Bulk add devices in MDI exclusion lists

gfelter · ‎May 14 2021

Hello everyone,

We are looking for a way to add our internal security scanners (several hundreds) to MDI exclusion lists. (For example Account Enumeration Reconnaissance)

Several problems came up:

The interface does not seem to support bulk adding, which is not only a problem to add hundreds of devices in one policy, but also when it comes to add this list to several MDI policies.
One given device seems to match several objects (up to 5 duplicates entities).
When trying to add a device in one policy exclusion list (which would take some time to copy-paste one by one), I would actually have to add 1 to 5 entities so that device is properly whitelisted.

What would you recommend to fix/workaround those problems?
The best solution I can imagine would be to be able to create groups of devices (imported from a CSV file), that we could then attach to the exclusion lists of needed policies.

dougsbaker · ‎Oct 12 2021

There is now a Global Excluded Entities Page. that makes it much easier to bulk modify exclusion lists.
https://security.microsoft.com/settings/identities?tabid=globalExclude

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Bulk add devices in MDI exclusion lists

Bulk add devices in MDI exclusion lists

Re: Bulk add devices in MDI exclusion lists