Plan your Microsoft Defender ATP deployment
Welcome to Microsoft Defender for Endpoint, the new name for Microsoft Defender Advanced Threat Protection. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future.
Want to experience Microsoft Defender ATP? Sign up for a free trial.
Depending on the requirements of your environment, we've put together material to help guide you through the various options you can adopt to deploy Microsoft Defender ATP.
These are the general steps you need to take to deploy Microsoft Defender ATP:
- Identify architecture
- Select deployment method
- Configure capabilities
Step 1: Identify architecture
We understand that every enterprise environment is unique, so we've provided several options to give you the flexibility in choosing how to deploy the service.
Depending on your environment, some tools are better suited for certain architectures.
Use the following material to select the appropriate Microsoft Defender ATP architecture that best suites your organization.
PDF | Visio
|The architectural material helps you plan your deployment for the following architectures:
Step 2: Select deployment method
Microsoft Defender ATP supports a variety of endpoints that you can onboard to the service.
The following table lists the supported endpoints and the corresponding deployment tool that you can use so that you can plan the deployment appropriately.
|Windows||Local script (up to 10 devices)
Microsoft Endpoint Manager/ Mobile Device Manager
Microsoft Endpoint Configuration Manager
Microsoft Endpoint Manager
Mobile Device Management
|Linux Server||Local script
|Android||Microsoft Endpoint Manager|
Step 3: Configure capabilities
After onboarding endpoints, configure the security capabilities in Microsoft Defender ATP so that you can maximize the robust security protection available in the suite. Capabilities include:
- Endpoint detection and response
- Next-generation protection
- Attack surface reduction