You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/manage-protection-updates-microsoft-defender-antivirus.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -14,7 +14,7 @@ ms.collection:
14
14
- m365-security
15
15
- tier2
16
16
search.appverid: met150
17
-
ms.date: 09/27/2024
17
+
ms.date: 09/30/2024
18
18
---
19
19
20
20
# Manage the sources for Microsoft Defender Antivirus protection updates
@@ -91,7 +91,7 @@ You can manage the order in which update sources are used with Group Policy, Mic
91
91
> [!IMPORTANT]
92
92
> If you set Windows Server Update Service as a download location, you must approve the updates, regardless of the management tool you use to specify the location. You can set up an automatic approval rule with Windows Server Update Service, which might be useful as updates arrive at least once a day. To learn more, see [synchronize endpoint protection updates in standalone Windows Server Update Service](/configmgr/protect/deploy-use/endpoint-definitions-wsus#to-synchronize-endpoint-protection-definition-updates-in-standalone-wsus).
93
93
94
-
The procedures in this article first describe how to set the order, and then how to set up the **File share** option if it's enabled.
94
+
The procedures in this article first describe how to set the order, and then how to set up the Windows File Server - **File share** option if it's enabled.
95
95
96
96
## Use Group Policy to manage the update location
97
97
@@ -117,10 +117,10 @@ The procedures in this article first describe how to set the order, and then how
117
117
118
118
7. Edit the **Define file shares for downloading security intelligence updates** setting and then set the option to **Enabled**.
119
119
120
-
8. On a Windows Server, specify the file share source. If you have multiple sources, specify each source in the order they should be used, separated by a single pipe. Use [standard UNC notation](/openspecs/windows_protocols/ms-dtyp/62e862f4-2a51-452e-8eeb-dc4ff5ee33cc) for denoting the path. For example: `\\host-name1\share-name\object-name|\\host-name2\share-name\object-name`.
120
+
1. On a Windows Server, specify the file share source. If you have multiple sources, specify each source in the order they should be used, separated by a single pipe. Use [standard UNC notation](/openspecs/windows_protocols/ms-dtyp/62e862f4-2a51-452e-8eeb-dc4ff5ee33cc) for denoting the path. For example: `\\WindowsFileServer\share-name\object-name|\\host-name2\share-name\object-name`.
121
121
122
122
If you don't enter any paths, then this source is skipped when the VM downloads updates.
123
-
123
+
124
124
9. Select **OK**. This action sets the order of file shares when that source is referenced in the **Define the order of sources...** group policy setting.
125
125
126
126
@@ -174,7 +174,7 @@ For example, suppose that Contoso has hired Fabrikam to manage their security so
174
174
175
175
## Create a UNC share for security intelligence and platform updates
176
176
177
-
On a Windows Server set up a network file share (UNC/mapped drive) to download security intelligence and platform updates from the MMPC site by using a scheduled task.
177
+
On a Windows File Server set up a network file share (UNC/mapped drive) to download security intelligence and platform updates from the MMPC site by using a scheduled task.
178
178
179
179
1. On the system for which you want to provision the share and download the updates, create a folder for the script.
Copy file name to clipboardExpand all lines: defender-endpoint/onboard-configure.md
+2-1Lines changed: 2 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,7 +13,7 @@ ms.collection:
13
13
ms.topic: conceptual
14
14
ms.subservice: onboard
15
15
search.appverid: met150
16
-
ms.date: 03/28/2024
16
+
ms.date: 09/30/2024
17
17
---
18
18
19
19
# Configure Microsoft Defender for Endpoint capabilities
@@ -48,6 +48,7 @@ Onboarding devices effectively enables the endpoint detection and response capab
48
48
|[Configure Next-generation protection (NGP)](configure-microsoft-defender-antivirus-features.md)| Microsoft Defender Antivirus is a built-in antimalware solution that provides next-generation protection for desktops, portable computers, and servers. Microsoft Defender Antivirus includes:<br> <br>-Cloud-delivered protection for near-instant detection and blocking of new and emerging threats. Along with machine learning and the Intelligent Security Graph, cloud-delivered protection is part of the next-gen technologies that power Microsoft Defender Antivirus.<br> <br> - Always-on scanning using advanced file and process behavior monitoring and other heuristics (also known as "real-time protection").<br><br> - Dedicated protection updates based on machine learning, human and automated big-data analysis, and in-depth threat resistance research. |3|
49
49
|[Configure attack surface reduction](overview-attack-surface-reduction.md)| Attack surface reduction capabilities in Microsoft Defender for Endpoint help protect the devices and applications in the organization from new and emerging threats. |4|
50
50
|[Configure Auto Investigation & Remediation (AIR) capabilities](configure-automated-investigations-remediation.md)| Microsoft Defender for Endpoint uses Automated investigations to significantly reduce the volume of alerts that need to be investigated individually. The Automated investigation feature uses various inspection algorithms, and processes used by analysts (such as playbooks) to examine alerts and take immediate remediation action to resolve breaches. AIR significantly reduces alert volume, allowing security operations experts to focus on more sophisticated threats and other high value initiatives.|Not applicable|
51
+
|[Activate Microsoft Defender for Identity capabilities directly on a domain controller](/defender-for-identity/deploy/activate-capabilities)| Microsoft Defender for Identity customers, who've already onboarded their domain controllers to Defender for Endpoint, can activate Microsoft Defender for Identity capabilities directly on a domain controller instead of using a Microsoft Defender for Identity sensor. |Not applicable|
51
52
|[Configure Microsoft Defender Experts capabilities](/defender-xdr/defender-experts-for-hunting)| Microsoft Experts is a managed hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don't get missed.|Not applicable|
52
53
53
54
For more information, see [Supported Microsoft Defender for Endpoint capabilities by platform](supported-capabilities-by-platform.md).
0 commit comments