cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community
Find out more
SOLVED

InTune, SCCM or Powershell?

David Caddick
Iron Contributor

‎Aug 15 2019 03:57 PM

‎Aug 15 2019 03:57 PM

InTune, SCCM or Powershell?

We have a Customer currently using SCCM that needs to have Defender ATP deployed, plus we have a few others lined up in the coming months, and yet as we're reviewing the config details we consistently see the instructions listed as:

Example:

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/e...

 

What is the best way of doing this with the most commanality? Is it Powershell perhaps?

Ideally with a view to being able to consistently reuse the same configurations as a baseline for each customer.

 

Does this make sense?

877 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by David Caddick (Iron Contributor)
Alex Verboon

‎Aug 16 2019 08:58 AM

‎Aug 16 2019 08:58 AM

Solution

Re: InTune, SCCM or Powershell?

Hi @David Caddick 

 

This is what we use , depending on the customer's environment:

 

  1. If they have ConfigMgr, we use ConfigMgr antimalware and Defender ATP policies to configure and deploy Windows Defender settings and do the ATP onboarding. 
  2. If the customer uses Intune only, we do all via Intune.
  3. If they have VDI (without ConfigMgr Agent installed), use GPO

 

In terms of re-usage, in ConfigMgr you can export the Antimalware policy which gives you an XML file, that you can easily import again. The same would go for GPOs. Intune, haven't looked at this yet. 

 

Hope that helps

Alex

 

 

 

 

1 Like
Reply