Onboarding Windows 10 devices to Defender for Business
Рет қаралды 15,919
Күн бұрын
@danielgomez966 2 жыл бұрын
Thank you so much, I had about 40+ workstations missing in Defender Device List.
@scottmcarthur7496 Жыл бұрын
Great video, super informative!
@jessesack3065 6 ай бұрын
Thank you, great video!
@fbifido2 2 жыл бұрын
Hi, how can this be done for: 1. non-persistence Microsoft Windows 10/11 pool VDI with FSLogix ??
@bbck15 2 жыл бұрын
I have a test setup where a few on-prem domain joined clients are hybrid joined in Azure AD. I onboarded the clients into defender for endpoint using a GPO, but I don't see a way of pushing the configuration from the cloud platform to the clients like you would do with Intune managed devices. Do you have any advice on how to achieve this? Tnx in advance
@directorcia 2 жыл бұрын
All devices need to be Azure AD joined and then they will accept policies from Intune. If you have hybrid joined that should also work so I suggest you check your config because provided it is Azure AD joined device it will allow policies to flow from Intune.
@Catonkey1 2 жыл бұрын
Hi Robert, thanks for the video, question it says "allow Microsoft defender for endpoint to enforce security configurations". Won't this overwrite all my policies in Intune?
@directorcia 2 жыл бұрын
As with any policy application, apply multiple policies can have conflicting results. You need to determine what applies what setting to your environment. Even Intune policies on their own can cause conflicts. However, you'd typically use Defender policies directly when you don't have Intune, which is yet another benefit of using Defender for Endpoint in your environment.
@vikasvohra6076 2 жыл бұрын
Need to know if we need to deploy 50 machines using script option, does that work?
@directorcia 2 жыл бұрын
Yes, the script works on multiple machines but typically only for a 30 day time period, then you need to get a new script. This is because onboarding is done securely.
@bourgeoisdude 3 жыл бұрын
Thanks, this is very helpful.
@staffs964 2 жыл бұрын
Great video, figured I'd have no issues. ran the script successfully, I have E5 and WDP2. All my on-prem machines are listed in Azure. But... The machine never turned up in device inventory. I don't have an in tune license, but figured it was only required for policy installation. Am I missing pre- fundamental? Thank You
@directorcia 2 жыл бұрын
See - docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/troubleshoot-onboarding?view=o365-worldwide
@khanmali68 2 жыл бұрын
Thank you so much for the wonderful video. I have licenses for Offices 365 defender plan1. is it sufficient or should i purchase plan2
@directorcia 2 жыл бұрын
Defender for Business is different from Defender for Office 365. P2 always provides more features. Look at the MS website to determine if you need P2 features.
@candeson 2 жыл бұрын
Robert what a great video, I found this 200% more useful that any Microsoft documentation. Awesome! Do you offer Professional Services to provide support for device enrollment or Endpoint management itself? I was able to add my device via de cmd file but the Deploy profile does not add any device still only me ;-(. Just wondering.... let me know if this is a possibility, I really need to get this done. ;-) Thanks again!!!!!!
@directorcia 2 жыл бұрын
Best practice is deploy via a policy in Endpoint Manager. Search my blog at blog.ciaops.com for the articles I wrote on how to do it
@vimalraju4688 2 жыл бұрын
Errror id :15, Error level: 1 unable to start microsoft defender for endpoint service after command execute in cmd
@directorcia 2 жыл бұрын
Log a support call with MS. They are free. Otherwise have a look at the Defender for Endpoint Troubleshooting tool- docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/overview-client-analyzer?view=o365-worldwide
@vimalraju4688 2 жыл бұрын
@@directorcia what is the minimum requirement ?
@directorcia 2 жыл бұрын
@@vimalraju4688 Bet place is to check the docs from MS for this. I only focus on current OS's
@vimalraju4688 2 жыл бұрын
@@directorcia will this work on win10 home edition, when i check doc they mention only enterprise edition only
@directorcia 2 жыл бұрын
@@vimalraju4688 It is an enterprise a solution aimed at commercial customers, not homes users and operating systems.
@vimalraju4688 2 жыл бұрын
in Device inventory its shows no device found why?
@directorcia 2 жыл бұрын
It takes time for the devices to report into the console. It may also be the communications between the Defender for Endpoint console and the device are blocked for some reason i.e. port 443 is blocked outbound.
@vimalraju4688 2 жыл бұрын
@@directorcia and how unblock outbound
@directorcia 2 жыл бұрын
@@vimalraju4688 Open the firewall to allow things like port 443. Search troubleshooting Defender for Endpoint client in ur search engine
@Snook_ 2 жыл бұрын
Is there a way to cover server licensing with Defender for Business? It seems you need P2 for servers, and Microsoft don't support mixed licensing, so essentially 'Defender for Business' is pointless without Server protection? It's a bit confusing. docs.microsoft.com/en-us/microsoft-365/security/defender-business/mdb-faq?view=o365-worldwide "What happens if a customer has 20 users with a mix of subscriptions? For example, suppose they have 10 users assigned a Defender for Business license and 10 users assigned a Defender for Endpoint Plan 2 license? Mixed licenses are currently not supported, We don't currently support mixed licenses. The highest functional license sets the experience for the tenant. Using our example, the tenant experience will be Defender for Endpoint Plan 2, and will require 20 Defender for Endpoint Plan 2 licenses."
@directorcia 2 жыл бұрын
Defender for Business is not pointless. It is designed for endpoints (devices) not servers. In SMB, if you want server protection you use Microsoft Defender for Cloud. You got two ways of licensing your Windows Servers with MDE for Servers. Through Microsoft Defender for Cloud, then you do not have to acquire at minimum 50 Windows E5/A5, Microsoft 365 E5/A5, and Microsoft 365 E5 Security User SLs licenses. Or acquire a separate MDE for Server license when you have at least 50 Windows E5/A5, Microsoft 365 E5/A5, and Microsoft 365 E5 Security User SLs licenses.
@directorcia 2 жыл бұрын
"We don't currently support mixed licenses", this means that if you have P2 then you won;t see the Defender for Business wizards as the P2 admin takes precedence. All the features in Defender for Business are supported on the users they are assigned to. It just means you need to deploy and manage all your endpoint without wizards which are only present in a Defender for Business only tenant.
Xerillion
Рет қаралды 18 М.
Nikita Zdradovskiy
Рет қаралды 7 МЛН
Холли Лолли Live
Рет қаралды 4,7 МЛН
Peter Rising MVP
Рет қаралды 10 М.
Jackson Felden - Cloud and Security
Рет қаралды 7 М.
Microsoft Mechanics
Рет қаралды 35 М.
Dean Ellerby MVP
Рет қаралды 6 М.