Event banner

Zero in on Zero Trust with unified endpoint security management from Microsoft

Event Ended
Monday, Oct 24, 2022, 08:00 AM PDT
Online

Event details

Microsoft Intune and Microsoft Defender work together to help secure your organization’s data while ensuring employee productivity. Join this session to learn about using Intune to pre-emptively depl...
Heather_Poulsen
Updated Dec 27, 2024
Technical Takeoff
Paul_Woodward's avatar
Paul_Woodward
Iron Contributor
Oct 24, 2022
Question. We are using the "MEMAC > Endpoint Security > Manage" space to create policy for AV, Bitlocker encryption, Firewall, etc. Then we are told to use the Security Baselines. Clearly there is massive overlap, and thus conflict, between these sets of policies. Clearly it's not sensible to use both. In my view the Security Baselines are less good, because so many settings in one policy makes them hard to test/troubleshoot. The smaller "Endpoint Security" policies are easier to maintain. But what should we be doing??
  • nmidlane's avatar
    nmidlane
    Copper Contributor
    Oct 24, 2022
    Agree Paul. Would really help for an overview of when to use MEM Policies, when to use security baselines and when to use the new endpoint security configurations
    • LauraArrizza's avatar
      LauraArrizza
      Icon for Microsoft rankMicrosoft
      Oct 24, 2022
      The guidance is to first use Security Baselines to leverage the built-in setting recommendations that come from security experts across Windows, Defender for Endpoint, Edge, and Windows 365. After deploying the customized Security Baseline policy, you can use Endpoint Security policy templates that span across categories like AV, Firewall, ASR etc. to complement baselines with missing settings that are specific to the scope of security you're looking for. From there, you can leverage the Settings Catalog to add additional settings using the picker experience. We also surface Administrative Templates for settings that may still be need to be added but not available via the other methods. In terms of viewing and addressing conflicts, we have reports to help identify where you may have overlapping settings targeted. Reports like "Assignment failures" and "Device configuration" and the per policy reports allow you to drill down and understand where conflicts may be occurring. Make sure to check out some of the other Ignite sessions for specific discussions on deploying policy across the methods we offer!
      • nmidlane's avatar
        nmidlane
        Copper Contributor
        Oct 25, 2022
        Thanks Laura. The challenge we find in large organisations, is that without order of preference in policies you then end up having to copy the baselines, strip out settings, to then filter either on or off depending on application\system requirements\limitations in separate policies where the baselines cause issues and end up with endless additional policies to manage the settings that break various apps and services. In a new company with cloud native applications it is nice and simple but when moving large companies with complex GPO's that need migrating to allow their applications to function its quite a challenge. Is order or precedence something on the roadmap or not due to the complexities in implementing it? Many thanks in advance.
Date and Time
Oct 24, 20228:00 AM - 8:30 AM PDT