Sunday, June 20, 2021
Home Advanced Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux

Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux

0
0
Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux
  • four minutes to learn

Indispensable

PUBLIC PREVIEW EDITION

This documentation is for a pre-liberate decision. The pointers and the decision are enviornment to commerce between now and its frequent availability.

As with all pre-liberate decision, acquire in thoughts to convey warning when determining the purpose inhabitants to your deployments.

While you occur to’ve preview capabilities turned into on throughout the Microsoft Defender Security Middle, you wishes in order to rep true of entry to the Linux onboarding web page straight. While you occur to’ve not but opted into previews, we allow you to to flip on preview functions throughout the Microsoft Defender Security Middle proper this second time.

This matter describes easy methods to set up, configure, alternate, and exhaust Microsoft Defender Progressed Menace Security (Microsoft Defender ATP) for Linux.

Warning

Working numerous third-celebration endpoint safety merchandise alongside Microsoft Defender ATP for Linux is susceptible to trigger efficiency points and unpredictable gadget errors.

Probably probably the most attention-grabbing formulation to put in Microsoft Defender ATP for Linux

Have to haves

  • Rep entry to to the Microsoft Defender Security Middle portal
  • Newbie-stage skills in Linux and BASH scripting
  • Administrative privileges on the software (in case of guide deployment)

Recognized factors

  • Logged on clients impression not seem throughout the ATP portal.

  • Working the product on CentOS / RHEL / Oracle Linux 7.Zero or 7.1 with kernel variations lower than 3.10.0-327 might presumably properly conclude up in hanging the working gadget. We advocate that you just simply give a steal to to mannequin 7.2 or extra contemporary.

  • In SUSE distributions, if the arrange of libatomic1 fails, chances are you’ll need to at all times validate that your OS is registered:

    $ sudo SUSEConnect --online page-textual notify
    

Arrange directions

There are numerous techniques and deployment instruments that you just simply might presumably properly presumably additionally exhaust to put in and configure Microsoft Defender ATP for Linux.

In frequent chances are you’ll need to at all times resolve the subsequent steps:

While you occur to skills any arrange disasters, seek the advice of with Troubleshooting set up screw ups in Microsoft Defender ATP for Linux.

Machine necessities

  • Supported Linux server distributions and variations:

    • Crimson Hat Endeavor Linux 7.2 or elevated
    • CentOS 7.2 or elevated
    • Ubuntu 16.04 LTS or elevated LTS
    • Debian 9 or elevated
    • SUSE Linux Endeavor Server 12 or elevated
    • Oracle Linux 7.2 or elevated
  • Minimal kernel mannequin 3.10.0-327

  • The fanotify kernel chance should be enabled

    Warning

    Working Microsoft Defender ATP for Linux aspect by aspect with numerous fanotify-based principally security options is not supported. It might presumably properly consequence in unpredictable outcomes, together with hanging the working gadget.

  • Disk jabber: 650 MB

  • The decision presently supplies true-time safety for the subsequent file gadget varieties:

    • btrfs
    • ext2
    • ext3
    • ext4
    • tmpfs
    • xfs

    Extra file gadget varieties will seemingly be added in some unspecified time sooner or later.

After you have enabled the supplier, chances are you’ll presumably properly presumably must configure your community or firewall to allow outbound connections between it and your endpoints.

Neighborhood connections

The next desk lists the companies and merchandise and their related URLs that your community ought in order to connect with. You may need to be apparent that there at the moment are not any firewall or community filtering rules that can presumably properly exclaim rep true of entry to to those URLs. If there are, chances are you’ll presumably properly presumably must assemble an permit rule particularly for them.

Service plight DNS file
Frequent URLs for all places x.cp.wd.microsoft.com

cdn.x.cp.wd.microsoft.com

european-cdn.x.cp.wd.microsoft.com

wu-cdn.x.cp.wd.microsoft.com

officecdn-microsoft-com.akamaized.rep

crl.microsoft.com

occasions.recordsdata.microsoft.com
European Union europe.x.cp.wd.microsoft.com

european-v20.occasions.recordsdata.microsoft.com

usseu1northprod.blob.core.home windows.rep 

usseu1westprod.blob.core.home windows.rep
United Kingdom unitedkingdom.x.cp.wd.microsoft.com

uk-v20.occasions.recordsdata.microsoft.com

ussuk1southprod.blob.core.home windows.rep 

ussuk1westprod.blob.core.home windows.rep
United States unitedstates.x.cp.wd.microsoft.com

us-v20.occasions.recordsdata.microsoft.com

ussus1eastprod.blob.core.home windows.rep 

ussus1westprod.blob.core.home windows.rep

Microsoft Defender ATP can sight a proxy server by the exhaust of the subsequent discovery techniques:

  • Clear proxy
  • Handbook static proxy configuration

If a proxy or firewall is blockading nameless on-line web page guests, be apparent that nameless on-line web page guests is allowed throughout the beforehand listed URLs. For clear proxies, no further configuration is compulsory for Microsoft Defender ATP. For static proxy, apply the steps in Handbook Static Proxy Configuration.

Warning

PAC, WPAD, and authenticated proxies at the moment are not supported. Make sure that that the majority productive a static proxy or clear proxy is being susceptible.

SSL inspection and intercepting proxies are additionally not supported for security causes. Configure an exception for SSL inspection and your proxy server to straight cross via recordsdata from Microsoft Defender ATP for Linux to the related URLs with out interception. Including your interception certificates to the world retailer will not permit for interception.

For troubleshooting steps, look Troubleshoot cloud connectivity points for Microsoft Defender ATP for Linux.

Probably probably the most attention-grabbing formulation to alternate Microsoft Defender ATP for Linux

Microsoft time and again publishes utility updates to present a steal to efficiency, security, and to converse contemporary capabilities. To interchange Microsoft Defender ATP for Linux, seek the advice of with Deploy updates for Microsoft Defender ATP for Linux.

Probably probably the most attention-grabbing formulation to configure Microsoft Defender ATP for Linux

Steering for easy methods to configure the product in enterprise environments is supplied in Put preferences for Microsoft Defender ATP for Linux.

Sources

  • For extra data about logging, uninstalling, or numerous topic points, look Sources.

LEAVE A REPLY

Please enter your comment!
Please enter your name here