How to Configure and Deploy Microsoft Defender for Endpoint using Intune
Рет қаралды 14,865
Күн бұрын
@DevPreeth 11 ай бұрын
Hats off to the effort🎉
@lessonzilla 11 ай бұрын
Thanks!
@moazzammahmood 7 ай бұрын
Can you please create a follow-up video of after enabling Defender what do we expect to see? Also how to enable Defender for the server as you have mentioned that you will create a video if requested. Thanks, a lot for this informative video
@armandosse 4 ай бұрын
Excellent, to the point, tutorial. many thanks
@lessonzilla 4 ай бұрын
You're welcome!
@techiegz 4 ай бұрын
Great video! A tip for those that need to block non-compliant devices from accessing all cloud apps but allow access to virtual environments such as Windows 365 CloudPCs or Azure Virtual Desktop (AVD). After selecting to include all cloud apps, exclude these two apps. IN my case, I needed developers in India to access W365 and AVD to do their work. Many of these developers do not have properly licensed Windows computers, so letting them access these apps is crucial and poses no risk as their access is either through a browser or Remote Desktop App.
@lessonzilla 4 ай бұрын
Thanks!
@classiquai 9 ай бұрын
Hi Zilla, very informative, thanks! Just curious, is there still a need to deploy it explicitly in configuration profile? Or by linking up intune with defender, it will auto be deployed once the user is enrolled to intune? Thanks!
@lessonzilla 9 ай бұрын
Hi, Linking up (connecting) Intune and Defender just enables the service to service connection. You need an EDR policy or a device configuration profile to deploy it to endpoints. Refer to this link for Official Microsoft Documentation regarding deployment. - learn.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure#onboard-windows-devices
@AR-bc6ls 6 ай бұрын
Hello, I was following you up until the section where you made the policy and added the users, but then all of a sudden a device was there. How does the endpoint actually get onboarded and assigned to a user? I followed these steps and I don't see the part where the device even gets into the environment. I'm sure I'm missing something that may be assumed Im supposed to have done before this video? please help.
@lessonzilla 6 ай бұрын
To onboard devices to defender for endpoint using Intune, you can either create a device configuration profile or EDR policy. Follow this link from Microsoft for more information on how to do this.learn.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-configure#onboard-windows-devices
@patrick__007 11 ай бұрын
I've checked the settings via Endpoint detection and response but when enabling the "Microsoft Defender for Endpoint client configuration package type I can only choose between "Onboard, Offboard or Not configured". There is no "Auto from connector"?
@ToTCaMbIu 8 ай бұрын
Your connector is not configured.
@patrick__007 11 ай бұрын
Very informative. But why would you assign this to users and not devices? Thanks.
@lessonzilla 11 ай бұрын
Thanks and a good question. The answer is it can be applied to devices as well. If you want to apply settings on a device, regardless of who's signed in, then assign your policies to a devices group. Settings applied to device groups always go with the device, not the user. If a feature belongs to a user, such as email or user certificates, then assign to user groups. You can read this link for more information - learn.microsoft.com/en-us/mem/intune/configuration/device-profile-assign
@IrlymMylros Жыл бұрын
Informative and clear. However, why do we need to Enable and Configure" Defender for end point" Option (Licensed Product) while all windows 10/11 clients already have defender for end point installed locally? Thank you
@lessonzilla Жыл бұрын
Thanks. The inbuilt version of Microsoft Defender antivirus on Windows 10/11 devices provide Antivirus/malware detection at a local device level while Microsoft Defender for Endpoint has more enhanced capabilities and is a cloud based solution which comes under Microsoft Defender for Cloud umbrella.
@IrlymMylros Жыл бұрын
Thanks for the reply. Does the MDE provide extra protection to the Local devices or just the cloud based devices?
@lessonzilla Жыл бұрын
It is designed to work as an enterprise endpoint protection/security solution. For businesses that utilize Azure services as a whole. It is not aimed at personal devices
@rugvedvaidya3030 4 ай бұрын
Thanks mate, Crystal clear !!
@lessonzilla 4 ай бұрын
Any time!
@dancingkidkul9325 9 ай бұрын
Hi, What all licensed are required to enable these features from Intune and Defender portal?
@lessonzilla 9 ай бұрын
For Intune - you will need a plan like Microsoft 365 Business Premium or add-ons such as EMS3, EMS5 or any stand alone Intune licenses. For Defender for Endpoint - you will need a plan like Microsoft 365 Business Premium (it is labelled as Defender for Business) or Microsoft 365 E3/A3 or you can buy stand alone Defender for Endpoint licenses
@BACKSPIN9ball Жыл бұрын
is there a special license I need to assign for Defender for Endpoint as when I go to 365 admin center to turn it on I see a completely different screen where it looks like no features are being displayed. I think I need one of the defender for endpoints licenses.,
@lessonzilla 11 ай бұрын
You can purchase it as a stand-alone license or it is included in Microsoft 365 E3 and E5 - You can bookmark the link below. It will give you a nice comparison/view of Microsoft 365 plan features. Note - this link is not from Microsoft but I have used it many times and always found it to be accurate. m365maps.com/matrix.htm#000000000001100000000
@fbifido2 Ай бұрын
@7:05 - why did you select users? and not devices?
@lessonzilla Ай бұрын
Can be applied to either users or devices.
@ashsharp1985 2 ай бұрын
Is this only for organisations?
@lessonzilla 2 ай бұрын
Yes. This is for business users who use Microsoft Business/Enterprise licenses
@insinhala7014 4 ай бұрын
Thanks!
@lessonzilla 4 ай бұрын
Welcome!
@amadoumane7600 10 ай бұрын
onboard for Linux devices?
@lessonzilla 10 ай бұрын
Refer to this documentation from Microsoft for Linux devices - learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-worldwide
@unkownuser2320 8 ай бұрын
Kindly help me to understand below item 1) Microsoft Defender integration with Intune Endpoint is free or needs to buy license 2) if Windows 10/11 already having antivirus how to enable Microsoft Defender as passive 3) how to onboard Windows 10/11 devices using SCCM integration
@lessonzilla 8 ай бұрын
1. You will need a license like Business Premium or E3 which has Defender for Endpoint included or you will need to buy it as an add-on 2. I believe if you already have an antivirus, Defender for Endpoint would automatically switch to passive mode after deploying 3. Hopefully this guide from Microsoft will help you - learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/onboarding-endpoint-configuration-manager?view=o365-worldwide
@unkownuser2320 8 ай бұрын
@@lessonzilla Thank you please share reference blogs about query 2 how automatically switches to passive mode after deploying
@Waterbottle365 10 ай бұрын
Why deploy to users rather than devices?
@lessonzilla 10 ай бұрын
You can deploy to devices as well. It will work the same.
@ToTCaMbIu 8 ай бұрын
Why would you deploy to devices rater than users?
LessonZilla
Рет қаралды 1,1 М.
Microsoft Events
Рет қаралды 6 М.
Emmanuel Itoje
Рет қаралды 31
Dean Ellerby MVP
Рет қаралды 3,5 М.
CyberNews
Рет қаралды 30 М.
Xerillion
Рет қаралды 16 М.
Mountaineer Security
Рет қаралды 35 М.