From d59c8f6c41d7248bc38bb5a2d31a08a061ec7352 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 12 Jul 2016 16:30:57 +1000 Subject: [PATCH] add MDM section --- ...nts-windows-defender-advanced-threat-protection.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md index 9c5d119032..c0462b7910 100644 --- a/windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md @@ -79,10 +79,6 @@ Using the GP configuration package ensures your endpoints will be correctly conf For additional settings, see the [Additional configuration settings section](additional-configuration-windows-defender-advanced-threat-protection.md). ## Configure with Microsoft Intune -You can use mobile device management (MDM) solutions to configure endpoints. Windows Defender ATP supports MDMs by providing OMA-URIs to create policies to manage endpoints. - -For more information on using other MDMs see, [WindowsAdvancedThreatProtection CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723296(v=vs.85).aspx) and [WindowsAdvancedThreatProtection DDF file](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723297(v=vs.85).aspx). - The following instructions will guide you on creating policies to manage Windows Defender ATP in Microsoft Intune. 1. Open the Microsoft Intune configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): @@ -95,7 +91,7 @@ The following instructions will guide you on creating policies to manage Windows 3. Use the Microsoft Intune custom configuration policy to deploy the following supported OMA-URI settings. For more information on Microsoft Intune policy settings see, [Windows 10 policy settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune). -These policies are grouped into two: +These policies are categorized into two groups: - Onboarding - Use the onboarding policies to deploy configuration settings on endpoints. These policies can be sub-categorized to: - Onboarding - Health Status for onboarded machines @@ -120,6 +116,11 @@ Health Status for onboarded machines | ./Device/Vendor/MSFT/WindowsAdvancedThrea > **Note**  Policies **Health Status for onboarded machines** and **Health Status for offboarded machines** use read-only properties and can't be remediated. +## Configure endpoints using Mobile Device Management tools +You can use mobile device management (MDM) solutions to configure endpoints. Windows Defender ATP supports MDMs by providing OMA-URIs to create policies to manage endpoints. + +For more information on using other MDMs see, [WindowsAdvancedThreatProtection CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723296(v=vs.85).aspx) and [WindowsAdvancedThreatProtection DDF file](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723297(v=vs.85).aspx). + ## Configure endpoints individually with a script You can also manually onboard individual endpoints to Windows Defender ATP. You might want to do this first when testing the service before you commit to onboarding all endpoints in your network.