Manage Microsoft Defender for Endpoint with Configuration Manager
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender for Endpoint Plan 2
- Microsoft Defender XDR
Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.
This article describes how to manage Defender for Endpoint settings with Configuration Manager, and lists various tasks you can perform.
Configure Microsoft Defender for Endpoint with Configuration Manager
|Task||Resources to learn more|
|Install the Configuration Manager console if you don't already have it
If you don't already have the Configuration Manger console, use these resources to get the bits and install it.
|Get the installation media
Install the Configuration Manager console
|Use Configuration Manager to onboard devices to Microsoft Defender for Endpoint
If you have devices (or endpoints) not already onboarded to Microsoft Defender for Endpoint, you can do that with Configuration Manager.
|Onboard to Microsoft Defender for Endpoint with Configuration Manager|
|Manage antimalware policies and Windows Firewall security for client computers (endpoints)
Configure endpoint protection features, including Microsoft Defender for Endpoint, exploit protection, application control, antimalware, firewall settings, and more.
|Configuration Manager: Endpoint Protection|
|Choose methods for updating antimalware updates on your organization's devices
With Endpoint Protection in Configuration Manager, you can choose from several methods to keep antimalware definitions up to date on your organization's devices.
|Configure definition updates for Endpoint Protection
Use Configuration Manager to deliver definition updates
|Enable Network Protection to help prevent employees from using apps that malicious content on the Internet
We recommend using audit mode at first for network protection in a test environment to see which apps would be blocked before rolling out.
|Turn on network protection with Configuration Manager|
|Configure controlled folder access to protect against ransomware
Controlled folder access is also referred to as antiransomware protection.
|Endpoint protection: Controlled folder access
Enable controlled folder access in Microsoft Endpoint Configuration Manage
Configure your Microsoft Defender portal
If you haven't already done so, configure your Microsoft Defender portal to view alerts, configure threat protection features, and view detailed information about your organization's overall security posture. See While the attack was detected and stopped, alerts, such as an "initial access alert," were triggered and appeared in the Microsoft Defender portal. You can also configure whether and what features end users can see in the Microsoft Defender portal.
Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.