Onboard Windows 10 Devices | Microsoft Defender for Endpoints | MDATP | Local Script

Ғылым және технология

#Microsoft #EndpointSecurity #EDR #MicrosoftDefenderforEndpoint #MDATP #ATP #Security
Onboard Windows 10 Devices to Microsoft Defender for Endpoints
Agenda -
 How to Onboard Devices to Microsoft Defender for Endpoint?
 Deployment Methods Available
 How to verify onboarding?
 Enable Connection between Microsoft Defender for Endpoint and Microsoft Endpoint Manager
 Services Running on Windows 10 Device
RBAC Capabilities with Microsoft Defender for Endpoints - • Microsoft Defender for...
Prerequisites - • Microsoft Defender for...
Commands to check running process.
$Process = Get-Process | select Name | Sort-Object -Property Name
$services = "MpCmdRun","MpDlpCmd","MsMpEng","ConfigSecurityPolicy","NisSrv","MsSense","SenseCnCProxy","SenseIR","SenseCE","SenseSampleUploader"
foreach ($serv in $services)
{
if($Process.Name -contains $serv)
{
Write-Host $serv "is running." -ForegroundColor Green
}
else
{
Write-Host $serv "is not running" -ForegroundColor Red
}
}

Пікірлер: 16

@sandeepn5063Ай бұрын
@Concepts Work, All your videos are excellent, looking forward for many more.
@armandosse3 жыл бұрын
Excellent recording!! many thanks.
@mrkhan473710 ай бұрын
Sir, you have shown that the onboarding of a device requires to run the "Local Script" that will show the Device in Defender for Endpoint. But when i have gone through an article it says, Device should also required to be Synced with Azure AD Connect for full features...Not sure if it is in further videos. However, your explanation is very crystal clear...You are real helping hands....People help with money but you are helping people to make the bright future.
@ConceptsWork
10 ай бұрын
Very good observation, this method is just for local script, once you proceed with the playlist, I have covered methods for onboarding from gpo and intune as well. Not every customer uses intune, so there can be scenarios where you are using different mdm provider but you want to use MDE for endpoint protection. This example is also applicable for workgroup machines.
@freshitbrain26682 жыл бұрын
Its very informative. Thanks
@ConceptsWork
2 жыл бұрын
We cover everything in our videos, you may like the entire playlist. Please watch and share your valuable feedback.
@hrishikeshchowdhury9632 жыл бұрын
Thanks for your awesome video as always. Just a question, you said in the video you are going to explain some troubleshooting steps if devices are not showing in the portal even after successful script run (13:51) but forget to explain probably. Can you please guide. Thanks a lot for excellent effort.
@ConceptsWork
2 жыл бұрын
It will be there very soon.
@bright_bn21282 жыл бұрын
subscribed. excellent content
@ConceptsWork
2 жыл бұрын
Thank you 😊
@shafiqmorani Жыл бұрын
Thanks for this great video, this is a 0 to Hero vdo for anyone who wants to know MDE onboarding. Quick question: Any on-prem device (domain joined or Workgroup) that gets onboarded using the local script, GPO or SCCM, does it get AAD joined by default? Should it? I have onboarded 3 devices and in the 365 Defender portal I see 1 AAD joined & 2 as Workgroup. I m getting a mixed result so wanted to ask if there is any setting that controls this. Thanks
@kuwait1231002 жыл бұрын
Thanks for informative video, do we know if it is made part of sysprep image and deployed on multiple workstations?
@ConceptsWork
2 жыл бұрын
Yes you can, but for all pratical reasons, i would suggest to use any of the deployment model.
@fredrickruban6937 Жыл бұрын
Awesome explanation.. And I have a doubt, this script will onboard the ATP service, but how to onboard and offboard Defender Antivirus service?
@ConceptsWork
10 ай бұрын
Defender av service is available by default.
@tekno033 жыл бұрын
could i use the script for 30 machines? :) to explain, i have like 25+ machines in azure AD, but there is no intune, no active directory. just o365 e3 subscription and microsoft defender for endpoint subscription