ATP Sensor Requirment

aussupport · ‎Aug 14 2020

Hi All,

I have a domain with 100+ servers. So do we need to install ATP Sensor for all?

As

Or Tsemah · ‎Aug 14 2020

Azure ATP only needs to be deployed on the Domain controllers to monitor the environment, it's important to install on all of them

aussupport · ‎Aug 14 2020

@Or Tsemah Thanks. I understand that need to instal on DC's but why we need to install on all the DC's?

if we have few DC's in each site can one of them not enough?

Or Tsemah · ‎Aug 15 2020

@aussupport It won't ensure that Azure ATP has the maximum chance of catching a malicious behavior.

Although AD data is distributed between the DCs, Azure ATP also listen to network traffic for example for example, that is why having 100% coverage is crucial.

aussupport · ‎Aug 16 2020

@aussupport it's the nature of the onPrem AD, the reason you have multiple DC's is to ensure HA? So what if a malicious login occurs against a DC that doesn't have the Sensor deployed?

That being said, even having the sensor's deployed to 10 - 20% of the DC's will give you some coverage, but the Question then is "are you catching all the bad stuff, or are you missing something vital?"

Hope that helps?

Dave C

ATP Sensor Requirment

ATP Sensor Requirment

Re: ATP Sensor Requirment

Re: ATP Sensor Requirment

Re: ATP Sensor Requirment

Re: ATP Sensor Requirment

Products (52)

Special Topics (28)

Video Hub (447)

Most Active Hubs

Most Active Hubs

Video Hub

ATP Sensor Requirment