Onboard Windows 10 Devices | Microsoft Defender for Endpoints | MDATP | Local Script
ฝัง
- เผยแพร่เมื่อ 21 ก.ค. 2024
- #Microsoft #EndpointSecurity #EDR #MicrosoftDefenderforEndpoint #MDATP #ATP #Security
Onboard Windows 10 Devices to Microsoft Defender for Endpoints
Agenda -
How to Onboard Devices to Microsoft Defender for Endpoint?
Deployment Methods Available
How to verify onboarding?
Enable Connection between Microsoft Defender for Endpoint and Microsoft Endpoint Manager
Services Running on Windows 10 Device
RBAC Capabilities with Microsoft Defender for Endpoints - • Microsoft Defender for...
Prerequisites - • Microsoft Defender for...
Commands to check running process.
$Process = Get-Process | select Name | Sort-Object -Property Name
$services = "MpCmdRun","MpDlpCmd","MsMpEng","ConfigSecurityPolicy","NisSrv","MsSense","SenseCnCProxy","SenseIR","SenseCE","SenseSampleUploader"
foreach ($serv in $services)
{
if($Process.Name -contains $serv)
{
Write-Host $serv "is running." -ForegroundColor Green
}
else
{
Write-Host $serv "is not running" -ForegroundColor Red
}
} - วิทยาศาสตร์และเทคโนโลยี
@Concepts Work, All your videos are excellent, looking forward for many more.
Excellent recording!! many thanks.
Sir, you have shown that the onboarding of a device requires to run the "Local Script" that will show the Device in Defender for Endpoint. But when i have gone through an article it says, Device should also required to be Synced with Azure AD Connect for full features...Not sure if it is in further videos.
However, your explanation is very crystal clear...You are real helping hands....People help with money but you are helping people to make the bright future.
Very good observation, this method is just for local script, once you proceed with the playlist, I have covered methods for onboarding from gpo and intune as well.
Not every customer uses intune, so there can be scenarios where you are using different mdm provider but you want to use MDE for endpoint protection.
This example is also applicable for workgroup machines.
Thanks for this great video, this is a 0 to Hero vdo for anyone who wants to know MDE onboarding. Quick question: Any on-prem device (domain joined or Workgroup) that gets onboarded using the local script, GPO or SCCM, does it get AAD joined by default? Should it? I have onboarded 3 devices and in the 365 Defender portal I see 1 AAD joined & 2 as Workgroup. I m getting a mixed result so wanted to ask if there is any setting that controls this. Thanks
Its very informative. Thanks
We cover everything in our videos, you may like the entire playlist. Please watch and share your valuable feedback.
Thanks for your awesome video as always. Just a question, you said in the video you are going to explain some troubleshooting steps if devices are not showing in the portal even after successful script run (13:51) but forget to explain probably. Can you please guide. Thanks a lot for excellent effort.
It will be there very soon.
could i use the script for 30 machines? :) to explain, i have like 25+ machines in azure AD, but there is no intune, no active directory. just o365 e3 subscription and microsoft defender for endpoint subscription
subscribed. excellent content
Thank you 😊
Thanks for informative video, do we know if it is made part of sysprep image and deployed on multiple workstations?
Yes you can, but for all pratical reasons, i would suggest to use any of the deployment model.
Awesome explanation..
And I have a doubt, this script will onboard the ATP service, but how to onboard and offboard Defender Antivirus service?
Defender av service is available by default.