4.5 KiB
title, description, keywords, search.product, search.appverid, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, ms.author, author, ms.localizationpriority, manager, audience, ms.collection, ms.topic
| title | description | keywords | search.product | search.appverid | ms.prod | ms.mktglfcycl | ms.sitesec | ms.pagetype | ms.author | author | ms.localizationpriority | manager | audience | ms.collection | ms.topic |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Get machines onboarded to Microsoft Defender ATP | Track onboarding of Intune-managed machines to Windows Defender ATP and increase onboarding rate. | onboard, Intune management, MDATP, WDATP, Microsoft Defender, Windows Defender, advanced threat protection, configuration management | eADQiWindows 10XVcnh | met150 | w10 | deploy | library | security | lomayor | lomayor | medium | dansimp | ITPro | M365-security-compliance | article |
Get machines onboarded to Microsoft Defender ATP
Applies to:
Want to experience Microsoft Defender ATP? Sign up for a free trial.
Each onboarded machine adds an additional endpoint detection and response (EDR) sensor and increases visibility over breach activity in your network. Onboarding also ensures that a machine can be checked for vulnerable components as well security configuration issues and can receive critical remediation actions during attacks.
Before you can track and manage onboarding of machines:
Discover and track unprotected machines
The Onboarding card provides a high-level overview of your onboarding rate by comparing the number of Windows 10 machines that have actually onboarded to Microsoft Defender ATP against the total number of Intune-managed Windows 10 machines.
Card showing onboarded machines compared to the total number of Intune-managed Windows 10 machine
Note
If you used Security Center Configuration Manager, the onboarding script, or other onboarding methods that don’t use Intune profiles, you might encounter data discrepancies. To resolve these discrepancies, create a corresponding Intune configuration profile for Microsoft Defender ATP onboarding and assign that profile to your machines.
Onboard more machines with Intune profiles
Microsoft Defender ATP provides several convenient options for onboarding Windows 10 machines. For Intune-managed machines, however, you can leverage Intune profiles to conveniently deploy the Microsoft Defender ATP sensor to select machines, effectively onboarding these devices to the service.
From the Onboarding card, select Onboard more machines to create and assign a profile on Intune. The link takes you to the device compliance page on Intune, which provides a similar overview of your onboarding state.
Microsoft Defender ATP device compliance page on Intune device management
Tip
Alternatively, you can navigate to the Microsoft Defender ATP onboarding compliance page in the Microsoft Azure portal from All services > Intune > Device compliance > Microsoft Defender ATP.
From the device compliance page, create a configuration profile specifically for the deployment of the Microsoft Defender ATP sensor and assign that profile to the machines you want to onboard. To do this, you can either:
- Select Create a device configuration profile to configure ATP sensor to start with a predefined device configuration profile.
- Create the device configuration profile from scratch.
For more information, read about using Intune device configuration profiles to onboard machines to Microsoft Defender ATP.
Want to experience Microsoft Defender ATP? Sign up for a free trial.