Feb 14 2024 12:53 AM
Hi,
We are planning migration from 3rd party AV and we want to ensure smooth migration. We have Windows clients and MacOS in scope. We want to ensure that during migration when we are switching from 3rd party AV there will be no conflicts. Therefore I follow MS documentation Migrate to Microsoft Defender for Endpoint. Under section 3 there is list of exclusions to be added to existing AV solution when migrating to MDE. However there is only information on Windows client OS and Servers. Nothing mentioned on MacOS. Can someone direct me where I can find it ? Thx
Feb 14 2024 02:52 AM
Feb 14 2024 03:15 AM - edited Feb 14 2024 03:16 AM
Thank you for your response. MDE is already installed and running in the passive mode. There is 3rd party AV and EDR in prime. Why I am looking for MDE exclusion is following. I will board MDE to defender portal then EDR processes will start as well from MDE, then uninstall 3rd party AV so MDE AV will be active. In case of rollback I want just to push back 3rd party AV and then MDE will go to passive but EDR sensor from MDE will still sending telemetry. Therefore I am looking what 3rd party AV must exclude in terms of the EDR processes from MDE and whatever is still running when MDE is in passive
Feb 14 2024 03:30 AM