Forum Discussion

jgca-01's avatar
jgca-01
Copper Contributor
Mar 05, 2024

Microsoft Defender for Endpoint policy assignment

Hey guys,

 

It was my understanding that you can assign Defender policies (Antivirus, EDR, ASR) to both users or devices. A coworker mentioned that you should never assign Defender policies to users because Defender targets devices and if you assign users it can create problems with duplicates, service accounts, bitlocker and some other things.

 

I'm confused now, any feedback you can provide would me much appreciated. When doing defender deployments some customers give me users for the pilot not devices, for example they want to test with the IT department first and they send me a list of users, so I assign the users to a pilot group, if we are deploying servers to then I create a server group and add the servers for the pilot and assign the group to the policies as well.

 

Thank you.

No RepliesBe the first to reply

Resources