Allow Microsoft Defender for Endpoint to enforce Endpoint Security Configurations???
Рет қаралды 3,250
Күн бұрын
@tuxmc 4 ай бұрын
Great explanation! Do you have a video about the Endpoint deployment?
@thepete1338 4 ай бұрын
Great explanation!!
@DeanEllerbyMVP 4 ай бұрын
Thanks Pete!
@jonathang8571 4 ай бұрын
Clear as mud. ;) Question - we have this connection disabled in our tenant and we have our servers onboarded to Defender via GPO with their config settings, so if we enabled this, Intune would then take ownership of their defender settings?
@MrMarcLaflamme 4 ай бұрын
Thank you for addressing my question Dean! I still don't get it 100% but it's more clear than before. So if you are only using Intune to manage your fleet, keep the setting disabled because it's not going to help. If you start to incorporate other forms of management (ie GPO, other MDM), or if you are wanting to push MDE policies via Intune (keeping that single pane of glass) to devices that can't be managed by Intune (ie Servers) then you should turn it on (in both places). If that's correct, is there a reason for the on/off switch on both sides? Enable it in Intune AND in MDE? Seems strange, would you ever only turn on one side and not the other?
@DeanEllerbyMVP 4 ай бұрын
That’s spot on, yes. I imagine the dual ‘on’ switch is to cater for organisations that have split responsibilities between Security and Device Management. This way, an Intune admin can’t make MDE do something without an MDE admin also making that happen, and vice versa. There might also be a technical reason :-)
@MrMarcLaflamme 4 ай бұрын
@@DeanEllerbyMVP gotcha! Or in my case it’s confusing because both of those people are me! 😂
@nazerbor3i 4 ай бұрын
This is so confusing, I don’t know whether to turn this option on or off 😅
@DeanEllerbyMVP 4 ай бұрын
:-) Let's put it this way... 90% of organizations have it turned on. 10% of organizations use it. I made that up, but hopefully you get the point.
@MrMarcLaflamme 4 ай бұрын
@@nazerbor3i From what I gather, if everything you have MDE on is managed by InTune and you configure Security Policies for MDE using InTune, keep it off. Otherwise turn it on.
@RubenHernandez-b9l Ай бұрын
Well I am trying to manage servers using MDE. I have the correct settings applied. I have a group that has a few test servers in it. some are getting the policy and some are not. What is this settings for? "Manage Security settings using Configuration Manager" that is on the bottom of the enforcement page. We also use SCCM
@Egimatic 4 ай бұрын
Is it recommended to run MS Defender alongside CrowdStrike? We only use defender now for telemetry aka passive mode
@DeanEllerbyMVP 4 ай бұрын
You can run MDE in passive mode alongside any other EDR, sure. You shouldn't run it in Active mode, though.
@Wlp42 4 ай бұрын
It's recommended to run MDE in passive mode alongside 3rd party EDR for the telemetry it can share to other products your org may use in m365; purview, intune, mdca, etc
@ericneo2 4 ай бұрын
Sorry couldn't follow, I must have missed something. I'll check out the video again later.
@DeanEllerbyMVP 4 ай бұрын
Thanks - it really isn't easy to grasp. Feel free to ask anything and I can try to explain further, or even make another (better!) explainer
@ericneo2 4 ай бұрын
@@DeanEllerbyMVP Appreciate your videos though, thank you.
@DeanEllerbyMVP 4 ай бұрын
Very kind @@ericneo2, thank you!
Dean Ellerby MVP
Рет қаралды 5 М.
Dean Ellerby MVP
Рет қаралды 22 М.
Peter Rising MVP
Рет қаралды 1,2 М.
CyberPlatter
Рет қаралды 3,3 М.
CyberPlatter
Рет қаралды 6 М.