Forum Discussion
Solved
MDATP - Deployment Guide & Best Practices?
Hi All, Is anyone aware of a Best Practices or Deployment guide? Defender ATP has had a lot of changes in the last months and I'm guessing it doesn't exist, but asking the question anyway...
Here you go: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/product-brief
Thanks Ryen Macababbad I've already provided some feedback on Yammer.
Question - there doesn't appear to be much focus on applying the "Audit Only" settings and collecting data before changing to enforced? Some of the settings will have the capacity to be disruptive to business if pushed too aggressively too quickly? Thoughts?
David - I agree with your caution. I tried some deployment options on a R&D Subscription first and realised that it is easy to enable a blanket-wide enablement. This meant the deployment to each server would be in effect indeterminate and un-managed. I think there is a lot of complexity and confusion in this area. Especially for larger enterprises that desire a phased implementation.