You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/comprehensive-guidance-on-linux-deployment.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -14,7 +14,7 @@ ms.collection:
14
14
ms.topic: conceptual
15
15
ms.subservice: linux
16
16
search.appverid: met150
17
-
ms.date: 05/08/2024
17
+
ms.date: 09/10/2024
18
18
---
19
19
20
20
# Advanced deployment guidance for Microsoft Defender for Endpoint on Linux
@@ -130,7 +130,7 @@ The following table lists the supported proxy settings:
130
130
131
131
#### Step 3: Verify SSL inspection isn't being performed on the network traffic
132
132
133
-
To prevent man-in-the-middle attacks, all Microsoft Azure hosted traffic uses certificate pinning. As a result, SSL inspections by major firewall systems aren't allowed. You have to bypass SSL inspection for Microsoft Defender for Endpoint URLs.
133
+
To prevent man-in-the-middle attacks, all Microsoft Azure hosted traffic uses certificate pinning. As a result, SSL inspections by major firewall systems aren't allowed. You must bypass SSL inspection for Microsoft Defender for Endpoint URLs. For additional information about the certificate pinning process, see [enterprise-certificate-pinning](/windows/security/identity-protection/enterprise-certificate-pinning).
6.[Set up the Microsoft Defender for Endpoint evaluation lab](#step-6-set-up-the-microsoft-defender-for-endpoint-evaluation-lab).
66
+
6.[Visit the Microsoft Defender portal](#step-6-visit-the-microsoft-defender-portal).
67
67
68
68
## Step 1: Confirm your license state
69
69
@@ -109,14 +109,13 @@ This section outlines the general steps you to onboard devices (endpoints).
109
109
110
110
After onboarding devices (endpoints), you'll configure the various capabilities, such as endpoint detection and response, next-generation protection, and attack surface reduction.
111
111
112
-
Use [this table](onboarding.md) to choose components to configure. We recommend configuring all available capabilities, but you're able to skip the ones that don't apply.
112
+
Use [the device onboarding table](onboarding.md) to choose components to configure. We recommend configuring all available capabilities, but you're able to skip the ones that don't apply.
113
113
114
-
## Step 6: Set up the Microsoft Defender for Endpoint evaluation lab
114
+
After you have onboarded devices, [run a detection test](run-detection-test.md).
115
115
116
-
The Microsoft Defender for Endpoint evaluation lab is designed to eliminate the complexities of device and environment configuration so that you can focus on evaluating the capabilities of the platform, running simulations, and seeing the prevention, detection, and remediation features in action. Using the simplified set-up experience in evaluation lab, you can focus on running your own test scenarios and the pre-made simulations to see how Defender for Endpoint performs.
116
+
## Step 6: Visit the Microsoft Defender portal
117
117
118
-
-[Watch the video overview](https://www.microsoft.com/videoplayer/embed/RE4qLUM) of the evaluation lab
119
-
-[Get started with the lab](evaluate-microsoft-defender-antivirus.md)
118
+
The Microsoft Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) is a central location where you can view onboarded devices, security recommendations, detected threats, alerts, and more. To get started, see [Microsoft Defender portal](/defender-xdr/microsoft-365-defender-portal).
Copy file name to clipboardExpand all lines: defender-endpoint/professional-services.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -65,7 +65,7 @@ Managed security services that assist organizations to detect threats early and
65
65
|[Cloud Control - Managed Detection & Response](https://go.microsoft.com/fwlink/?linkid=2202678)|The Collective|The Collective's Cloud Control Managed Protection, Detection, and Response services is an enterprise grade managed service, delivering true Security Operations Center-as-a-Service (SOC) experience with a personal touch.|
66
66
|[Nedscaper Managed XDR](https://nedscaper.com/mxdr/)|Nedscaper|Nedscaper Manager XDR (MDR) is a Managed Detect and Respond SaaS solution, which provides 24/7 Threat Protection, continues Vulnerability Management and combined Threat Intelligence built on Azure. The Microsoft Defender products and any security solution are connected to Microsoft Sentinel as the core platform for the Security analysts.|
67
67
|[dinext. pi-SOC](https://dinext-group.com/)|dinext AG|Through a close integration of deployment support, security operations and consulting in hardening and architectural improvements, dinext AG accompanies customers holistically on their way to a modern security environment.|
68
-
|[Synergy Advisors Teams App](https://synergyadvisors.biz/e-visor-teams-app/)|Synergy Advisors LLC|E-Visor Teams App is a centralized place to involve and empower your end-users in the security and productivity of the organization by presenting unique information using data from Microsoft Defenders and Microsoft Entra ID while ensuring identity governance, and compliance.|
68
+
|[Synergy Advisors E-Visor Teams App](https://synergyadvisors.biz/e-visor-for-teams/)|Synergy Advisors LLC|E-Visor Teams App is a centralized place to involve and empower your end-users in the security and productivity of the organization by presenting unique information using data from Microsoft Defenders and Microsoft Entra ID while ensuring identity governance, and compliance.|
69
69
|[Managed Microsoft XDR](https://www.cyberproof.com/security-services/managed-xdr-for-microsoft/)|Quorum Cyber|Quorum Cyber's Managed Microsoft XDR, a solution designed to enable customers to unleash the power of Microsoft security to reduce cyber risk and maximize return of investment in security.|
70
70
|[SecureShield365](https://patriotconsultingtech.com/)|Patriot Consulting|SecureShield365 includes a full deployment of all Microsoft Defender XDR products including Intune plus 12 months of support. Microsoft XDR including Sentinel, Defender for Cloud, and MDR are available options.|
71
71
|[Open Systems MDR+](https://go.microsoft.com/fwlink/?linkid=2208895)|Open Systems|Built for Microsoft security customers, MDR+ combines certified experts, exemplary processes, and seamless technology to deliver tailored, 24x7 protection while reducing attack surfaces and MTTR.|
@@ -101,7 +101,7 @@ Respond to security incidents quickly, effectively and at scale with complete in
101
101
|[Taegis XDR](https://go.microsoft.com/fwlink/?linkid=2202848)|Secureworks|Taegis™ ManagedXDR is Secureworks® 24x7 managed detection and response service, which helps you detect advanced threats and take the right action. Included threat hunting and incident response capabilities help you scale your security operations as Secureworks uses threat data collected across thousands of customers to improve your security posture. Secureworks' combination of proprietary security analytics software, SecOps expertise, incident response and threat hunting experience, threat intelligence capabilities, and 20-year history of service excellence helps reduce risk to your business.|
102
102
|[Cloud Control - Managed Detection & Response](https://go.microsoft.com/fwlink/?linkid=2202678)|The Collective|The Collective's Cloud Control Managed Protection, Detection, and Response solution is an enterprise grade managed service, delivering true Security Operations Center-as-a-Service (SOC) experience with a personal touch.|
103
103
|[dinext. pi-SOC](https://dinext-group.com/)|dinext AG|Through a close integration of deployment support, security operations and consulting in hardening and architectural improvements, dinext AG accompanies customers holistically on their way to a modern security environment.|
104
-
|[Synergy Advisors Teams App](https://synergyadvisors.biz/e-visor-teams-app/)|Synergy Advisors LLC|E-Visor Teams App is a centralized place to involve and empower your end-users in the security and productivity of the organization by presenting unique information using data from Microsoft Defenders and Microsoft Entra ID while ensuring identity governance, and compliance.|
104
+
|[Synergy Advisors E-Visor Teams App](https://synergyadvisors.biz/e-visor-for-teams/)|Synergy Advisors LLC|E-Visor Teams App is a centralized place to involve and empower your end-users in the security and productivity of the organization by presenting unique information using data from Microsoft Defenders and Microsoft Entra ID while ensuring identity governance, and compliance.|
105
105
|[SepagoSOC](https://go.microsoft.com/fwlink/?linkid=2202677)|Sepago GmbH|SepagoSOC experts ensure that your environment is constantly monitored and protected utilizing the complete range of Microsoft Defender XDR solutions and Microsoft Sentinel.SepagoSOC helps you to constantly evolve your security landscape with both technical and organizational experience.|
106
106
|[SecureShield365](https://patriotconsultingtech.com/)|Patriot Consulting|SecureShield365 includes a full deployment of all Microsoft Defender XDR products including Intune plus 12 months of support. Microsoft XDR including Sentinel, Defender for Cloud, and MDR are available options.|
107
107
|[Open Systems MDR+](https://go.microsoft.com/fwlink/?linkid=2208895)|Open Systems|Built for Microsoft security customers, MDR+ combines certified experts, exemplary processes, and seamless technology to deliver tailored, 24x7 protection while reducing attack surfaces and MTTR.|
@@ -134,7 +134,7 @@ Protect your organization proactively by evaluating your organization's ability
134
134
|[Taegis XDR](https://go.microsoft.com/fwlink/?linkid=2202848)|Secureworks|Taegis™ ManagedXDR is Secureworks® 24x7 managed detection and response service, which helps you detect advanced threats and take the right action. Included threat hunting and incident response capabilities help you scale your security operations as Secureworks uses threat data collected across thousands of customers to improve your security posture. Secureworks' combination of proprietary security analytics software, SecOps expertise, incident response and threat hunting experience, threat intelligence capabilities, and 20-year history of service excellence helps reduce risk to your business.|
135
135
|[Cloud Control - Managed Detection & Response](https://go.microsoft.com/fwlink/?linkid=2202678)|The Collective|The Collective's Cloud Control Managed Protection, Detection and Response services is an enterprise grade managed service, delivering true Security Operations Center-as-a-Service (SOC) experience with a personal touch.|
136
136
|[dinext. pi-SOC](https://dinext-group.com/)|dinext AG|Through a close integration of deployment support, security operations and consulting in hardening and architectural improvements, dinext AG accompanies customers holistically on their way to a modern security environment.|
137
-
|[Synergy Advisors Teams App](https://synergyadvisors.biz/e-visor-teams-app/)|Synergy Advisors LLC|E-Visor Teams App is a centralized place to involve and empower your end-users in the security and productivity of the organization by presenting unique information using data from Microsoft Defenders and Microsoft Entra ID while ensuring identity governance, and compliance.|
137
+
|[Synergy Advisors E-Visor Teams App](https://synergyadvisors.biz/e-visor-for-teams/)|Synergy Advisors LLC|E-Visor Teams App is a centralized place to involve and empower your end-users in the security and productivity of the organization by presenting unique information using data from Microsoft Defenders and Microsoft Entra ID while ensuring identity governance, and compliance.|
138
138
|[Managed Microsoft XDR](https://www.cyberproof.com/security-services/managed-xdr-for-microsoft/)|Quorum Cyber|Quorum Cyber's Managed Microsoft XDR, a solution designed to enable customers to unleash the power of Microsoft security to reduce cyber risk and maximize return of investment in security.|
139
139
|[SepagoSOC](https://go.microsoft.com/fwlink/?linkid=2202677)|Sepago GmbH|SepagoSOC experts ensure that your environment is constantly monitored and protected utilizing the complete range of Microsoft Defender XDR solutions and Microsoft Sentinel. They help you to constantly evolve your security landscape with both technical and organizational experience.|
140
140
|[SecureShield365](https://patriotconsultingtech.com/)|Patriot Consulting|SecureShield365 includes a full deployment of all Microsoft Defender XDR products including Intune plus 12 months of support. Microsoft XDR including Sentinel, Defender for Cloud, and MDR are available options.|
@@ -185,7 +185,7 @@ Mature and maintain your internal team's security capabilities to prevent, detec
185
185
|[BlueVoyant MDR for Microsoft Defender XDR](https://www.bluevoyant.com/platform/mdr/mdr-for-microsoft)|BlueVoyant|BlueVoyant's MDR (Managed Detection and Response) for Microsoft Defender XDR combines the power of Microsoft's Defender product suite with BlueVoyant's elite 24x7 security operations team to identify, investigate, and eradicate today's most sophisticated and advanced cyberattacks. In addition to MDR, services can include implementation, assessments, training, concierge, solution integrations, and more.|
186
186
|[White Hat Managed Security Services](https://go.microsoft.com/fwlink/?linkid=2202391)|White Hat IT Security|White Hat MSS offers zero trust approach to managed security on every platform – scalable and adaptive security from true experts.|
187
187
|[Cloud Control - Managed Detection & Response](https://go.microsoft.com/fwlink/?linkid=2202678)|The Collective|The Collective's Cloud Control Managed Protection, Detection, and Response solution is an enterprise grade managed service, delivering true Security Operations Center-as-a-Service (SOC) experience with a personal touch.|
188
-
|[Synergy Advisors Teams App](https://synergyadvisors.biz/e-visor-teams-app/)|Synergy Advisors LLC|E-Visor Teams App is a centralized place to involve and empower your end-users in the security and productivity of the organization by presenting unique information using data from Microsoft Defenders and Microsoft Entra ID while ensuring identity governance, and compliance.|
188
+
|[Synergy Advisors E-Visor Teams App](https://synergyadvisors.biz/e-visor-for-teams/)|Synergy Advisors LLC|E-Visor Teams App is a centralized place to involve and empower your end-users in the security and productivity of the organization by presenting unique information using data from Microsoft Defenders and Microsoft Entra ID while ensuring identity governance, and compliance.|
189
189
|[Managed Microsoft XDR](https://www.cyberproof.com/security-services/managed-xdr-for-microsoft/)|Quorum Cyber|Quorum Cyber's Managed Microsoft XDR, a solution designed to enable customers to unleash the power of Microsoft security to reduce cyber risk and maximize return of investment in security.|
190
190
|[SecureShield365](https://patriotconsultingtech.com/)|Patriot Consulting|SecureShield365 includes a full deployment of all Microsoft Defender XDR products including Intune plus 12 months of support. Microsoft XDR including Sentinel, Defender for Cloud, and MDR are available options.|
Copy file name to clipboardExpand all lines: defender-office-365/quarantine-admin-manage-messages-files.md
+9-1Lines changed: 9 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,7 +18,7 @@ ms.custom:
18
18
- seo-marvel-apr2020
19
19
description: Admins can learn how to view and manage quarantined messages for all users in Exchange Online Protection (EOP). Admins in organizations with Microsoft Defender for Office 365 can also manage quarantined files in SharePoint Online, OneDrive for Business, and Microsoft Teams.
- ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 1 and Plan 2</a>
@@ -106,6 +106,10 @@ You can sort the entries by clicking on an available column header. Select :::im
106
106
-**None**
107
107
-**Message sender is blocked by recipient settings**
108
108
-**Message sender is blocked by administrator settings**
109
+
110
+
> [!TIP]
111
+
> If a sender is blocked and **Don't show blocked senders** is selected (default), messages from those senders are shown on the **Quarantine** page and are included in quarantine notifications when the **Sender address override reason** value is **None**. This behavior occurs because the messages were blocked due to reasons other than sender address overrides.
112
+
109
113
-**Released by**<sup>\*</sup>
110
114
-**Message ID**
111
115
-**Policy name**
@@ -149,6 +153,10 @@ To filter the entries, select :::image type="icon" source="media/m365-cc-sc-filt
149
153
-**Blocked sender**: One of the following values:
150
154
-**Don't show blocked senders** (default)
151
155
-**Show all senders**
156
+
157
+
> [!TIP]
158
+
> If a sender is blocked and **Don't show blocked senders** is selected, messages from those senders are shown on the **Quarantine** page and are included in quarantine notifications when the **Sender address override reason** value is **None**. This behavior occurs because the messages were blocked due to reasons other than sender address overrides.
159
+
152
160
-**Release status**: Select one or more of the following values
- ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 1 and Plan 2</a>
@@ -97,6 +97,10 @@ You can sort the entries by clicking on an available column header. Select :::im
97
97
-**None**
98
98
-**Message sender is blocked by recipient settings**
99
99
-**Message sender is blocked by administrator settings**
100
+
101
+
> [!TIP]
102
+
> If a sender is blocked and **Don't show blocked senders** is selected (default), messages from those senders are shown on the **Quarantine** page and are included in quarantine notifications when the **Sender address override reason** value is **None**. This behavior occurs because the messages were blocked due to reasons other than sender address overrides.
103
+
100
104
-**Released by**<sup>\*</sup>
101
105
-**Message ID**
102
106
-**Policy name**
@@ -130,6 +134,10 @@ To filter the entries, select :::image type="icon" source="media/m365-cc-sc-filt
130
134
-**Blocked sender**: One of the following values:
131
135
-**Don't show blocked senders** (default)
132
136
-**Show all senders**
137
+
138
+
> [!TIP]
139
+
> If a sender is blocked and **Don't show blocked senders** is selected, messages from those senders are shown on the **Quarantine** page and are included in quarantine notifications when the **Sender address override reason** value is **None**. This behavior occurs because the messages were blocked due to reasons other than sender address overrides.
0 commit comments