The Microsoft Security Center is the primary authority on Defender for Endpoint documentation.
- Navigate to Administration > Client Settings.
- Deploy the UBIT Defender Endpoint Management Client Settings Policy to your machines.
- Configure the Group tag for your machines.
- Navigate to Assets and Compliance > Compliance Settings.
- Create a Configuration Item modeled off /Dept/DEPT - Windows Defender Tag for workstations.
- Create a Configuration Baseline modeled off Windows Defender Tagging - Registry Key.
- Deploy the Configuration Baseline to your machines to set the Registry Key.
- Enroll your Defender clients in the MDE console.
- Navigate to Assets and Compliance, Endpoint Protection > Microsoft Defender ATP Policies.
- Deploy UBIT Microsoft Defender for Endpoint Onboarding Policy to make your Defender clients enroll in the Microsoft Security Console.
- Remove Symantec Endpoint, if present.
- Deploy the Application "UBIT Symantec Endpoint Full Removal" as an Uninstall action.
It is safe to configure Microsoft Defender and Defender for Endpoint before removing Symantec.
- Pre-stage your department's GROUP tag in the registry using Group Policy or a script.
- Start a Jump session on the target machine. This can be initiated by a user, or you can connect to a pre-installed Jump Client.
- From the Command Shell tab, start a new remote Command Shell.
- From the Scripts menu, choose Software > Install WDATP.
Please note: While Defender will run with the default settings, your client may need to connect to campus networks to receive Group Policy settings including AV configuration and firewall rules.
You can also uninstall Symantec Endpoint using the Unistall SEP script.
- Go to the Security Center and navigate to the MS Doc on Defender Onboarding.
- Create all of the individual Configuration Profiles per the Microsoft Documentation. Prefix all of your Profiles with "DEPT" so we can tell them apart in the console. The default settings are fully functional.
See the Macs and Defender page for details.