Onboard to the Microsoft Defender for Endpoint service
Applies to:
Learn about the various phases of deploying Microsoft Defender for Endpoint and how to configure the capabilities within the solution.
Deploying Defender for Endpoint is a three-phase process:
 Phase 1: Prepare |
 Phase 2: Setup |
 Phase 3: Onboard |
|---|---|---|
| You are here! |
You are currently in the onboarding phase.
These are the steps you need to take to deploy Defender for Endpoint:
- Step 1: Onboard endpoints to the service
- Step 2: Configure capabilities
Step 1: Onboard endpoints using any of the supported management tools
The Plan deployment topic outlines the general steps you need to take to deploy Defender for Endpoint.
Watch this video for a quick overview of the onboarding process and learn about the available tools and methods.
After identifying your architecture, you'll need to decide which deployment method to use. The deployment tool you choose influences how you onboard endpoints to the service.
Onboarding tool options
The following table lists the available tools based on the endpoint that you need to onboard.
| Endpoint | Tool options |
|---|---|
| Windows | Local script (up to 10 devices) Group Policy Microsoft Endpoint Manager/ Mobile Device Manager Microsoft Endpoint Configuration Manager VDI scripts |
| macOS | Local scripts Microsoft Endpoint Manager JAMF Pro Mobile Device Management |
| Linux Server | Local script Puppet Ansible |
| iOS | App-based |
| Android | Microsoft Endpoint Manager |
Step 2: Configure capabilities
After onboarding the endpoints, you'll then configure the various capabilities such as endpoint detection and response, next-generation protection, and attack surface reduction.
Example deployments
In this deployment guide, we'll guide you through using two deployment tools to onboard endpoints and how to configure capabilities.
The tools in the example deployments are:
- Onboarding using Microsoft Endpoint Configuration Manager
- Onboarding using Microsoft Endpoint Manager
Using the mentioned deployment tools above, you'll then be guided in configuring the following Defender for Endpoint capabilities:
- Endpoint detection and response configuration
- Next-generation protection configuration
- Attack surface reduction configuration