deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 22:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

add MDM section

Browse Source
This commit is contained in:
Joey Caparas 2016-07-12 16:30:57 +10:00
parent 791d15cc29
commit d59c8f6c41
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md
View File

@ -79,10 +79,6 @@ Using the GP configuration package ensures your endpoints will be correctly conf
For additional settings, see the [Additional configuration settings section](additional-configuration-windows-defender-advanced-threat-protection.md). For additional settings, see the [Additional configuration settings section](additional-configuration-windows-defender-advanced-threat-protection.md).
## Configure with Microsoft Intune ## Configure with Microsoft Intune
You can use mobile device management (MDM) solutions to configure endpoints. Windows Defender ATP supports MDMs by providing OMA-URIs to create policies to manage endpoints.
For more information on using other MDMs see, [WindowsAdvancedThreatProtection CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723296(v=vs.85).aspx) and [WindowsAdvancedThreatProtection DDF file](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723297(v=vs.85).aspx).
The following instructions will guide you on creating policies to manage Windows Defender ATP in Microsoft Intune. The following instructions will guide you on creating policies to manage Windows Defender ATP in Microsoft Intune.
1. Open the Microsoft Intune configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): 1. Open the Microsoft Intune configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/):
@ -95,7 +91,7 @@ The following instructions will guide you on creating policies to manage Windows
3. Use the Microsoft Intune custom configuration policy to deploy the following supported OMA-URI settings. For more information on Microsoft Intune policy settings see, [Windows 10 policy settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune). 3. Use the Microsoft Intune custom configuration policy to deploy the following supported OMA-URI settings. For more information on Microsoft Intune policy settings see, [Windows 10 policy settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune).
These policies are grouped into two: These policies are categorized into two groups:
- Onboarding - Use the onboarding policies to deploy configuration settings on endpoints. These policies can be sub-categorized to: - Onboarding - Use the onboarding policies to deploy configuration settings on endpoints. These policies can be sub-categorized to:
- Onboarding - Onboarding
- Health Status for onboarded machines - Health Status for onboarded machines
@ -120,6 +116,11 @@ Health Status for onboarded machines | ./Device/Vendor/MSFT/WindowsAdvancedThrea
> **Note**  Policies **Health Status for onboarded machines** and **Health Status for offboarded machines** use read-only properties and can't be remediated. > **Note**  Policies **Health Status for onboarded machines** and **Health Status for offboarded machines** use read-only properties and can't be remediated.
## Configure endpoints using Mobile Device Management tools
You can use mobile device management (MDM) solutions to configure endpoints. Windows Defender ATP supports MDMs by providing OMA-URIs to create policies to manage endpoints.
For more information on using other MDMs see, [WindowsAdvancedThreatProtection CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723296(v=vs.85).aspx) and [WindowsAdvancedThreatProtection DDF file](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723297(v=vs.85).aspx).
## Configure endpoints individually with a script ## Configure endpoints individually with a script
<a name="manual"></a> <a name="manual"></a>
You can also manually onboard individual endpoints to Windows Defender ATP. You might want to do this first when testing the service before you commit to onboarding all endpoints in your network. You can also manually onboard individual endpoints to Windows Defender ATP. You might want to do this first when testing the service before you commit to onboarding all endpoints in your network.