This topic describes how to install, configure, update, and use Defender for Endpoint on Android.
Caution
Running other third-party endpoint protection products alongside Defender for Endpoint on Android is likely to cause performance problems and unpredictable system errors.
How to install Microsoft Defender for Endpoint on Android
Prerequisites
- For end users:
- Microsoft Defender for Endpoint license assigned to the end user(s) of the app. See Microsoft Defender for Endpoint licensing requirements
- Intune Company Portal app can be downloaded from Google Play and is available on the Android device.
- Additionally, device(s) can be enrolled via the Intune Company Portal app to enforce Intune device compliance policies. This requires the end user to be assigned a Microsoft Intune license.
- For more information on how to assign licenses, see Assign licenses to users.
- For Administrators
- Access to the Microsoft 365 Defender portal.
- Access Microsoft Endpoint Manager admin center to
- Deploy the app to enrolled user groups in your organization.
- Configure Microsoft Defender for Endpoint risk signals in app protection policy.
Note
- Microsoft Defender for Endpoint now extends protection to an organization’s data within a managed application (MAM) for devices that are not enrolled using mobile device management (MDM), but are using Intune to manage mobile applications. It also extends this support to customers who use other enterprise mobility management solutions, while still using Intune for mobile application management (MAM).
- In addition, Microsoft Defender for Endpoint already supports devices that are enrolled using Intune mobile device management (MDM).
Network Requirements
- For Microsoft Defender for Endpoint on Android to function when connected to a network the firewall/proxy will need to be configured to enable access to Microsoft Defender for Endpoint service URLs.
System Requirements
- Mobile phones running Android 6.0 and above. Mobile phones running Android go, tablets, and other mobile devices running Android are not currently supported.
- Intune Company Portal app is downloaded from Google Play and installed. Device enrollment is required for Intune device compliance policies to be enforced.
Installation instructions
Microsoft Defender for Endpoint on Android supports installation on both modes of enrolled devices – the legacy Device Administrator and Android Enterprise modes. Currently, Personally-owned devices with work profile and Corporate-owned fully managed user device enrollments are supported in Android Enterprise. Support for other Android Enterprise modes will be announced when ready.
- Deployment of Microsoft Defender for Endpoint on Android is via Microsoft Intune (MDM). For more information, see Deploy Microsoft Defender for Endpoint on Android with Microsoft Intune.
- Installation of Microsoft Defender for Endpoint on devices that are not enrolled using Intune mobile device management (MDM), see Configure Microsoft Defender for Endpoint risk signals in app protection policy (MAM).
Note
Microsoft Defender for Endpoint on Android is available on Google Play now.
You can connect to Google Play from Intune to deploy Microsoft Defender for Endpoint app, across Device Administrator and Android Enterprise entrollment modes.
How to Configure Microsoft Defender for Endpoint on Android
Guidance on how to configure Microsoft Defender for Endpoint on Android features is available in Configure Microsoft Defender for Endpoint on Android features.