We recommend using Microsoft Endpoint Manager, which includes Microsoft Intune (Intune) and Microsoft Endpoint Configuration Manager (Configuration Manager) to manage your organization’s threat protection features for devices (also referred to as endpoints).
- Learn more about Endpoint Manager
- Co-manage Microsoft Defender for Endpoint on Windows 10 and Windows 11 devices with Configuration Manager and Intune
Configure Microsoft Defender for Endpoint with Configuration Manager
| Task | Resources to learn more |
|---|---|
| Install the Configuration Manager console if you don’t already have it
If you don’t already have the Configuration Manger console, use these resources to get the bits and install it. |
Get the installation media |
| Use Configuration Manager to onboard devices to Microsoft Defender for Endpoint
If you have devices (or endpoints) not already onboarded to Microsoft Defender for Endpoint, you can do that with Configuration Manager. |
Onboard to Microsoft Defender for Endpoint with Configuration Manager |
| Manage antimalware policies and Windows Firewall security for client computers (endpoints)
Configure endpoint protection features, including Microsoft Defender for Endpoint, exploit protection, application control, antimalware, firewall settings, and more. |
Configuration Manager: Endpoint Protection |
| Choose methods for updating antimalware updates on your organization’s devices
With Endpoint Protection in Configuration Manager, you can choose from several methods to keep antimalware definitions up to date on your organization’s devices. |
Configure definition updates for Endpoint Protection |
| Enable Network Protection to help prevent employees from using apps that malicious content on the Internet
We recommend using audit mode at first for network protection in a test environment to see which apps would be blocked before rolling out. |
Turn on network protection with Configuration Manager |
| Configure controlled folder access to protect against ransomware
Controlled folder access is also referred to as antiransomware protection. |
Endpoint protection: Controlled folder access
Enable controlled folder access in Microsoft Endpoint Configuration Manage |
Configure your Microsoft 365 Defender portal
If you haven’t already done so, configure your Microsoft 365 Defender portal to view alerts, configure threat protection features, and view detailed information about your organization’s overall security posture. See Microsoft 365 Defender portal. You can also configure whether and what features end users can see in the Microsoft 365 Defender portal.