Each onboarded device adds an additional endpoint detection and response (EDR) sensor and increases visibility over breach activity in your network. Onboarding also ensures that a device can be checked for vulnerable components as well security configuration issues and can receive critical remediation actions during attacks.
Before you can track and manage onboarding of devices:
Discover and track unprotected devices
The Onboarding card provides a high-level overview of your onboarding rate by comparing the number of Windows devices that have actually onboarded to Defender for Endpoint against the total number of Intune-managed Windows devices.
Card showing onboarded devices compared to the total number of Intune-managed Windows device
If you used Configuration Manager, the onboarding script, or other onboarding methods that don’t use Intune profiles, you might encounter data discrepancies. To resolve these discrepancies, create a corresponding Intune configuration profile for Defender for Endpoint onboarding and assign that profile to your devices.
Onboard more devices with Intune profiles
Defender for Endpoint provides several convenient options for onboarding Windows devices. For Intune-managed devices, however, you can leverage Intune profiles to conveniently deploy the Defender for Endpoint sensor to select devices, effectively onboarding these devices to the service.
From the Onboarding card, select Onboard more devices to create and assign a profile on Intune. The link takes you to the device compliance page on Intune, which provides a similar overview of your onboarding state.
Microsoft Defender for Endpoint device compliance page on Intune device management
Alternatively, you can navigate to the Defender for Endpoint onboarding compliance page in the Microsoft Azure portal from All services > Intune > Device compliance > Microsoft Defender ATP.
If you want to view the most up-to-date device data, click on List of devices without ATP sensor.
From the device compliance page, create a configuration profile specifically for the deployment of the Defender for Endpoint sensor and assign that profile to the devices you want to onboard. To do this, you can either:
- Select Create a device configuration profile to configure ATP sensor to start with a predefined device configuration profile.
- Create the device configuration profile from scratch.
Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.