MDE can inspect network traffic and report back to the Microsoft 365 Defender portal. Use the following steps to create a configuration profile that allows the network extension to perform this activity: Next, you’ll create a configuration profile to manage device notifications. Notifications Configuration Profile This configuration profile is necessary to allow Intune and MDE […]
Category: Using built-in functions
Onboarding macOS Devices– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
Similar to Windows devices, Defender for Endpoint can be deployed to macOS devices using Intune, local scripts and commands, third-party software deployment tools that leverage the Microsoft-provided packaging, or direct user download and activation. The deployment method for MDE will depend largely on what technologies are currently in use to manage devices. For devices that […]
Reviewing Assessment Results– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
Once the Security baselines assessment | Profiles tab has been updated, you can check your organization’s compliance against that profile. On the Profiles tab, after the profile data has been updated, you will see how the devices in the baseline score against the baseline assessment and compliance settings chosen in the profile. Figure 9.41 displays […]
Configuring a Conditional Access Policy– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
You can leverage device health and compliance data as part of a Conditional Access policy. In Figure 9.13, you can see that the Require device to be marked as compliant checkbox has been selected as a Grant access control: Figure 9.13 – Enabling device compliance as a requirement for Conditional Access policy Devices are marked […]
Onboarding iOS Devices– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
iOS devices (such as iPhones and iPads) can run in two modes—the normal user mode (also referred to as unsupervised) and supervised mode—a special enterprise configuration that allows more controlover organization-managed devices. Out of ScopeIntune and Defender for Endpoint can be deployed to devices in either normal (unsupervised) or supervised mode. Supervised mode requires additional […]
Extensions Configuration Profile– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
This profile enables settings for macOS 11 (Big Sur) and later. Earlier versions, such as macOS 10 (HighSierra), will ignore these settings. To create the configuration profile follow these steps: Bundle Identifier Team Identifiercom.microsoft.wdav.epsext UBF8T346G9com.microsoft.wdav.netext UBF8T346G9 Table 9.2 – Extension configuration settings Figure 9.23 – Extension configuration settings Next, you’ll configure settings for disk access. […]
Unsupervised Devices– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
For personal mobile devices or even organization-owned devices that aren’t configured for supervision, users can use the Company Portal app to self-enroll (as a personal device) and then download the MDE app from inside Company Portal or just go straight to the App Store and download MDE. It will require the user to sign in, […]
Enabling Compliance Policy Evaluation– Implementing and Managing Endpoint Protection by Using Microsoft Defender for Endpoint
In this sequence, you’ll configure Defender for Endpoint to use compliance and app protection policies configured in Intune. To complete the configuration, follow these steps: Figure 9.8 – Compliance policy evaluation section When enabling these settings, Intune will use the device threat level information sent by MDE to determine whether the device is compliant or […]