You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/offboard-machines.md
+10-10Lines changed: 10 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,7 +13,7 @@ ms.collection:
13
13
ms.topic: conceptual
14
14
ms.subservice: onboard
15
15
search.appverid: met150
16
-
ms.date: 04/03/2024
16
+
ms.date: 08/23/2024
17
17
---
18
18
19
19
# Offboard devices
@@ -36,17 +36,10 @@ ms.date: 04/03/2024
36
36
37
37
> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-offboarddevices-abovefoldlink)
38
38
39
-
Follow the corresponding instructions depending on your preferred deployment method.
39
+
When you offboard a device from Defender for Endpoint, no new detections, vulnerability, or security data are sent to the Microsoft Defender portal. Seven days after offboarding a device, its status changes to [inactive](/defender-endpoint/fix-unhealthy-sensors#inactive-devices). Devices that weren't active within the past 30 days are not factored into your organization's [exposure score](/defender-vulnerability-management/tvm-exposure-score).
40
40
41
-
The status of a device switches to [Inactive](fix-unhealthy-sensors.md#inactive-devices) seven (7) days after offboarding.
41
+
Past data, such as alerts, vulnerablities, and the device timeline, for an offboarded device is displayed in the Microsoft Defender portal until the [configured retention period](/defender-endpoint/data-storage-privacy#how-long-will-microsoft-store-my-data-what-is-microsofts-data-retention-policy) expires. You also see the device profile (without data) in the device inventory for up to 180 days. To view data for active devices only, you can use filters, such as [sensor health state](/defender-endpoint/machines-view-overview#use-filters-to-customize-the-device-inventory-views), [device tags](/defender-endpoint/machine-tags), or [device groups](/defender-endpoint/machine-groups).
42
42
43
-
Data, such as Timeline, Alerts, Vulnerabilities, etc., from devices that were offboarded remains in the Microsoft Defender portal until the configured [retention period](data-storage-privacy.md) expires.
44
-
45
-
The device's profile (without data) remains in the [Device inventory](machines-view-overview.md) for no longer than 180 days.
46
-
47
-
Devices that weren't active in the last 30 days aren't factored in on the data that reflects your organization's Defender Vulnerability Management [exposure score](/defender-vulnerability-management/tvm-exposure-score) and Microsoft Secure Score for Devices.
48
-
49
-
To view only active devices, you can filter by [sensor health state](machines-view-overview.md#use-filters-to-customize-the-device-inventory-views), [device tags](machine-tags.md), or [machine groups](machine-groups.md).
50
43
51
44
## Offboard Windows devices
52
45
@@ -62,4 +55,11 @@ To view only active devices, you can filter by [sensor health state](machines-vi
0 commit comments