From 2737b13352abe9770279a134d2ed1bf03bbfafab Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 18 Jun 2018 13:31:19 -0700 Subject: [PATCH 1/2] update min onboarding topic to include other windows versions --- ...ows-defender-advanced-threat-protection.md | 6 ++- ...ows-defender-advanced-threat-protection.md | 43 +++++++++++++++++-- 2 files changed, 44 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md index db4d4d1e03..38e33a95da 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 06/06/2018 +ms.date: 06/18/2018 --- # Configure alert notifications in Windows Defender ATP @@ -50,7 +50,9 @@ You can create rules that determine the machines and alert severities to send em 2. Click **Add notification rule**. 3. Specify the General information: - - **Rule name** + - **Rule name** - Specify a name for the notification rule. + - **Show customer display name** - Specify the customer name that appears on the email notification. + - **Include a deeplink** - Adds a link with the tenant ID to allow access to a specific tenant. - **Machines** - Choose whether to notify recipients for alerts on all machines (Global administrator role only) or on selected machine groups. For more information, see [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md). - **Alert severity** - Choose the alert severity level diff --git a/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md index e5ee209594..56ecea1dca 100644 --- a/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md @@ -17,14 +17,18 @@ ms.date: 04/24/2018 **Applies to:** +- Windows 7 SP1 Enterprise +- Windows 7 SP1 Pro +- Windows 8.1 Enterprise +- Windows 8.1 Pro - Windows 10 Enterprise - Windows 10 Education - Windows 10 Pro - Windows 10 Pro Education -- macOS -- Linux - Windows Server 2012 R2 - Windows Server 2016 +- macOS +- Linux - Windows Defender Advanced Threat Protection (Windows Defender ATP) [!include[Prerelease information](prerelease.md)] @@ -44,6 +48,38 @@ Windows Defender Advanced Threat Protection requires one of the following Micros For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2). +## Hardware and software requirements +### Supported Windows versions +- Windows 7 SP1 Enterprise +- Windows 7 SP1 Pro +- Windows 8.1 Enterprise +- Windows 8.1 Pro +- Windows 10 + - Windows 10 Enterprise + - Windows 10 Education + - Windows 10 Pro + - Windows 10 Pro Education +- Windows server + - Windows Server 2012 R2 + - Windows Server 2016 + - Windows Server, version 1803 + +Machines on your network must be running one of these editions. + +The hardware requirements for Windows Defender ATP on machines is the same as those for the supported editions. + +> [!NOTE] +> Machines that are running mobile versions of Windows are not supported. + + +### Other supported operating systems +>[!NOTE] +>You'll need to know the exact Linux distros and macOS X versions that are compatible with Windows Defender ATP for the integration to work. + +- macOSX +- Linux + + ## Windows Defender Antivirus configuration requirement The Windows Defender ATP agent depends on the ability of Windows Defender Antivirus to scan files and provide information about them. @@ -61,7 +97,8 @@ For more information, see [Windows Defender Antivirus compatibility](../windows- Topic | Description :---|:--- [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md) | You'll need to onboard machines for it to report to the Windows Defender ATP service. Learn about the tools and methods you can use to configure machines in your enterprise. -[Onboard servers](configure-server-endpoints-windows-defender-advanced-threat-protection.md) | Onboard Windows Server 2012 R2 and Windows Server 2016 to Windows Defender ATP +[Onboard previous versions of Windows](onboard-downlevel-windows-defender-advanced-threat-protection.md)| Onboard Windows 7 and Windows 8.1 machines to Windows Defender ATP. +[Onboard servers](configure-server-endpoints-windows-defender-advanced-threat-protection.md) | Onboard Windows Server 2012 R2 and Windows Server 2016 to Windows Defender ATP. [Onboard non-Windows machines](configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md) | Windows Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in the Windows Defender ATP portal and better protect your organization's network. This experience leverages on a third-party security products' sensor data. [Run a detection test on a newly onboarded machine](run-detection-test-windows-defender-advanced-threat-protection.md) | Run a script on a newly onboarded machine to verify that it is properly reporting to the Windows Defender ATP service. [Configure proxy and Internet settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)| Enable communication with the Windows Defender ATP cloud service by configuring the proxy and Internet connectivity settings. From 430c8f349179c0e7d42fd27993e51027945d1ac8 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 19 Jun 2018 10:24:50 -0700 Subject: [PATCH 2/2] onboarding page update --- ...tifications-windows-defender-advanced-threat-protection.md | 4 +--- ...d-configure-windows-defender-advanced-threat-protection.md | 4 ++-- ...s-dashboard-windows-defender-advanced-threat-protection.md | 2 +- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md index 38e33a95da..a3611df82a 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md @@ -50,9 +50,7 @@ You can create rules that determine the machines and alert severities to send em 2. Click **Add notification rule**. 3. Specify the General information: - - **Rule name** - Specify a name for the notification rule. - - **Show customer display name** - Specify the customer name that appears on the email notification. - - **Include a deeplink** - Adds a link with the tenant ID to allow access to a specific tenant. + - **Rule name** - **Machines** - Choose whether to notify recipients for alerts on all machines (Global administrator role only) or on selected machine groups. For more information, see [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md). - **Alert severity** - Choose the alert severity level diff --git a/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md index 56ecea1dca..5f43d024b3 100644 --- a/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/24/2018 +ms.date: 06/19/2018 --- # Onboard machines to the Windows Defender ATP service @@ -76,7 +76,7 @@ The hardware requirements for Windows Defender ATP on machines is the same as th >[!NOTE] >You'll need to know the exact Linux distros and macOS X versions that are compatible with Windows Defender ATP for the integration to work. -- macOSX +- macOS X - Linux diff --git a/windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md index d3740aa25f..9414dd6e89 100644 --- a/windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md @@ -114,7 +114,7 @@ This tile shows statistics related to automated investigations in the last 30 da ![Image of automated investigations statistics](images/atp-automated-investigations-statistics.png) -You can click on **Automated investigations**, **Remidated investigations**, and **Alerts investigated** to navigate to the **Invesgations** page, filtered by the appropriate category. This lets you see a detailed breakdown of investigations in context. +You can click on **Automated investigations**, **Remidated investigations**, and **Alerts investigated** to navigate to the **Investigations** page, filtered by the appropriate category. This lets you see a detailed breakdown of investigations in context. ## Users at risk The tile shows you a list of user accounts with the most active alerts and the number of alerts seen on high, medium, or low alerts.