Your Microsoft Defender for Endpoint team determines what devices are at risk and pass that information to your Intune team as a security task. You can then use the tasks to report back to Microsoft Defender for Endpoint when those risks are successfully mitigated. ![]() When you integrate Intune with Microsoft Defender for Endpoint, you can review Security tasks in Intune that identify at-risk devices and provide steps to mitigate that risk. Review Security tasks from Microsoft Defender for Endpoint See Avoid policy conflicts later in this article. When managing settings, it's important to understand what other methods are in use in your environment that can configure your devices so you can avoid conflicts. Security baselines are one of several methods in Intune to configure settings on devices. Security baselines are supported for devices that run Windows 10 version 1809 and later, and Windows 11.įor more information, see Use security baselines to configure Windows devices in Intune. You can use security baselines to rapidly deploy a best practice configuration of device and application settings to protect your users and devices. Intune supports security baselines for Windows 10/11 device settings, Microsoft Edge, Microsoft Defender for Endpoint Protection, and more. Security baselines in Intune are pre-configured groups of settings that are best practice recommendations from the relevant Microsoft security teams for the product. You can also use access from this view to remediate issues for a device, including, restarting a device, start a scan for malware, or rotate BitLocker keys on a Window 10 device.įor more information, see Manage devices with endpoint security in Microsoft Intune. The Endpoint security node includes the All devices view, where you can view a list of all devices from your Azure AD that are available in Microsoft Intune.įrom this view, you can select devices to drill in for more information like which policies a device isn't compliant with. The following sections of this article discuss the different tasks you can do from the endpoint security node of the admin center, and the role-based access control (RBAC) permissions that are required to use them. Security tasks closely tie Microsoft Defender for Endpoint and Intune together to help your security team identify devices that are at risk and hand-off detailed remediation steps to Intune admins who can then act.įor additional reporting information about device configuration profiles, see Intune reports. By integrating with Microsoft Defender for Endpoint you gain access to security tasks. Integrate Intune with your Microsoft Defender for Endpoint team. When you integrate with Azure Active Directory (Azure AD) conditional access policies to enforce compliance policies, you can gate access to corporate resources for both managed devices, and devices that aren’t managed yet. Rules can include OS versions, password requirements, device threat-levels, and more. With compliance policies, you set the rules that devices and users must meet to be considered compliant. Each Endpoint security policy focuses on aspects of device security like antivirus, disk encryption, firewalls, and several areas made available through integration with Microsoft Defender for Endpoint.Įstablish device and user requirements through compliance policy. Manage security configurations on devices through tightly focused policies. ![]() Security baselines are pre-configured groups of Windows settings that help you apply a configuration that's recommended by the relevant security teams. Intune includes security baselines for Windows devices and a growing list of applications, like Microsoft Defender for Endpoint and Microsoft Edge. Then, drill-in to specific devices to understand which compliance policies aren't met so you can resolve them.ĭeploy security baselines that establish best practice security configurations for devices. Use the All devices view where you can view device compliance from a high level. Review the status of all your managed devices. The Endpoint security node groups the tools that are available through Intune that you’ll use to keep devices secure: The available tasks can help you identify at-risk devices, to remediate those devices, and restore them to a compliant or more secure state. The Endpoint security policies are designed to help you focus on the security of your devices and mitigate risk. As a Security Admin, use the Endpoint security node in Intune to configure device security and to manage security tasks for devices when those devices are at risk.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |