Onboard devices to the Microsoft Defender for Endpoint service

Applies to:


Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Want to experience Defender for Endpoint? Sign up for a free trial.

You'll need to go the onboarding section of the Defender for Endpoint portal to onboard any of the supported devices. Depending on the device, you'll be guided with appropriate steps and provided management and deployment tool options suitable for the device.

In general, to onboard devices to the service:

  • Verify that the device fulfills the minimum requirements
  • Depending on the device, follow the configuration steps provided in the onboarding section of the Defender for Endpoint portal
  • Use the appropriate management tool and deployment method for your devices
  • Run a detection test to verify that the devices are properly onboarded and reporting to the service

Onboarding tool options

The following table lists the available tools based on the endpoint that you need to onboard.

Endpoint Tool options
Windows Local script (up to 10 devices)

Group Policy

Microsoft Endpoint Manager/ Mobile Device Manager

Microsoft Endpoint Configuration Manager

VDI scripts

Integration with Azure Defender

macOS Local scripts

Microsoft Endpoint Manager


Mobile Device Management

Linux Server Local script



iOS App-based
Android Microsoft Endpoint Manager

In this section

Topic Description
Onboard previous versions of Windows Onboard Windows 7 and Windows 8.1 devices to Defender for Endpoint.
Onboard Windows 10 devices You'll need to onboard devices for it to report to the Defender for Endpoint service. Learn about the tools and methods you can use to configure devices in your enterprise.
Onboard servers Onboard Windows Server 2008 R2 SP1, Windows Server 2012 R2, Windows Server 2016, Windows Server (SAC) version 1803 and later, Windows Server 2019 and later, and Windows Server 2019 core edition to Defender for Endpoint.
Onboard non-Windows devices Defender for Endpoint provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Microsoft Defender Security Center and better protect your organization's network. This experience leverages on a third-party security products' sensor data.
Run a detection test on a newly onboarded device Run a script on a newly onboarded device to verify that it is properly reporting to the Defender for Endpoint service.
Configure proxy and Internet settings Enable communication with the Defender for Endpoint cloud service by configuring the proxy and Internet connectivity settings.
Troubleshoot onboarding issues Learn about resolving issues that might arise during onboarding.

Want to experience Defender for Endpoint? Sign up for a free trial.