Back in 2016, Microsoft announced in Ignite the release of Defender Advanced Threat Protection as a premium Office 365
Defender Advanced Threat Protection (ATP) us an intelligent security system that protects endpoints from cyber threats and data breaches and attacks next-generation protection tools and services.
To get ATP working you will need and a Microsoft 365 E5 license.
Because I am using Microsoft Intune with Microsoft 365 E5, I can enable the service and Intune to push the configuration to my clients and protect them with ATP.
To enable ATP, I will go the Microsoft Intune portal Windows Defender ATP and click on Open Windows Defender Security Center.
From the welcome screen I will start the Wizard to enable ATP
The first step is to setup the data storage location which comes with 3 locations
Next I will setup the date retention time in days
And numbers of machines
Once the configuration is done I will click continue to finish the ATP instance setup.
In the section below, I will show how to onboard machines to Defender ATP using Microsoft Intune.
In the onboard page, I will select Intune and click on Download Package to download the configuration which will use later on the enrol machines.
Below you can see the downloaded package, I will unzip in and make it ready.
Intune Configuration (Create Device configuration Policy)
New the ATP is configured and I have the onboarding package ready, I will access Microsoft Intune portal -> Device Configuration -> Profiles and Create new profile
In the new Device configuration I will create a new profile by selecting Windows Advance Threat Protection and upload the configuration file
Once the configuration file is loaded I will click on Enable for both ATP options
In the alignments policy I will select all stuff
Once the policy is configured all E5 users on Windows 10 machines will be onboarded to Defender ATP.