MicrosoftDocs
Confusing information
Hi,
Thanks for all the docs on this. Still finding it quite confusing as are other people in my business reviewing this.
The onboarding information with SCCM is quite confusing. One point I would like to know or be made more clear is can you just download any OS configuration file, add in the Workspace ID and Workspace key and that will work for every operating system? So you might as well just do that than download and create a configuration file and policy for every OS.
Another thing to be made clearer is what exactly does the MDE Client Settings do? You still have to download the configuration file. Does that setting just deploy the Defender software to 2008 R2 and 2012 devices?
Also, under supported systems the 2008 R2 OS isn't listed but then it is an option in the configuration file onboarding dropdown.
Does onboarding enable the Windows Defender ATP Process on machines even when they are in passive mode / EDR block mode and can cause a performance hit?
The following page looks to be on the same topic but adds further confusion. It says that you need to install the Endpoint Role in SCCM for this but there is no mention of that here: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-endpoints-sccm?view=o365-worldwide
Thanks. Hopefully my questions and thoughts will make it easier for other people going through these docs.
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.
- ID: 4ea5be34-a969-e46b-4fc0-ccca775265bb
- Version Independent ID: 209b8abb-88f7-f3a0-385a-56a6a9fdce23
- Content: Microsoft Defender for Endpoint - Configuration Manager
- Content Source: memdocs/configmgr/protect/deploy-use/defender-advanced-threat-protection.md
- Product: configuration-manager
- Technology: configmgr-protect
- GitHub Login: @BalaDelli
- Microsoft Alias: baladell
