0
(0)

Devices in your organization must be configured so that the Defender for Endpoint service can get sensor data from them. There are various methods and deployment tools that you can use to configure the devices in your organization.

In general, you’ll identify the Windows device you’re onboarding, then follow the corresponding tool appropriate to the device or your environment.

Image of onboarding tools and methods

Endpoint onboarding tools

Depending on the Windows endpoint you want to onboard, use the corresponding tool or method described in the following table.

ENDPOINT ONBOARDING TOOLS
Windows device Onboarding tool or method
  • Windows 10
  • Windows Server 1803 and 2019, and 2022
  • Windows Server 2012 R2 and 2016[1]
Local script (up to 10 devices)
Group Policy
Microsoft Endpoint Configuration Manager
Microsoft Endpoint Manager/ Mobile Device Management (Intune)
VDI scripts

NOTE: A local script is suitable for a proof of concept but should not be used for production deployment. For a production deployment, we recommend using Group Policy, Microsoft Endpoint Configuration Manager, or Intune.

  • Windows Server 2008 R2 SP1
Microsoft Monitoring Agent (MMA)
Onboard previous versions of Windows or Microsoft Defender for Cloud

NOTE: Microsoft Monitoring Agent is now Azure Log Analytics agent. To learn more, see Log Analytics agent overview.

  • Windows 7 SP1
  • Windows 7 SP1 Pro
  • Windows 8.1 Pro
  • Windows 8.1 Enterprise
Microsoft Monitoring Agent (MMA)

NOTE: Microsoft Monitoring Agent is now Azure Log Analytics agent. To learn more, see Log Analytics agent overview.

(1) Windows Server 2016 and Windows Server 2012 R2 will need to be onboarded using the instructions in Onboard Windows servers.

 Important

In order to be eligible to purchase Microsoft Defender for Endpoint Server SKU, you must have already purchased a combined minimum of any of the following, Windows E5/A5, Microsoft 365 E5/A5 or Microsoft 365 E5 Security subscription licenses. For more information on licensing, see the Product Terms.

ENDPOINT ONBOARDING TOOLS
Topic Description
Onboard devices using Group Policy Use Group Policy to deploy the configuration package on devices.
Onboard devices using Microsoft Endpoint Configuration Manager You can use either use Microsoft Endpoint Manager (current branch) version 1606 or Microsoft Endpoint Manager (current branch) version 1602 or earlier to deploy the configuration package on devices.
Onboard devices using Mobile Device Management tools Use Mobile Device Management tools or Microsoft Intune to deploy the configuration package on device.
Onboard devices using a local script Learn how to use the local script to deploy the configuration package on endpoints.
Onboard non-persistent virtual desktop infrastructure (VDI) devices Learn how to use the configuration package to configure VDI devices.

Want to experience Defender for Endpoint? Sign up for a free trial.

After onboarding the device, you can choose to run a detection test to verify that a device is properly onboarded to the service. For more information, see Run a detection test on a newly onboarded Microsoft Defender for Endpoint device.

Source : Official Microsoft Brand
Editor by : BEST Antivirus KBS Team

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.