Get and deploy updates across your organization’s devices
As a best practice, keep your organization’s devices and endpoints up to date. Make sure your existing endpoint protection and antivirus solution is up to date, and that the operating systems and apps your organization is also have the latest updates. Doing this now can help prevent problems later as you migrate to Defender for Endpoint and Microsoft Defender Antivirus.
Make sure your existing solution is up to date
Keep your existing endpoint protection solution up to date, and make sure that your organization’s devices have the latest security updates.
Need help? See your solution provider’s documentation.
Make sure your organization’s devices are up to date
Need help updating your organization’s devices? See the following resources:
|macOS||How to update the software on your Mac|
|iOS||Update your iPhone, iPad, or iPod touch|
|Android||Check & update your Android version|
|Linux||Linux 101: Updating Your System|
Get Microsoft Defender for Endpoint
Now that you’ve updated your organization’s devices, the next step is to get Defender for Endpoint, assign licenses, and make sure the service is provisioned.
- Buy or try Defender for Endpoint today. Start a free trial or request a quote.
- Verify that your licenses are properly provisioned. Check your license state.
- Set up your dedicated cloud instance of Defender for Endpoint. See Defender for Endpoint setup: Tenant configuration.
- If endpoints (such as devices) in your organization use a proxy to access the internet, see Defender for Endpoint setup: Network configuration.
At this point, you are ready to grant access to your security administrators and security operators who will use the Microsoft 365 Defender portal.
The Microsoft 365 Defender portal is sometimes referred to as the Defender for Endpoint portal, and can be accessed at https://security.microsoft.com. The former Microsoft Defender Security Center (https://securitycenter.windows.com) will soon redirect to the Microsoft 365 Defender portal. To learn more, see Microsoft 365 Defender portal overview.
Grant access to the Microsoft 365 Defender portal
Permissions to the Microsoft 365 Defender portal can be granted by using either basic permissions or role-based access control (RBAC). We recommend using RBAC so that you have more granular control over permissions.
- Plan the roles and permissions for your security administrators and security operators. See Role-based access control.
- Set up and configure RBAC. We recommend using Intune to configure RBAC, especially if your organization is using a combination of Windows 10, macOS, iOS, and Android devices. See setting up RBAC using Intune.
If your organization requires a method other than Intune, choose one of the following options:
- Grant access to the Microsoft 365 Defender portal. (Need help? See Manage portal access using RBAC.
Configure device proxy and internet connectivity settings
To enable communication between your devices and Defender for Endpoint, configure proxy and internet settings. The following table includes links to resources you can use to configure your proxy and internet settings for various operating systems and capabilities:
|Endpoint detection and response (EDR)||Windows 10 or later
Windows Server 2022
|Configure machine proxy and internet connectivity settings|
|EDR||Windows Server 2016||Configure proxy and internet connectivity settings|
|EDR||macOS (see System requirements||Defender for Endpoint on macOS: Network connections|
|Microsoft Defender Antivirus||Windows 10
Windows Server 2022
|Configure and validate Microsoft Defender Antivirus network connections|
|Antivirus||macOS (see System requirements||Defender for Endpoint on macOS: Network connections|
|Antivirus||Linux (see System requirements)||Defender for Endpoint on Linux: Network connections|