mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-15 18:33:43 +00:00
Update symantec-to-microsoft-defender-atp-onboard.md
This commit is contained in:
@ -62,34 +62,14 @@ To verify that your onboarded devices are properly connected to Microsoft Defend
|
||||
|---------|---------|
|
||||
|Windows 10 <br/>Windows Server 2019 <br/>Windows Server, version 1803 <br/>Windows Server 2016 <br/>Windows Server 2012 R2 |[Run a detection test](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/run-detection-test) |
|
||||
|macOS<br/>- 10.15 (Catalina)<br/>- 10.14 (Mojave)<br/>- 10.13 (High Sierra) |Using Terminal, run the following command: <br/>`$ mdatp --connectivity-test` <br/><br/>For more information, see [Microsoft Defender Advanced Threat Protection for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac) |
|
||||
|Linux |1. Run the following command, and look for a result of **1**: <br/>`Ensure that real-time protection is enabled (denoted by a result of 1 from running the following command):` <br/><br/>2. Open a Terminal window, and run the following command: <br/>`curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt` <br/><br/>3. Run the following command to list any detected threats: <br/>`mdatp threat list` <br/><br/>For more information, see [Microsoft Defender ATP for Linux](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux). |
|
||||
|Linux |1. Run the following command, and look for a result of **1**: <br/>`mdatp health --field real_time_protection_enabled` <br/><br/>2. Open a Terminal window, and run the following command: <br/>`curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt` <br/><br/>3. Run the following command to list any detected threats: <br/>`mdatp threat list` <br/><br/>For more information, see [Microsoft Defender ATP for Linux](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux). |
|
||||
|
||||
|
||||
## Uninstall Symantec
|
||||
|
||||
*WORK IN PROGRESS*
|
||||
|
||||
Uninstall 3rd party EDR (RSA NetWitness)
|
||||
|
||||
Uninstall 3rd party SEP AV
|
||||
1) Unblock password (Anti-tamper, in order to remove)
|
||||
2) Refresh SEP policy
|
||||
<Add the command here.>
|
||||
3) Uninstall the Endpoint Protection client using the command prompt
|
||||
https://support.symantec.com/us/en/article.tech102470.html
|
||||
|
||||
There is an example for both PowerShell and DOS. This script could be automated to check for a ReturnValue to equal zero and if not then run “CleanWipe”
|
||||
|
||||
Download the CleanWipe removal tool to uninstall Endpoint Protection
|
||||
https://support.symantec.com/us/en/article.howto124983.html
|
||||
Note: SEP 14 now forces end-user interaction.
|
||||
|
||||
Article has the download and readme.
|
||||
|
||||
Select all apps in the tool and once completed it will require a reboot and once you log back in the software will continue and show completion. You will need to periodically check this article as they update the software versions often. You can also verify when running if it requires an update.
|
||||
|
||||
[Uninstall Symantec Endpoint Protection](https://knowledge.broadcom.com/external/article/156148/uninstall-symantec-endpoint-protection.html)
|
||||
Now that you have configured Microsoft Defender ATP and have onboarded your organization's devices, your next step is to uninstall Symantec.
|
||||
|
||||
- Follow the guidance in [Uninstall Symantec Endpoint Protection](https://knowledge.broadcom.com/external/article/156148/uninstall-symantec-endpoint-protection.html)
|
||||
|
||||
## Next steps
|
||||
|
||||
|
Reference in New Issue
Block a user