Microsoft
MicrosoftDan Michelson Support for proxy sessions is always welcome. Especially in the last few years, I have a feeling, industry seeing the second coming of proxy-based security and filtering products (back from the grave). Not strictly on the subject, but I was really impressed when some NG firewall was able to transparently unwrap and report on proxy traffic destined to TCP/8080 and be able to show it in the firewall logs with unwrapped URLs and run the full content inspection. I'm sure MDATP support and de-obfuscation of proxied URLs will be very well received.
Is there a more in-depth compatibility list in addition to this https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility ?
Does MDATP actively monitor and inspect DNS traffic on the endpoint? What if some other endpoint products change DNS settings to 127.0.0.1? Perhaps you can comment on my unanswered query here - Impact to MDATP protection / visibility / investigations when using Cisco Umbrella Roaming Client
