Onboarding Windows 10 devices to Defender for Business

Ғылым және технология

This walk through shows the two most common methods of onboarding Windows 10 devices to Defender for Endpoint, via Endpoint Manager and Intune policies as well as via a downloaded script. Using the policy option can be applied to all devices in your environment plus new ones you add automatically. The script option is a good for on demand needs.

Пікірлер: 30

  • @danielgomez966
    @danielgomez9662 жыл бұрын

    Thank you so much, I had about 40+ workstations missing in Defender Device List.

  • @scottmcarthur7496
    @scottmcarthur7496 Жыл бұрын

    Great video, super informative!

  • @bourgeoisdude
    @bourgeoisdude2 жыл бұрын

    Thanks, this is very helpful.

  • @candeson
    @candeson Жыл бұрын

    Robert what a great video, I found this 200% more useful that any Microsoft documentation. Awesome! Do you offer Professional Services to provide support for device enrollment or Endpoint management itself? I was able to add my device via de cmd file but the Deploy profile does not add any device still only me ;-(. Just wondering.... let me know if this is a possibility, I really need to get this done. ;-) Thanks again!!!!!!

  • @directorcia

    @directorcia

    Жыл бұрын

    Best practice is deploy via a policy in Endpoint Manager. Search my blog at blog.ciaops.com for the articles I wrote on how to do it

  • @staffs964
    @staffs9642 жыл бұрын

    Great video, figured I'd have no issues. ran the script successfully, I have E5 and WDP2. All my on-prem machines are listed in Azure. But... The machine never turned up in device inventory. I don't have an in tune license, but figured it was only required for policy installation. Am I missing pre- fundamental? Thank You

  • @directorcia

    @directorcia

    2 жыл бұрын

    See - docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/troubleshoot-onboarding?view=o365-worldwide

  • @khanmali68
    @khanmali682 жыл бұрын

    Thank you so much for the wonderful video. I have licenses for Offices 365 defender plan1. is it sufficient or should i purchase plan2

  • @directorcia

    @directorcia

    2 жыл бұрын

    Defender for Business is different from Defender for Office 365. P2 always provides more features. Look at the MS website to determine if you need P2 features.

  • @Catonkey1
    @Catonkey1 Жыл бұрын

    Hi Robert, thanks for the video, question it says "allow Microsoft defender for endpoint to enforce security configurations". Won't this overwrite all my policies in Intune?

  • @directorcia

    @directorcia

    Жыл бұрын

    As with any policy application, apply multiple policies can have conflicting results. You need to determine what applies what setting to your environment. Even Intune policies on their own can cause conflicts. However, you'd typically use Defender policies directly when you don't have Intune, which is yet another benefit of using Defender for Endpoint in your environment.

  • @fbifido2
    @fbifido2 Жыл бұрын

    Hi, how can this be done for: 1. non-persistence Microsoft Windows 10/11 pool VDI with FSLogix ??

  • @bbck15
    @bbck15 Жыл бұрын

    I have a test setup where a few on-prem domain joined clients are hybrid joined in Azure AD. I onboarded the clients into defender for endpoint using a GPO, but I don't see a way of pushing the configuration from the cloud platform to the clients like you would do with Intune managed devices. Do you have any advice on how to achieve this? Tnx in advance

  • @directorcia

    @directorcia

    Жыл бұрын

    All devices need to be Azure AD joined and then they will accept policies from Intune. If you have hybrid joined that should also work so I suggest you check your config because provided it is Azure AD joined device it will allow policies to flow from Intune.

  • @vikasvohra6076
    @vikasvohra60762 жыл бұрын

    Need to know if we need to deploy 50 machines using script option, does that work?

  • @directorcia

    @directorcia

    2 жыл бұрын

    Yes, the script works on multiple machines but typically only for a 30 day time period, then you need to get a new script. This is because onboarding is done securely.

  • @vimalraju4688
    @vimalraju46882 жыл бұрын

    Errror id :15, Error level: 1 unable to start microsoft defender for endpoint service after command execute in cmd

  • @directorcia

    @directorcia

    2 жыл бұрын

    Log a support call with MS. They are free. Otherwise have a look at the Defender for Endpoint Troubleshooting tool- docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/overview-client-analyzer?view=o365-worldwide

  • @vimalraju4688

    @vimalraju4688

    2 жыл бұрын

    @@directorcia what is the minimum requirement ?

  • @directorcia

    @directorcia

    2 жыл бұрын

    @@vimalraju4688 Bet place is to check the docs from MS for this. I only focus on current OS's

  • @vimalraju4688

    @vimalraju4688

    2 жыл бұрын

    @@directorcia will this work on win10 home edition, when i check doc they mention only enterprise edition only

  • @directorcia

    @directorcia

    2 жыл бұрын

    @@vimalraju4688 It is an enterprise a solution aimed at commercial customers, not homes users and operating systems.

  • @vimalraju4688
    @vimalraju46882 жыл бұрын

    in Device inventory its shows no device found why?

  • @directorcia

    @directorcia

    2 жыл бұрын

    It takes time for the devices to report into the console. It may also be the communications between the Defender for Endpoint console and the device are blocked for some reason i.e. port 443 is blocked outbound.

  • @vimalraju4688

    @vimalraju4688

    2 жыл бұрын

    @@directorcia and how unblock outbound

  • @directorcia

    @directorcia

    2 жыл бұрын

    @@vimalraju4688 Open the firewall to allow things like port 443. Search troubleshooting Defender for Endpoint client in ur search engine

  • @Snook_
    @Snook_2 жыл бұрын

    Is there a way to cover server licensing with Defender for Business? It seems you need P2 for servers, and Microsoft don't support mixed licensing, so essentially 'Defender for Business' is pointless without Server protection? It's a bit confusing. docs.microsoft.com/en-us/microsoft-365/security/defender-business/mdb-faq?view=o365-worldwide "What happens if a customer has 20 users with a mix of subscriptions? For example, suppose they have 10 users assigned a Defender for Business license and 10 users assigned a Defender for Endpoint Plan 2 license? Mixed licenses are currently not supported, We don't currently support mixed licenses. The highest functional license sets the experience for the tenant. Using our example, the tenant experience will be Defender for Endpoint Plan 2, and will require 20 Defender for Endpoint Plan 2 licenses."

  • @directorcia

    @directorcia

    2 жыл бұрын

    Defender for Business is not pointless. It is designed for endpoints (devices) not servers. In SMB, if you want server protection you use Microsoft Defender for Cloud. You got two ways of licensing your Windows Servers with MDE for Servers. Through Microsoft Defender for Cloud, then you do not have to acquire at minimum 50 Windows E5/A5, Microsoft 365 E5/A5, and Microsoft 365 E5 Security User SLs licenses. Or acquire a separate MDE for Server license when you have at least 50 Windows E5/A5, Microsoft 365 E5/A5, and Microsoft 365 E5 Security User SLs licenses.

  • @directorcia

    @directorcia

    2 жыл бұрын

    "We don't currently support mixed licenses", this means that if you have P2 then you won;t see the Defender for Business wizards as the P2 admin takes precedence. All the features in Defender for Business are supported on the users they are assigned to. It just means you need to deploy and manage all your endpoint without wizards which are only present in a Defender for Business only tenant.

Келесі