MDM Security Baseline vs Intune Profile
Hi all, I am testing currently the 2 profiles in the Security Baselines in default configuration. As they are now checked against the endpoint there is one Error in the Per-settings status: Type of system scan to perform Problem is now - I cannot see anything configured in the MDM Security Baseline for May 2019 the setting itself in the Intune profile is configured. Any idea? Best regards MiguelDefender Antivirus (AV) Passive Mode
Hi, While researching how to set Defender AV to passive mode I stumbled upon two registry keys: ForceDefenderPassiveMode https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-worldwide#microsoft-defender-antivirus-and-non-microsoft-antivirusantimalware-solutions https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-on-windows-server?view=o365-worldwide#set-microsoft-defender-antivirus-to-passive-mode-using-a-registry-key ForcePassiveMode https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/switch-to-microsoft-defender-onboard?view=o365-worldwide#set-microsoft-defender-antivirus-on-windows-server-to-passive-mode-manually https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/switch-to-microsoft-defender-setup?view=o365-worldwide#set-microsoft-defender-antivirus-to-passive-mode-on-windows-server Does either of you know which one is the correct one? Thanks, Andre
Migrating workstations and servers to Defender
Hi all, My organisation is moving its AV to defender for endpoint. I've not administered defender in a corporate environment before so would was hoping to get some advice/help? We have already begun onboarding our laptops, vdis and workstations and are looking to onboard a couple fileservers too. Our devices are not currently managed via Intune, so it's a case of setting up the policies in the security portal which hasn't been too bad so far.. However, I wanted to know- -do we need seperate licences for the file servers? -how can I split the policies between user devices and servers? I don't see a way to define granular policies per device? And of course, I don't want to set the same user policies on the servers. Thanks! Tej
Microsoft Defender EDR for old Windows Server 2008/2012/2016
Microsoft documentation states EDR feature is supported on older windows server versions like Server 2012/2016. Then it goes on to say to deploy the MMA agent. But, isn't MMA agent just a read-only log analytics agent that can only report the status of the server but can take no action. Hence, EDR means only detection but no response. Am I correct in understanding that? We are evaluating Defender for Servers and have gone through quite a lot of documentation but still no definitive answer.Question on web protection with Defender for Android
I'm planning a rollout of Defender for Android using Intune (aka Endpoint Manager) and enabling Web Protection. The app will be installed in the Enterprise Workspace with permissions so it can scan Personal and Work space. My question is does Web Protection only apply to web sites accessed using the Edge browser also installed in Work space or does the Defender for Android also inspect web browsing from Chrome and other browsers installed in User partition?
