Security baseline and antivirus policy

%3CLINGO-SUB%20id%3D%22lingo-sub-1522962%22%20slang%3D%22en-US%22%3ESecurity%20baseline%20and%20antivirus%20policy%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1522962%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20guys%2C%3C%2FP%3E%3CP%3EWe%20are%20researching%20about%20the%20Intune%20MDM%2C%20security%20baseline%20to%20deploy%20as%20co-managed%20for%20our%20client%20but%20i%20have%20something%20unclear%20and%20want%20to%20ask%3A%3C%2FP%3E%3CP%3E-%20Is%20the%26nbsp%3BDevice%20security%20aspects%20in%20Microsoft%20Intune%20are%20all%20managed%20in%20device%20management%20portal%3F%3C%2FP%3E%3CP%3E-%20Can%20we%20config%20a%20device%20to%20be%20under%20both%20a%20security%20baseline%20and%20a%20separate%20policy%20or%20different%20baseline%20at%20the%20same%20time%3F%3C%2FP%3E%3CP%3EI%20know%20this%20is%20basic%20but%20i%20appreciate%20all%20comments.%3C%2FP%3E%3CP%3ERegards%2C%3C%2FP%3E%3CP%3EArthur.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1522962%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMobile%20Device%20Management%20(MDM)%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESoftware%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1526064%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20baseline%20and%20antivirus%20policy%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1526064%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F729088%22%20target%3D%22_blank%22%3E%40Artylda%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYes.%20You%20can%20apply%20both%20but%20make%20sure%20there%20is%20no%20conflict%20between%20them.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Swaminathan_Arumugam_1-1594894711171.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F205765i1AE4B2BE88B654B7%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20title%3D%22Swaminathan_Arumugam_1-1594894711171.png%22%20alt%3D%22Swaminathan_Arumugam_1-1594894711171.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Visitor

Hi guys,

We are researching about the Intune MDM, security baseline to deploy as co-managed for our client but i have something unclear and want to ask:

- Is the Device security aspects in Microsoft Intune are all managed in device management portal?

- Can we config a device to be under both a security baseline and a separate policy or different baseline at the same time?

I know this is basic but i appreciate all comments.

Regards,

Arthur.

2 Replies
Highlighted

@Artylda 

 

Yes. You can apply both but make sure there is no conflict between them.

 

Swaminathan_Arumugam_1-1594894711171.png

 

Highlighted

Yeah, as already stated you can use both to configure the security policies. You need to make sure that there is no conflict, otherwise settings will not be applied. 

 

The Security Baseline should give a jump start to a recommended Enterprise Security config. 

The individual policies like AV, EDR, etc. are a way to support SecOps or Security Admins to focus on their security settings only. Finally it's up to you what works best for you, but make sure to create no conflicts :)

 

Here is the docs article for that:

https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-security-policy

 

best,

Oliver