Azure ATP (Microsoft Defender for Identity), is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
You can enter the Azure ATP portal either by logging in to the portal https://portal.atp.azure.com and selecting your instance, or browsing to the instance URL:
https://<instancename>.atp.azure.com
, such as https://51sec.atp.azure.com
After logged in, there are a couple of steps to follow to get your instance up and running. You will need to activate your ATP with a sensor installation.
1 Click Sensors menu on the left side
2 Download Azure ATP Sensor setup file, either on Domain controller or one of domain member servers. If it is not on Domain controller, you will need to set up mirroring traffic from DC to your member server.
3 Double click exe file to start installation.
5 Enter the access key to link the standalone sensor installation to your Azure ATP instance.
6 Once installation completed, there are two services showing in the Services MMC.
7 Configure your sensor.
8 Modify and change your configuration of sensor, making sure it can reach out to your DC.
via Blogger https://ift.tt/31mHhFo
October 19, 2020 at 02:20PM Cloud