||
7. Find your test user or device and select it.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
8. Your testing group now has a member to test.
|
||||
|
||||
@ -136,7 +137,7 @@ different types of endpoint security policies:
|
||||
on **Create Profile**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
3. Under **Platform, select Windows 10 and Later, Profile - Endpoint detection
|
||||
and response > Create**.
|
||||
@ -144,39 +145,39 @@ different types of endpoint security policies:
|
||||
4. Enter a name and description, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
5. Select settings as required, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
> [!NOTE]
|
||||
> In this instance, this has been auto populated as Defender for Endpoint has already been integrated with Intune. For more information on the integration, see [Enable Microsoft Defender for Endpoint in Intune](https://docs.microsoft.com/mem/intune/protect/advanced-threat-protection-configure#to-enable-microsoft-defender-atp).
|
||||
>
|
||||
> The following image is an example of what you'll see when Microsoft Defender for Endpoint is NOT integrated with Intune:
|
||||
>
|
||||
> 
|
||||
> 
|
||||
|
||||
6. Add scope tags if necessary, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
7. Add test group by clicking on **Select groups to include** and choose your group, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
8. Review and accept, then select **Create**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
9. You can view your completed policy.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
### Next-generation protection
|
||||
|
||||
@ -185,7 +186,7 @@ different types of endpoint security policies:
|
||||
2. Navigate to **Endpoint security > Antivirus > Create Policy**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
3. Select **Platform - Windows 10 and Later - Windows and Profile – Microsoft
|
||||
Defender Antivirus > Create**.
|
||||
@ -193,34 +194,34 @@ different types of endpoint security policies:
|
||||
4. Enter name and description, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
5. In the **Configuration settings page**: Set the configurations you require for
|
||||
Microsoft Defender Antivirus (Cloud Protection, Exclusions, Real-Time
|
||||
Protection, and Remediation).
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
6. Add scope tags if necessary, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
7. Select groups to include, assign to your test group, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
8. Review and create, then select **Create**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
9. You'll see the configuration policy you created.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
### Attack Surface Reduction – Attack surface reduction rules
|
||||
|
||||
@ -234,12 +235,12 @@ different types of endpoint security policies:
|
||||
rules > Create**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
5. Enter a name and description, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
6. In the **Configuration settings page**: Set the configurations you require for
|
||||
Attack surface reduction rules, then select **Next**.
|
||||
@ -250,27 +251,27 @@ different types of endpoint security policies:
|
||||
> For more information, see [Attack surface reduction rules](attack-surface-reduction.md).
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
7. Add Scope Tags as required, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
8. Select groups to include and assign to test group, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
9. Review the details, then select **Create**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
10. View the policy.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
### Attack Surface Reduction – Web Protection
|
||||
|
||||
@ -283,12 +284,12 @@ different types of endpoint security policies:
|
||||
4. Select **Windows 10 and Later – Web protection > Create**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
5. Enter a name and description, then select **Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
6. In the **Configuration settings page**: Set the configurations you require for
|
||||
Web Protection, then select **Next**.
|
||||
@ -299,27 +300,27 @@ different types of endpoint security policies:
|
||||
> For more information, see [Web Protection](web-protection-overview.md).
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
7. Add **Scope Tags as required > Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
8. Select **Assign to test group > Next**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
9. Select **Review and Create > Create**.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
10. View the policy.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
## Validate configuration settings
|
||||
|
||||
@ -337,22 +338,22 @@ To confirm that the configuration policy has been applied to your test device, f
|
||||
steps above. The following example shows the next generation protection settings.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> [  ](images/43ab6aa74471ee2977e154a4a5ef2d39.png#lightbox)
|
||||
> [  ](images/43ab6aa74471ee2977e154a4a5ef2d39.png#lightbox)
|
||||
|
||||
2. Select the **Configuration Policy** to view the policy status.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> [  ](images/55ecaca0e4a022f0e29d45aeed724e6c.png#lightbox)
|
||||
> [  ](images/55ecaca0e4a022f0e29d45aeed724e6c.png#lightbox)
|
||||
|
||||
3. Select **Device Status** to see the status.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> [  ](images/18a50df62cc38749000dbfb48e9a4c9b.png#lightbox)
|
||||
> [  ](images/18a50df62cc38749000dbfb48e9a4c9b.png#lightbox)
|
||||
|
||||
4. Select **User Status** to see the status.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> [  ](images/4e965749ff71178af8873bc91f9fe525.png#lightbox)
|
||||
> [  ](images/4e965749ff71178af8873bc91f9fe525.png#lightbox)
|
||||
|
||||
5. Select **Per-setting status** to see the status.
|
||||
|
||||
@ -360,7 +361,7 @@ To confirm that the configuration policy has been applied to your test device, f
|
||||
>This view is very useful to identify any settings that conflict with another policy.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> [  ](images/42acc69d0128ed09804010bdbdf0a43c.png#lightbox)
|
||||
> [  ](images/42acc69d0128ed09804010bdbdf0a43c.png#lightbox)
|
||||
|
||||
### Endpoint detection and response
|
||||
|
||||
@ -369,13 +370,13 @@ To confirm that the configuration policy has been applied to your test device, f
|
||||
Protection service should not be started.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> [  ](images/b418a232a12b3d0a65fc98248dbb0e31.png#lightbox)
|
||||
> [  ](images/b418a232a12b3d0a65fc98248dbb0e31.png#lightbox)
|
||||
|
||||
2. After the configuration has been applied, the Defender for Endpoint
|
||||
Protection Service should be started.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> [  ](images/a621b699899f1b41db211170074ea59e.png#lightbox)
|
||||
> [  ](images/a621b699899f1b41db211170074ea59e.png#lightbox)
|
||||
|
||||
3. After the services are running on the device, the device appears in Microsoft
|
||||
Defender Security Center.
|
||||
@ -389,7 +390,7 @@ To confirm that the configuration policy has been applied to your test device, f
|
||||
manage the settings as shown below.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
2. After the policy has been applied, you should not be able to manually manage
|
||||
the settings.
|
||||
@ -399,7 +400,7 @@ To confirm that the configuration policy has been applied to your test device, f
|
||||
> **Turn on real-time protection** are being shown as managed.
|
||||
|
||||
> [!div class="mx-imgBorder"]
|
||||
> 
|
||||
> 
|
||||
|
||||
### Attack Surface Reduction – Attack surface reduction rules
|
||||
|
||||
@ -414,13 +415,13 @@ To confirm that the configuration policy has been applied to your test device, f
|
||||
>
|
||||
> AttackSurfaceReductionRules_Ids:
|
||||
|
||||
|
||||
|
||||
|
||||
3. After applying the policy on a test device, open a PowerShell Windows and type `Get-MpPreference`.
|
||||
|
||||
4. This should respond with the following lines with content as shown below:
|
||||
|
||||
|
||||
|
||||
|
||||
### Attack Surface Reduction – Web Protection
|
||||
|
||||
@ -429,11 +430,11 @@ To confirm that the configuration policy has been applied to your test device, f
|
||||
|
||||
2. This should respond with a 0 as shown below.
|
||||
|
||||
|
||||
|
||||
|
||||
3. After applying the policy, open a PowerShell Windows and type
|
||||
`(Get-MpPreference).EnableNetworkProtection`.
|
||||
|
||||
4. This should respond with a 1 as shown below.
|
||||
|
||||
|
||||
|
||||
|
||||
@ -23,9 +23,12 @@ ms.technology: mde
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
|
||||
**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
[!include[Microsoft Defender for Endpoint API URIs for US Government](../../includes/microsoft-defender-api-usgov.md)]
|
||||
|
||||
@ -180,8 +183,8 @@ You'll need to have access to:
|
||||
11. Under **Condition**, add the following expression: "length(body('Get_items')?['value'])" and set the condition to equal to 0.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## Alert notification
|
||||
|
||||
@ -25,9 +25,12 @@ ms.technology: mde
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
Learn about the various phases of deploying Microsoft Defender for Endpoint and how to configure the capabilities within the solution.
|
||||
|
||||
Deploying Defender for Endpoint is a three-phase process:
|
||||
|
||||
@ -24,10 +24,12 @@ ms.technology: mde
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
* [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
|
||||
Help reduce your attack surfaces, by minimizing the places where your organization is vulnerable to cyberthreats and attacks. Use the following resources to configure protection for the devices and applications in your organization.
|
||||
|
||||
|
||||
@ -24,7 +24,11 @@ ms.technology: mde
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
|
||||
With custom detections, you can proactively monitor for and respond to various events and system states, including suspected breach activity and misconfigured devices. You can do this with customizable detection rules that automatically trigger alerts and response actions.
|
||||
|
||||
|
||||
@ -25,8 +25,10 @@ ms.technology: mde
|
||||
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
Defender for Endpoint endpoint detection and response capabilities provide advanced attack detections that are near real-time and actionable. Security analysts can prioritize alerts effectively, gain visibility into the full scope of a breach, and take response actions to remediate threats.
|
||||
|
||||
|
||||
@ -22,8 +22,12 @@ ms.technology: mde
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
|
||||
Hardware-based isolation helps protect system integrity in Windows 10 and is integrated with Microsoft Defender for Endpoint.
|
||||
|
||||
|
||||
@ -24,9 +24,11 @@ ms.technology: mde
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
Defender for Endpoint supports third-party applications to help enhance the detection, investigation, and threat intelligence capabilities of the platform.
|
||||
|
||||
@ -55,7 +57,7 @@ Logo |Partner name | Description
|
||||
 | [Elastic Security](https://go.microsoft.com/fwlink/?linkid=2139303) | Elastic Security is a free and open solution for preventing, detecting, and responding to threats
|
||||
 | [IBM QRadar](https://go.microsoft.com/fwlink/?linkid=2113903) | Configure IBM QRadar to collect detections from Defender for Endpoint
|
||||
 | [Micro Focus ArcSight](https://go.microsoft.com/fwlink/?linkid=2113548) | Use Micro Focus ArcSight to pull Defender for Endpoint detections
|
||||
 | [RSA NetWitness](https://go.microsoft.com/fwlink/?linkid=2118566) | Stream Defender for Endpoint Alerts to RSA NetWitness leveraging Microsoft Graph Security API
|
||||
 | [RSA NetWitness](https://go.microsoft.com/fwlink/?linkid=2118566) | Stream Defender for Endpoint Alerts to RSA NetWitness using Microsoft Graph Security API
|
||||
 | [SafeBreach](https://go.microsoft.com/fwlink/?linkid=2114114)| Gain visibility into Defender for Endpoint security events that are automatically correlated with SafeBreach simulations
|
||||
 | [Skybox Vulnerability Control](https://go.microsoft.com/fwlink/?linkid=2127467) | Skybox Vulnerability Control cuts through the noise of vulnerability management, correlating business, network, and threat context to uncover your riskiest vulnerabilities
|
||||
 | [Splunk](https://go.microsoft.com/fwlink/?linkid=2129805) | The Defender for Endpoint Add-on allows Splunk users to ingest all of the alerts and supporting information to their Splunk
|
||||
@ -98,25 +100,25 @@ Logo |Partner name | Description
|
||||
Logo |Partner name | Description
|
||||
:---|:---|:---
|
||||
| [Bitdefender](https://go.microsoft.com/fwlink/?linkid=860032)| Bitdefender GravityZone is a layered next generation endpoint protection platform offering comprehensive protection against the full spectrum of sophisticated cyber threats
|
||||
 | [Better Mobile](https://go.microsoft.com/fwlink/?linkid=2086214)| AI based MTD solution to stop mobile threats & phishing. Private internet browsing to protect user privacy
|
||||
| [Corrata](https://go.microsoft.com/fwlink/?linkid=2081148) | Mobile solution — Protect your mobile devices with granular visibility and control from Corrata
|
||||
 | [Better Mobile](https://go.microsoft.com/fwlink/?linkid=2086214)| AI-based MTD solution to stop mobile threats & phishing. Private internet browsing to protect user privacy
|
||||
| [Corrata](https://go.microsoft.com/fwlink/?linkid=2081148) | Mobile solution that protects your mobile devices with granular visibility and control from Corrata
|
||||
| [Lookout](https://go.microsoft.com/fwlink/?linkid=866935)| Get Lookout Mobile Threat Protection telemetry for Android and iOS mobile devices
|
||||
 | [Symantec Endpoint Protection Mobile](https://go.microsoft.com/fwlink/?linkid=2090992)| SEP Mobile helps businesses predict, detect, and prevent security threats and vulnerabilities on mobile devices
|
||||
| [Zimperium](https://go.microsoft.com/fwlink/?linkid=2118044)|Extend your Defender for Endpoint to iOS and Android with Machine Learning-based Mobile Threat Defense
|
||||
|
||||
|
||||
## Additional integrations
|
||||
## More integrations
|
||||
Logo |Partner name | Description
|
||||
:---|:---|:---
|
||||
| [Cyren Web Filter](https://go.microsoft.com/fwlink/?linkid=2108221)| Enhance your Defender for Endpoint with advanced Web Filtering
|
||||
| [Morphisec](https://go.microsoft.com/fwlink/?linkid=2086215)| Provides Moving Target Defense-powered advanced threat prevention and integrates forensics data directly into WD Security Center dashboards to help prioritize alerts, determine device at-risk score and visualize full attack timeline including internal memory information
|
||||
| [Morphisec](https://go.microsoft.com/fwlink/?linkid=2086215)| Provides Moving Target Defense-powered advanced threat prevention. Integrates forensics data directly into WD Security Center dashboards to help prioritize alerts, determine device at-risk score and visualize full attack timeline including internal memory information
|
||||
| [THOR Cloud](https://go.microsoft.com/fwlink/?linkid=862988)| Provides on-demand live forensics scans using a signature base with focus on persistent threats
|
||||
|
||||
|
||||
|
||||
|
||||
## SIEM integration
|
||||
Defender for Endpoint supports SIEM integration through a variety of methods — specialized SIEM system interface with out of the box connectors, a generic alert API enabling custom implementations, and an action API enabling alert status management. For more information, see [Enable SIEM integration](enable-siem-integration.md).
|
||||
Defender for Endpoint supports SIEM integration through various of methods. This can include specialized SIEM system interface with out of the box connectors, a generic alert API enabling custom implementations, and an action API enabling alert status management. For more information, see [Enable SIEM integration](enable-siem-integration.md).
|
||||
|
||||
## Ticketing and IT service management
|
||||
Ticketing solution integration helps to implement manual and automatic response processes. Defender for Endpoint can help to create tickets automatically when an alert is generated and resolve the alerts when tickets are closed using the alerts API.
|
||||
@ -129,12 +131,12 @@ Defender for Endpoint offers unique automated investigation and remediation capa
|
||||
|
||||
Integrating the automated investigation and response capability with other solutions such as IDS and firewalls help to address alerts and minimize the complexities surrounding network and device signal correlation, effectively streamlining the investigation and threat remediation actions on devices.
|
||||
|
||||
External alerts can be pushed into Defender for Endpoint and is presented side by side with additional device-based alerts from Defender for Endpoint. This view provides a full context of the alert — with the real process and the full story of attack.
|
||||
External alerts can be pushed to Defender for Endpoint. These alerts are shown side by side with additional device-based alerts from Defender for Endpoint. This view provides a full context of the alert and can reveal the full story of an attack.
|
||||
|
||||
## Indicators matching
|
||||
You can use threat-intelligence from providers and aggregators to maintain and use indicators of compromise (IOCs).
|
||||
|
||||
Defender for Endpoint allows you to integrate with such solutions and act on IoCs by correlating its rich telemetry and creating alerts when there's a match; leveraging prevention and automated response capabilities to block execution and take remediation actions when there's a match.
|
||||
Defender for Endpoint allows you to integrate with these solutions and act on IoCs by correlating rich telemetry to create alerts. You can also useg prevention and automated response capabilities to block execution and take remediation actions when there's a match.
|
||||
|
||||
Defender for Endpoint currently supports IOC matching and remediation for file and network indicators. Blocking is supported for file indicators.
|
||||
|
||||
|
||||
@ -23,9 +23,10 @@ ms.technology: mde
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
|
||||
> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
|
||||
@ -24,7 +24,9 @@ ms.technology: mde
|
||||
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
|
||||
>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
|
||||
|
||||
@ -81,7 +83,7 @@ Icon | Description
|
||||
| Alert – Indication of an activity correlated with advanced attacks.
|
||||
| Detection – Indication of a malware threat detection.
|
||||
| Active threat – Threats actively executing at the time of detection.
|
||||
| Remediated – Threat removed from the device.
|
||||
| Remediated – Threat removed from the device.
|
||||
| Not remediated – Threat not removed from the device.
|
||||
| Indicates events that triggered an alert in the **Alert process tree**.
|
||||
| Device icon
|
||||
@ -116,7 +118,7 @@ Icon | Description
|
||||
 | Automated investigation - terminated by system
|
||||
 | Automated investigation - pending
|
||||
 | Automated investigation - running
|
||||
 | Automated investigation - remediated
|
||||
 | Automated investigation - remediated
|
||||
 | Automated investigation - partially remediated
|
||||
 | Threat & Vulnerability Management - threat insights
|
||||
 | Threat & Vulnerability Management - possible active alert
|
||||
|
||||
@ -21,16 +21,17 @@ ms.technology: mde
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
[!include[Microsoft Defender for Endpoint API URIs for US Government](../../includes/microsoft-defender-api-usgov.md)]
|
||||
|
||||
[!include[Improve request performance](../../includes/improve-request-performance.md)]
|
||||
|
||||
|
||||
## API description
|
||||
Submits or Updates new [Indicator](ti-indicator.md) entity.
|
||||
<br>CIDR notation for IPs is not supported.
|
||||
|
||||
@ -24,7 +24,9 @@ ms.technology: mde
|
||||
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
|
||||
>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-prefsettings-abovefoldlink)
|
||||
|
||||
|
||||
@ -25,12 +25,11 @@ ms.technology: mde
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
|
||||
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
Deploying Defender for Endpoint is a three-phase process:
|
||||
|
||||
|
||||
@ -21,9 +21,10 @@ ms.technology: mde
|
||||
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
|
||||
>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-previewsettings-abovefoldlink)
|
||||
|
||||
|
||||
@ -28,7 +28,11 @@ ms.technology: mde
|
||||
>The preview versions are provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
|
||||
The Defender for Endpoint service is constantly being updated to include new feature enhancements and capabilities.
|
||||
|
||||
|
||||
@ -27,7 +27,9 @@ ms.technology: mde
|
||||
|
||||
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
|
||||
|
||||
Deploying Defender for Endpoint is a three-phase process:
|
||||
|
||||
@ -23,7 +23,10 @@ ms.technology: mde
|
||||
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
|
||||
|
||||
|
||||
**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
|
||||
**Applies to:**
|
||||
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
|
||||
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
|
||||
|
||||
|
||||
- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user