From 95a0aa21febd99d2f892209b3f00e672a70898de Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 25 Jun 2018 11:19:41 -0700 Subject: [PATCH 1/3] add link to the AV connections --- ...ced-hunting-windows-defender-advanced-threat-protection.md | 4 ++-- ...d-downlevel-windows-defender-advanced-threat-protection.md | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md index 29d6f12edb..f842dfb362 100644 --- a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md @@ -152,8 +152,8 @@ The filter selections will resolve as an additional query term and the results w -## Public Advanced Hunting query GitHub repository -Check out the [Advanced Hunting repository](https://github.com/Microsoft/WindowsDefenderATP-Hunting-Queries). Contribute and use example queries shared by our customers. +## Public Advanced hunting query GitHub repository +Check out the [Advanced hunting repository](https://github.com/Microsoft/WindowsDefenderATP-Hunting-Queries). Contribute and use example queries shared by our customers. >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhunting-belowfoldlink) diff --git a/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md index 5118827931..259b8c499a 100644 --- a/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 06/18/2018 +ms.date: 06/25/2018 --- # Onboard previous versions of Windows @@ -45,6 +45,7 @@ Windows Defender ATP integrates with System Center Endpoint Protection to provid The following steps are required to enable this integration: - Install the [January 2017 anti-malware platform update for Endpoint Protection clients](https://support.microsoft.com/en-us/help/3209361/january-2017-anti-malware-platform-update-for-endpoint-protection-clie) - Configure the SCEP client Cloud Protection Service membership to the **Advanced** setting +- Configure your network to allow connections to the Windows Defender Antivirus cloud. For more information, see [Allow connections to the Windows Defender Antivirus cloud](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud) ## Install and configure Microsoft Monitoring Agent (MMA) to report sensor data to Windows Defender ATP From 2d71e327b8b3a083007c793850f1017a9bec0b61 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 19 Nov 2018 10:56:42 -0800 Subject: [PATCH 2/3] merging conflicts --- ...ows-defender-advanced-threat-protection.md | 21 +++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md index 259b8c499a..6d926cadf6 100644 --- a/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md @@ -3,14 +3,15 @@ title: Onboard previous versions of Windows on Windows Defender ATP description: Onboard supported previous versions of Windows machines so that they can send sensor data to the Windows Defender ATP sensor keywords: onboard, windows, 7, 81, oms, sp1, enterprise, pro, down level search.product: eADQiWindows 10XVcnh +search.appverid: met150 ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.author: macapara author: mjcaparas -ms.localizationpriority: high -ms.date: 06/25/2018 +ms.localizationpriority: medium +ms.date: 11/19/2018 --- # Onboard previous versions of Windows @@ -21,7 +22,7 @@ ms.date: 06/25/2018 - Windows 7 SP1 Pro - Windows 8.1 Pro - Windows 8.1 Enterprise -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) [!include[Prerelease information](prerelease.md)] @@ -43,7 +44,7 @@ To onboard down-level Windows client endpoints to Windows Defender ATP, you'll n Windows Defender ATP integrates with System Center Endpoint Protection to provide visibility to malware detections and to stop propagation of an attack in your organization by banning potentially malicious files or suspected malware. The following steps are required to enable this integration: -- Install the [January 2017 anti-malware platform update for Endpoint Protection clients](https://support.microsoft.com/en-us/help/3209361/january-2017-anti-malware-platform-update-for-endpoint-protection-clie) +- Install the [January 2017 anti-malware platform update for Endpoint Protection clients](https://support.microsoft.com/help/3209361/january-2017-anti-malware-platform-update-for-endpoint-protection-clie) - Configure the SCEP client Cloud Protection Service membership to the **Advanced** setting - Configure your network to allow connections to the Windows Defender Antivirus cloud. For more information, see [Allow connections to the Windows Defender Antivirus cloud](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud) @@ -51,7 +52,7 @@ The following steps are required to enable this integration: ### Before you begin Review the following details to verify minimum system requirements: -- Install the [February monthly update rollout](https://support.microsoft.com/help/4074598/windows-7-update-kb4074598) +- Install the [February monthly update rollup](https://support.microsoft.com/help/4074598/windows-7-update-kb4074598) >[!NOTE] >Only applicable for Windows 7 SP1 Enterprise and Windows 7 SP1 Pro. @@ -61,8 +62,16 @@ Review the following details to verify minimum system requirements: >[!NOTE] >Only applicable for Windows 7 SP1 Enterprise and Windows 7 SP1 Pro. +- Install either [.NET framework 4.5](https://www.microsoft.com/en-us/download/details.aspx?id=30653) (or later) or [KB3154518](https://support.microsoft.com/help/3154518/support-for-tls-system-default-versions-included-in-the-net-framework) + + >[NOTE] + >Only applicable for Windows 7 SP1 Enterprise and Windows 7 SP1 Pro. + >Don't install .NET framework 4.0.x, since it will negate the above installation. + - Meet the Azure Log Analytics agent minimum system requirements. For more information, see [Collect data from computers in you environment with Log Analytics](https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-concept-hybrid#prerequisites) + + 1. Download the agent setup file: [Windows 64-bit agent](https://go.microsoft.com/fwlink/?LinkId=828603) or [Windows 32-bit agent](https://go.microsoft.com/fwlink/?LinkId=828604). 2. Obtain the workspace ID: @@ -73,7 +82,7 @@ Review the following details to verify minimum system requirements: 3. Using the Workspace ID and Workspace key choose any of the following installation methods to install the agent: - Manually install the agent using setup
On the **Agent Setup Options** page, select **Connect the agent to Azure Log Analytics (OMS)** - - [Install the agent using command line](https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-agent-windows#install-the-agent-using-the-command-line) and [configure the agent using a script](https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-agent-windows#add-a-workspace-using-a-script) + - [Install the agent using command line](https://docs.microsoft.com/azure/log-analytics/log-analytics-agent-windows#install-the-agent-using-the-command-line) and [configure the agent using a script](https://docs.microsoft.com/azure/log-analytics/log-analytics-agent-windows#add-a-workspace-using-a-script) 4. If you're using a proxy to connect to the Internet see the Configure proxy settings section. From 0c327eca721de0c0fd01d527c764e6719a8bcf8b Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 19 Nov 2018 10:59:01 -0800 Subject: [PATCH 3/3] delete char --- ...ard-downlevel-windows-defender-advanced-threat-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md index 6d926cadf6..0a0076523d 100644 --- a/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md @@ -24,7 +24,7 @@ ms.date: 11/19/2018 - Windows 8.1 Enterprise - [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) -[!include[Prerelease information](prerelease.md)] +[!include[Prerelease information](prerelease.md)] >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-downlevel-abovefoldlink)