Manage Microsoft Defender for Endpoint after initial setup or migration
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender for Endpoint Plan 2
- Microsoft 365 Defender
Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.
After you have set up and configured Microsoft Defender for Endpoint, your next step is to manage your features and capabilities. We recommend using Microsoft Intune to manage your organization's devices and security settings. However, you can use other tools/methods, such as Microsoft Configuration Manager or Group Policy Objects in Azure Active Directory Domain Services.
The following table lists various tools/methods you can use, with links to learn more.
|Microsoft Defender Vulnerability Management dashboard insights in the Microsoft 365 Defender portal||The Defender Vulnerability Management dashboard provides actionable information that your security operations team can use to reduce exposure and improve your organization's security posture.
See Defender Vulnerability Management and Overview of Microsoft 365 Defender.
|Microsoft Intune||Intune provides mobile device management (MDM) and mobile application management (MAM) capabilities. With Intune, you control how your organization's devices are used, including mobile phones, tablets, and laptops. You can also configure specific policies to control applications.
See Manage Microsoft Defender for Endpoint using Intune.
|Microsoft Configuration Manager||Microsoft Configuration Manager, formerly known as System Center Configuration Manager, is a powerful tool to manage your users, devices, and software.
See Manage Microsoft Defender for Endpoint with Configuration Manager.
|Group Policy Objects in Azure Active Directory Domain Services||Azure Active Directory Domain Services includes built-in Group Policy Objects for users and devices. You can customize the built-in Group Policy Objects as needed for your environment, as well as create custom Group Policy Objects and organizational units (OUs).
See Manage Microsoft Defender for Endpoint with Group Policy Objects.
|PowerShell, WMI, and MPCmdRun.exe||We recommend using Microsoft Intune or Configuration Manager to manage threat protection features on your organization's devices. However, you can configure some settings, such as Microsoft Defender Antivirus settings on individual devices (endpoints) with PowerShell, WMI, or the MPCmdRun.exe tool.
You can use PowerShell to manage Microsoft Defender Antivirus, exploit protection, and your attack surface reduction rules. See Configure Microsoft Defender for Endpoint with PowerShell.
You can use Windows Management Instrumentation (WMI) to manage Microsoft Defender Antivirus and exclusions. See Configure Microsoft Defender for Endpoint with WMI.
You can use the Microsoft Malware Protection Command-Line Utility (MPCmdRun.exe) to manage Microsoft Defender Antivirus and exclusions, as well as validate connections between your network and the cloud. See Configure Microsoft Defender for Endpoint with MPCmdRun.exe.
Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.