Forum Discussion
InTune, SCCM or Powershell?
We have a Customer currently using SCCM that needs to have Defender ATP deployed, plus we have a few others lined up in the coming months, and yet as we're reviewing the config details we consistently see the instructions listed as:
- https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection#intune
- https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection#mdm
- https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection#sccm
- https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection#group-policy
- https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection#powershell
Example:
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection
What is the best way of doing this with the most commanality? Is it Powershell perhaps?
Ideally with a view to being able to consistently reuse the same configurations as a baseline for each customer.
Does this make sense?
This is what we use , depending on the customer's environment:
- If they have ConfigMgr, we use ConfigMgr antimalware and Defender ATP policies to configure and deploy Windows Defender settings and do the ATP onboarding.
- If the customer uses Intune only, we do all via Intune.
- If they have VDI (without ConfigMgr Agent installed), use GPO
In terms of re-usage, in ConfigMgr you can export the Antimalware policy which gives you an XML file, that you can easily import again. The same would go for GPOs. Intune, haven't looked at this yet.
Hope that helps
Alex
1 Reply
This is what we use , depending on the customer's environment:
- If they have ConfigMgr, we use ConfigMgr antimalware and Defender ATP policies to configure and deploy Windows Defender settings and do the ATP onboarding.
- If the customer uses Intune only, we do all via Intune.
- If they have VDI (without ConfigMgr Agent installed), use GPO
In terms of re-usage, in ConfigMgr you can export the Antimalware policy which gives you an XML file, that you can easily import again. The same would go for GPOs. Intune, haven't looked at this yet.
Hope that helps
Alex