Microsoft Defender (for Business) not showing onboarded device via Intune
I am having some real fun with Devices not being shown in Microsoft Defender (for Business) after following the necessary instructions provided by Microsoft. Devices are not showing in the Microsoft Defender portal. I have used the local onboarding scripting method and gone directly through Intune. Would there be a conflict running the two? The account being used to perform these tasks is a Global Admin (even with Security Administrator rights). In respect of Intune, the Connection service between Intune and Defender for Endpoint (EDR) is fine. I have used a preconfigured EDR policy option to onboard the device, and I have checked the registry key HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection, which states an OnboardingInfo value, indicating that a device has been onboarded to Microsoft Defender for Endpoint. I do have an issue relating to Default Device Compliance Policy - Has a compliance policy assigned and a policy issue for 'create local admin user account', but Intune is saying the device is compliant. Would these issues cause an issue, and what else should I check for?
Turn on Memory Integrity through Microsoft Intune
Hi, Question: How to turn on the following setting through Microsoft Intune? Windows Security > Device Security > Core isolation > Memory Integrity (It says: Memory integrity is off. Your device may be vulnerable.) Applied licenses: Microsoft Intune Suite + Microsoft Defender for Endpoint P2 Client OS: Windows 11 It has been weeks since I already applied the following through the Security Baseline Policy for Windows 10 and Later but still the Memory Integrity has not got enabled on any client: Device Guard Credential Guard: (Enabled with UEFI lock): Turns on Credential Guard with UEFI lock. Enable Virtualization Based Security: enable virtualization based security. Require Platform Security Features: Turns on VBS with Secure Boot and direct memory access (DMA). ------ Virtualization Based Technology Hypervisor Enforced Code Integrity: (Enabled with UEFI lock) Turns on Hypervisor-Protected Code Integrity with UEFI lock. The Windows Baseline Security has got applied successfully on all endpoints without any errors or conflicts. Intune Sync and device restart have been performed 100s of times but in vain. Any suggestions would be highly appreciated.
MS Defender prompting sign-in on iOS Devices
MS Defender is deployed with VPN Tunnel access on iOS device. Tunnel is set to On-Demand VPN. These devices are added to Azure and managed by Intune. Launching a managed app that requires VPN access does not automatically enable Tunnel. Instead, users are prompted that they need to sign-in to Defender. Launching MS Defender does not resolve the prompt, but launching Comp Portal does. There is no prompt to sign-in to Defender unless trying to access a company application. That means before launching ANY company application, the user should validate Comp Portal and MS Defender first, then try to access the resource. This process is extremely inefficient. Why is it that in certain instances MS Defender cannot implement the VPN "on-demand"?