Integrating Microsoft Defender Advanced Threat Protection (MD ATP) with
Endpoint Protection Mobile

About the integration
Microsoft Defender Advanced Threat Protection (ATP) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. The integration between
Symantec Endpoint Protection Mobile
and Microsoft Defender ATP lets you have real-time visibility into mobile threats to respond quickly and effectively.
Integration outcome in the Microsoft Defender ATP portal
  • Visibility into new security events from on boarded iOS and Android devices
  • Integration of mobile threat information into the Microsoft Defender ATP portal including analytics dashboards, and relevant indication views ("Active alerts" and "Machines at risk" views)
How to configure the integration
Prerequisites: Enabling the Microsoft Defender ATP in Intune:
  1. Go to the
  2. Enable the Windows Defender ATP in Intune. The instructions are available at:
Step 1: Retrieving the Directory ID from Microsoft Azure.
  1. Go to the Microsoft Azure Portal > On the left navigation pane, click
    Azure Active Directory
    .
  2. On the
    Managed Category
    extended menu, click
    Properties
    .
  3. Copy the Directory ID value (you can click the copy icon next to it).
  4. >Paste the ID into a safe location (a word file or any other text editor you manage locally).
Step 2: Setting up the integration in
Endpoint Protection Mobile
management console
  1. Go to
    Endpoint Protection Mobile
    management console >
    Settings
    >
    Integrations
    >
    EDR Platform
    .
  2. Select
    Microsoft Defender Advanced Threat Protection (ATP)
    .
  3. Paste the Directory ID value that you copied in Step 1.3 into the relevant field.
  4. Click
    Add to Active Directory
    next to
    Azure Active Directory access
    .
  5. In the open window, log on using the Azure Active Directory credentials (of the Microsoft Office 365 account).
  6. Click
    Accept
    to add access to the Azure Active Directory.
  7. Click
    Apply Changes
    for the configuration to take effect.
    Once you apply the changes,
    Endpoint Protection Mobile
    starts reporting information to Microsoft Defender ATP.