Integrating Microsoft Defender Advanced Threat Protection (MD ATP) with Endpoint Protection Mobile
Endpoint Protection Mobile
About the integration
Microsoft Defender Advanced Threat Protection (ATP) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. The integration between
Symantec Endpoint Protection Mobileand Microsoft Defender ATP lets you have real-time visibility into mobile threats to respond quickly and effectively.
SEP Mobile& Microsoft Defender ATP Integration for more info.
Integration outcome in the Microsoft Defender ATP portal
- Visibility into new security events from on boarded iOS and Android devices
- Integration of mobile threat information into the Microsoft Defender ATP portal including analytics dashboards, and relevant indication views ("Active alerts" and "Machines at risk" views)
How to configure the integration
Prerequisites: Enabling the Microsoft Defender ATP in Intune:
- Enable the Windows Defender ATP in Intune. The instructions are available at:
Step 1: Retrieving the Directory ID from Microsoft Azure.
- Go to the Microsoft Azure Portal > On the left navigation pane, clickAzure Active Directory.
- On theManaged Categoryextended menu, clickProperties.
- Copy the Directory ID value (you can click the copy icon next to it).
- >Paste the ID into a safe location (a word file or any other text editor you manage locally).
Step 2: Setting up the integration in
Endpoint Protection Mobilemanagement console
- Go toEndpoint Protection Mobilemanagement console >Settings>Integrations>EDR Platform.
- SelectMicrosoft Defender Advanced Threat Protection (ATP).
- Paste the Directory ID value that you copied in Step 1.3 into the relevant field.
- ClickAdd to Active Directorynext toAzure Active Directory access.
- In the open window, log on using the Azure Active Directory credentials (of the Microsoft Office 365 account).
- ClickAcceptto add access to the Azure Active Directory.
- ClickApply Changesfor the configuration to take effect.Once you apply the changes,Endpoint Protection Mobilestarts reporting information to Microsoft Defender ATP.