diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md index 71c901e041..f297a4328b 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md @@ -21,7 +21,7 @@ ms.topic: conceptual **Applies to:** -[Windows Defender Advanced Threat Protection (Windows Defender ATP) for Mac](microsoft-defender-atp-mac.md) +[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) >[!IMPORTANT] >This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. @@ -114,4 +114,4 @@ See [Logging installation issues](microsoft-defender-atp-mac-resources.md#loggin ## Uninstallation -See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Windows Defender ATP for Mac from client devices. \ No newline at end of file +See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices. \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md index 15bfabbd53..e6aaf51861 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md @@ -21,7 +21,7 @@ ms.topic: conceptual **Applies to:** -[Windows Defender Advanced Threat Protection (Windows Defender ATP) for Mac](microsoft-defender-atp-mac.md) +[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) >[!IMPORTANT] >This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. @@ -32,13 +32,13 @@ Before you get started, please see [the main Microsoft Defender ATP for Mac page ## Download installation and onboarding packages -Download the installation and onboarding packages from Windows Defender Security Center: +Download the installation and onboarding packages from Microsoft Defender Security Center: -1. In Windows Defender Security Center, go to **Settings > Machine Management > Onboarding**. -2. In Section 1 of the page, set operating system to **Linux, macOS, iOS or Android** and Deployment method to **Mobile Device Management / Microsoft Intune**. -3. In Section 2 of the page, select **Download installation package**. Save it as wdav.pkg to a local directory. -4. In Section 2 of the page, select **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory. -5. Download IntuneAppUtil from [https://docs.microsoft.com/en-us/intune/lob-apps-macos](https://docs.microsoft.com/en-us/intune/lob-apps-macos). +1. In Microsoft Defender Security Center, go to **Settings** > **Device Management** > **Onboarding**. +2. In Section 1 of the page, set the operating system to **Linux, macOS, iOS or Android** and the deployment method to **Mobile Device Management / Microsoft Intune**. +3. In Section 2 of the page, select **Download installation package**. Save it as _wdav.pkg_ to a local directory. +4. In Section 2 of the page, select **Download onboarding package**. Save it as _WindowsDefenderATPOnboardingPackage.zip_ to the same directory. +5. Download **IntuneAppUtil** from [https://docs.microsoft.com/en-us/intune/lob-apps-macos](https://docs.microsoft.com/en-us/intune/lob-apps-macos). ![Windows Defender Security Center screenshot](images/MDATP_2_IntuneAppUtil.png) @@ -80,41 +80,41 @@ Download the installation and onboarding packages from Windows Defender Security to deploy refer to the product documentation. ``` -## Client Machine Setup +## Client device setup -You need no special provisioning for a Mac machine beyond a standard [Company Portal installation](https://docs.microsoft.com/en-us/intune-user-help/enroll-your-device-in-intune-macos-cp). +You need no special provisioning for a Mac device beyond a standard [Company Portal installation](https://docs.microsoft.com/en-us/intune-user-help/enroll-your-device-in-intune-macos-cp). 1. You'll be asked to confirm device management. ![Confirm device management screenshot](images/MDATP_3_ConfirmDeviceMgmt.png) -Select Open System Preferences, locate Management Profile on the list and select the **Approve...** button. Your Management Profile would be displayed as **Verified**: +Select **Open System Preferences**, locate **Management Profile** on the list and select **Approve...**. Your Management Profile would be displayed as **Verified**: ![Management profile screenshot](images/MDATP_4_ManagementProfile.png) -2. Select the **Continue** button and complete the enrollment. +2. Select **Continue** and complete the enrollment. -You can enroll additional machines. Optionally, you can do it later, after system configuration and application package are provisioned. +You can enroll additional devices. Optionally, you can enroll them later, after you have finished provisioning system configuration and application packages. -3. In Intune, open the **Manage > Devices > All devices** blade. You'll see your machine: +3. In Intune, open **Manage** > **Devices** > **All devices**. You'll see your device among those listed: ![Add Devices screenshot](images/MDATP_5_allDevices.png) ## Create System Configuration profiles -1. In Intune open the **Manage > Device configuration** blade. Select **Manage > Profiles > Create Profile**. -2. Choose a name for the profile. Change **Platform=macOS**, **Profile type=Custom**. Select **Configure**. +1. In Intune, open **Manage** > **Device configuration**. Select **Manage** > **Profiles** > **Create Profile**. +2. Choose a name for the profile. Change **Platform=macOS** to **Profile type=Custom**. Select **Configure**. 3. Open the configuration profile and upload intune/kext.xml. This file was created during the Generate settings step above. 4. Select **OK**. ![System configuration profiles screenshot](images/MDATP_6_SystemConfigurationProfiles.png) -5. Select **Manage > Assignments**. In the **Include** tab, select **Assign to All Users & All devices**. -6. Repeat these steps with the second profile. -7. Create Profile one more time, give it a name, upload the intune/WindowsDefenderATPOnboarding.xml file. -8. Select **Manage > Assignments**. In the Include tab, select **Assign to All Users & All devices**. +5. Select **Manage** > **Assignments**. In the **Include** tab, select **Assign to All Users & All devices**. +6. Repeat steps 1 through 5 for additional profiles. +7. Create a new profile one more time, give it a name, and upload the intune/WindowsDefenderATPOnboarding.xml file. +8. Select **Manage > Assignments**. In the **Include** tab, select **Assign to All Users & All devices**. -After Intune changes are propagated to the enrolled machines, you'll see it on the **Monitor > Device status** blade: +Once the Intune changes are propagated to the enrolled devices, you'll see them listed under **Monitor** > **Device status**: ![System configuration profiles screenshot](images/MDATP_7_DeviceStatusBlade.png) @@ -124,7 +124,7 @@ After Intune changes are propagated to the enrolled machines, you'll see it on t 2. Select **App type=Other/Line-of-business app**. 3. Select **file=wdav.pkg.intunemac**. Select **OK** to upload. 4. Select **Configure** and add the required information. -5. Use **macOS Sierra 10.12** as the minimum OS. Other settings can be any other value. +5. Use **macOS Sierra 10.12** as the minimum OS. Other settings can be any arbitrary value. ![Device status blade screenshot](images/MDATP_8_IntuneAppInfo.png) @@ -132,32 +132,30 @@ After Intune changes are propagated to the enrolled machines, you'll see it on t ![Device status blade screenshot](images/MDATP_9_IntunePkgInfo.png) -7. It will take a while to upload the package. After it's done, select the name and then go to **Assignments** and **Add group**. +7. It may take a few moments to upload the package. After it's done, select the package from the list and go to **Assignments** and **Add group**. ![Client apps screenshot](images/MDATP_10_ClientApps.png) -8. Change **Assignment type=Required**. +8. Change **Assignment type** to **Required**. 9. Select **Included Groups**. Select **Make this app required for all devices=Yes**. Select **Select group to include** and add a group that contains the users you want to target. Select **OK** and **Save**. ![Intune assignments info screenshot](images/MDATP_11_Assignments.png) -10. After some time the application will be published to all enrolled machines. You'll see it on the **Monitor > Device** install status blade: +10. After some time the application will be published to all enrolled devices. You'll see it listed on **Monitor** > **Device**, under **Device install status**: ![Intune device status screenshot](images/MDATP_12_DeviceInstall.png) -## Verify client machine state +## Verify client device state -1. After the configuration profiles are deployed to your machines, on your Mac device, open **System Preferences > Profiles**. +1. After the configuration profiles are deployed to your devices, open **System Preferences** > **Profiles** on your Mac device. ![System Preferences screenshot](images/MDATP_13_SystemPreferences.png) ![System Preferences Profiles screenshot](images/MDATP_14_SystemPreferencesProfiles.png) -2. Verify the three profiles listed there: +2. Verify that the following configuration profiles are present and installed. The **Management Profile** should be the Intune system profile. _Wdav-config_ and _wdav-kext_ are system configuration profiles that we added in Intune.: ![Profiles screenshot](images/MDATP_15_ManagementProfileConfig.png) -3. The **Management Profile** should be the Intune system profile. -4. wdav-config and wdav-kext are system configuration profiles that we added in Intune. -5. You should also see the Microsoft Defender icon in the top-right corner: +3. You should also see the Microsoft Defender icon in the top-right corner: ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png) @@ -167,4 +165,4 @@ See [Logging installation issues](microsoft-defender-atp-mac-resources.md#loggin ## Uninstallation -See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Windows Defender ATP for Mac from client devices. \ No newline at end of file +See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices. \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md index 4770ec60ec..2f1224ed6d 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md @@ -21,7 +21,7 @@ ms.topic: conceptual **Applies to:** -[Windows Defender Advanced Threat Protection (Windows Defender ATP) for Mac](microsoft-defender-atp-mac.md) +[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) >[!IMPORTANT] >This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. @@ -36,15 +36,14 @@ In addition, for JAMF deployment, you need to be familiar with JAMF administrati Download the installation and onboarding packages from Windows Defender Security Center: -1. In Windows Defender Security Center, go to **Settings > Machine Management > Onboarding**. -2. In Section 1 of the page, set operating system to **Linux, macOS, iOS or Android** and Deployment method to **Mobile Device Management / Microsoft Intune**. -3. In Section 2 of the page, select **Download installation package**. Save it as wdav.pkg to a local directory. -4. In Section 2 of the page, select **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory. +1. In Windows Defender Security Center, go to **Settings > device Management > Onboarding**. +2. In Section 1 of the page, set the operating system to **Linux, macOS, iOS or Android** and deployment method to **Mobile Device Management / Microsoft Intune**. +3. In Section 2 of the page, select **Download installation package**. Save it as _wdav.pkg_ to a local directory. +4. In Section 2 of the page, select **Download onboarding package**. Save it as _WindowsDefenderATPOnboardingPackage.zip_ to the same directory. ![Windows Defender Security Center screenshot](images/MDATP_2_IntuneAppUtil.png) -5. From a command prompt, verify that you have the two files. - Extract the contents of the .zip files: +5. From the command prompt, verify that you have the two files. Extract the contents of the .zip files like so: ```bash mavel-macmini:Downloads test$ ls -l @@ -62,19 +61,19 @@ Download the installation and onboarding packages from Windows Defender Security ## Create JAMF Policies -You need to create a configuration profile and a policy to start deploying Microsoft Defender ATP for Mac to client machines. +You need to create a configuration profile and a policy to start deploying Microsoft Defender ATP for Mac to client devices. ### Configuration Profile -The configuration profile contains one custom settings payload that includes: +The configuration profile contains a custom settings payload that includes: - Microsoft Defender ATP for Mac onboarding information -- Approved Kernel Extensions payload to enable the Microsoft kernel driver to run +- Approved Kernel Extensions payload, to enable running the Microsoft kernel driver -1. Upload jamf/WindowsDefenderATPOnboarding.plist as the Property List File. +To set the onboarding information, upload a property list file with the name, _jamf/WindowsDefenderATPOnboarding.plist_. - >[!NOTE] - > You must use exactly "com.microsoft.wdav.atp" as the Preference Domain. + >[!IMPORTANT] + > You must set the the Preference Domain as "com.microsoft.wdav.atp" ![Configuration profile screenshot](images/MDATP_16_PreferenceDomain.png) @@ -89,15 +88,15 @@ To approve the kernel extension: #### Configuration Profile's Scope -Configure the appropriate scope to specify the machines that will receive this configuration profile. +Configure the appropriate scope to specify the devices that will receive the configuration profile. -Open Computers -> Configuration Profiles, select **Scope > Targets**. Select the appropriate Target computers. +Open **Computers** > **Configuration Profiles**, and select **Scope > Targets**. From there, select the devices you want to target. ![Configuration profile scope screenshot](images/MDATP_18_ConfigurationProfilesScope.png) Save the **Configuration Profile**. -Use the **Logs** tab to monitor deployment status for each enrolled machine. +Use the **Logs** tab to monitor deployment status for each enrolled device. ### Package @@ -116,50 +115,50 @@ Your policy should contain a single package for Microsoft Defender. Configure the appropriate scope to specify the computers that will receive this policy. -After you save the Configuration Profile, you can use the Logs tab to monitor the deployment status for each enrolled machine. +After you save the Configuration Profile, you can use the Logs tab to monitor the deployment status for each enrolled device. -## Client machine setup +## Client device setup -You need no special provisioning for a macOS computer beyond the standard JAMF Enrollment. +You'll need no special provisioning for a macOS computer, beyond the standard JAMF Enrollment. > [!NOTE] > After a computer is enrolled, it will show up in the Computers inventory (All Computers). -1. Open the machine details, from **General** tab, and make sure that **User Approved MDM** is set to **Yes**. If it's set to No, the user needs to open **System Preferences > Profiles** and select **Approve** on the MDM Profile. +1. Open **Device Profiles**, from the **General** tab, and make sure that **User Approved MDM** is set to **Yes**. If it's currently set to No, the user needs to open **System Preferences > Profiles** and select **Approve** on the MDM Profile. ![MDM approve button screenshot](images/MDATP_21_MDMProfile1.png) ![MDM screenshot](images/MDATP_22_MDMProfileApproved.png) -After some time, the machine's User Approved MDM status will change to Yes. +After some time, the device's User Approved MDM status will change to **Yes**. ![MDM status screenshot](images/MDATP_23_MDMStatus.png) -You can enroll additional machines now. Optionally, can do it after system configuration and application packages are provisioned. +You can enroll additional devices at this point. Optionally, you can enroll them later, after you have finished provisioning system configuration and application packages. ## Deployment -Enrolled client machines periodically poll the JAMF Server and install new configuration profiles and policies as soon as they are detected. +Enrolled client devices periodically poll the JAMF Server, and install new configuration profiles and policies as soon as they are detected. -### Status on server +### Status on the server -You can monitor the deployment status in the Logs tab: +You can monitor deployment status in the **Logs** tab: - **Pending** means that the deployment is scheduled but has not yet happened - **Completed** means that the deployment succeeded and is no longer scheduled ![Status on server screenshot](images/MDATP_24_StatusOnServer.png) -### Status on client machine +### Status on client device -After the Configuration Profile is deployed, you'll see the profile on the machine in the **System Preferences > Profiles >** Name of Configuration Profile. +After the Configuration Profile is deployed, you'll see the profile on the device in **System Preferences > Profiles >**, under the name of the configuration profile. ![Status on client screenshot](images/MDATP_25_StatusOnClient.png) -After the policy is applied, you'll see the Microsoft Defender icon in the macOS status bar in the top-right corner. +After the policy is applied, you'll see the Microsoft Defender ATP icon in the macOS status bar in the top-right corner. ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png) -You can monitor policy installation on a machine by following the JAMF's log file: +You can monitor policy installation on a device by following the JAMF log file: ```bash mavel-mojave:~ testuser$ tail -f /var/log/jamf.log @@ -182,22 +181,22 @@ orgId : "4751b7d4-ea75-4e8f-a1f5-6d640c65bc45" ... ``` -- **licensed**: This confirms that the machine has an ATP license. +- **licensed**: This confirms that the device has an ATP license. -- **orgid**: Your ATP org id, it will be the same for your organization. +- **orgid**: Your Microsoft Defender ATP org id; it will be the same for your organization. ## Check onboarding status -You can check that machines are correctly onboarded by creating a script. For example, the following script checks that enrolled machines are onboarded: +You can check that devices have been correctly onboarded by creating a script. For example, the following script checks enrolled devices for onboarding status: ```bash mdatp --health healthy ``` This script returns: -- 0 if Microsoft Defender ATP is registered with the Windows Defender ATP service -- 1 if the machine is not onboarded -- 3 if the connection to the daemon cannot be established (daemon is not running) +- 0 if Microsoft Defender ATP is registered with the Microsoft Defender ATP service +- 1 if the device is not yet onboarded +- 3 if the connection to the daemon cannot be established—for example, if daemon is not running ## Logging installation issues @@ -205,4 +204,4 @@ See [Logging installation issues](microsoft-defender-atp-mac-resources.md#loggin ## Uninstallation -See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Windows Defender ATP for Mac from client devices. \ No newline at end of file +See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices. \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md index 7db036c1d0..694e2e86ce 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md @@ -21,7 +21,7 @@ ms.topic: conceptual **Applies to:** -[Windows Defender Advanced Threat Protection (Windows Defender ATP) for Mac](microsoft-defender-atp-mac.md) +[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) >[!IMPORTANT] >This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. @@ -41,7 +41,7 @@ If you can reproduce a problem, please increase the logging level, run the syste 2. Reproduce the problem -3. Run `mdatp --diagnostic --create` to backup Defender ATP's logs. The command will print out location with generated zip file. +3. Run `mdatp --diagnostic --create` to backup Microsoft Defender ATP's logs. The command will print out location with generated zip file. ```bash mavel-mojave:~ testuser$ mdatp --diagnostic --create @@ -152,6 +152,6 @@ In the Microsoft Defender ATP portal, you'll see two categories of information: ## Known issues - Not fully optimized for performance or disk space yet. -- Full Windows Defender ATP integration is not available yet. -- Mac devices that switch networks may appear multiple times in the APT portal. +- Full Microsoft Defender ATP integration is not available yet. +- Mac devices that switch networks may appear multiple times in the Microsoft Defender ATP portal. - Centrally managed uninstall via Intune is still in development. As an alternative, manually uninstall Microsoft Defender ATP for Mac from each client device. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md index b14ccc332d..c5f47ef87a 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md @@ -22,7 +22,7 @@ ms.topic: conceptual >[!IMPORTANT] >This topic relates to the pre-release version of Microsoft Defender Advanced Threat Protection (ATP) for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. -This topic describes how to install and use Microsoft Defender Advanced Threat Protection ATP for Mac. +This topic describes how to install and use Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac. ## What’s new in the public preview @@ -39,7 +39,7 @@ Since opening the limited preview, we've been working non-stop to enhance the pr ## Installing and configuring -There are various methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac. +There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac. In general you'll need to take the following steps: - Ensure you have a Microsoft Defender ATP subscription and have access to the Microsoft Defender ATP Portal