Hey fellow humans, how are you guys doing? With this covid-19 happening around us, hope that you are cautions about your health and safety of yourself and others too. I still can not believe that there are people still thinks that this virus is a myth. It really hurts to see the increases of cases in Malaysia has reach 4 thousand covid-19 cases yesterday in a day.
Anyway, lets start this blog post with another ATP, if you are new with this technology ATP stands for Advanced Threat Protection. My last post about ATP , is Azure ATP / Microsoft Endpoint Identity Defender ATP, do feel free to read about it.
This blog post would be about onboarding methods Endpoint to Microsoft Endpoint Defender ATP, if you haven’t notice Microsoft has launch 1 new onboarding methods that you can enroll for your lab environment or customers.
If you are new to the ATP here are the steps to get these methods;
- Sign up for a Office E3 trial license
- Setup the account
- Sign in to Office 365 Admin center> Billing > Select Purchases Services
- Under the purchases services select M365 E5 trial license
- Assign your Office 365 account with M365 E5 license
- Would take an hour or few minutes for the ATP Admin portal to setup for ready to use
- Head to Microsoft Endpoint Manager Admin Center
- At the side bar you can see “Endpoint security” > Setup > Microsoft Defender ATP
- There you would need to start setup of the Microsoft Defender ATP, it only takes 5 mins to setup, yes from the setup page here you may able to view the onboarding methods too but is only one-time setup page, so the actual location of this onboarding is at their Microsoft Defender ATP Admin portal.
- Enter the Microsoft Defender ATP Admin portal and there it will direct you to another portal where all the Endpoint’s onboarding , offboarding, analytics and etc.. located
- At the side bar > Select Settings icon > Device Management > Onboarding
As you can see the above image, these are the following onboarding methods that you can use to onboard your endpoint devices.
- Local Script
- Has limitation, per script only for 10 devices. Meaning that Script 1 has been used for 10 devices and to enroll the number 11 device you would need to re-download the new script package from the onboarding method.
- If you are doing a quick lab this would be the best method to test the onboarding
- Group Policy
- Microsoft Endpoint Configuration Manager current branch and later
- System Center Configuration Manager 2021 /2012 R2/1511/1602
- MDM/Microsoft Intune
- VDI onboarding scripts for non-persistent devices
Onboarding are run at the backend of your endpoint, and it dependent on the licenses that you purchase and also the environment type. Meaning if your environment has SCCM then you would need to use the SCCM onboarding method to enroll the devices to Microsoft Defender ATP.
Microsoft has really ease quite a lot for administrators work in enroll their devices to ATP services and having integration between ATP and other security features inside. I will write more about it on the next blog post. Have a nice weekend!