Forum Discussion
Defender for Endpoint noob questions...
Hi everyone, I am quite new to Defender for Endpoint therefore thought this resource would be useful for learning. Recently one of our customers subscribed to Defender for Endpoint P2. The cu...
"If you are happy with the setting put in by the onboarding script then you wouldn't have to do anything." What setting are you referring to here please? Just the default configuration of Defender AV? Does the onboarding script just create a vanilla configuration of Defender AV?
There are a few settings related to the MDE client service configuration only, such as client latency and proxy settings. One thing to remember is that Defender AV, ASR rules, and other host configuration items are not really part of Defender for Endpoint, they are separate tools and are managed separately. MDE adds some threat intelligence and consumes telemetry events from them, but doesn't manage them.
As you have already seen, Defender AV for example isn't managed through MDE at all. It can be managed through MEM or GPO, and you don't need MDE to use it. Same with ASR rules.
In other words, the MDE onboarding script, or GPO, or MEM package, don't configure Defender AV etc. at all, that is something you have to do separately.
As you have already seen, Defender AV for example isn't managed through MDE at all. It can be managed through MEM or GPO, and you don't need MDE to use it. Same with ASR rules.
In other words, the MDE onboarding script, or GPO, or MEM package, don't configure Defender AV etc. at all, that is something you have to do separately.