Microsoft’s security tool can now spot rogue devices on your network
Microsoft Defender for Endpoint’s new ability to monitor and protect unmanaged devices has now reached general availability.
Microsoft Defender for Endpoint (formerly Defender ATP), gives security teams visibility over unmanaged devices running on their networks. It’s a cloud-based security service that gives security teams incident response and investigation tools and lives as an instance in Azure. It’s distinct from Microsoft Defender antivirus that ships with Windows 10.
Microsoft pushed the public preview of this unmanaged device capability to public preview in April, as ZDNet reported at the time. The feature aims to alleviate post-pandemic hybrid work security risks, where people may be using their own computers and devices from home, then bring them to work and connect to the corporate network.
It’s meant to tackle the unknown threats that may arise from devices that have been compromised at home and then brought into work.
The new capabilities should make it easier to discover and secure unmanaged PCs, mobile devices, servers, and network devices on a business network.
The GA release allows security teams to discover devices connected to a corporate network, onboard devices once they’ve been discovered, and then review assessments and address threats and vulnerabilities on newly discovered devices.
Juniper Networks driven by Mist AI delivers the secure AI-Driven Enterprise, focused on optimizing user experiences from client-to-cloud and simplifying IT operations across the WLAN, LAN, WAN, and cloud.
Mist AI revolutionizes traditional networks that are riddled with complexity and technical debt with AI-driven insights and automation for unprecedented scalability, reliability and agility.
Defender for Endpoint will let teams discover unmanaged workstations, servers, and mobile endpoints across Windows, Linux, macOS, iOS, and Android platforms that haven’t been onboarded and secured.
It also covers network devices, such as switches, routers, firewalls, WLAN controllers, VPN gateways. These can also can be discovered and put on the device inventory using periodic authenticated scans of preconfigured network devices.
Security teams will be able to see the new features for unmanaged devices within the Microsoft 365 Defender user interface in “Device inventory”.
“Now that these features have reached general availability, you will notice that endpoint discovery is already enabled on your tenant. This is indicated by a banner that appears in the Endpoints\Device inventory section of the Microsoft 365 Defender console,” said Microsoft’s Chris Hallum.
The banner will vanish on July 19, 2021 and the default behavior for discovery will be switched from Basic to Standard. Standard discovery is an active discovery method that relies on already-managed devices to probe the network for unmanaged devices.
“At this time, Standard discovery will enable the collection of a broader range of device-related properties and it will also perform improved device classification. The switch to Standard mode was verified as having negligible network implications during the public preview
IT support – the right way
Business owners aren’t getting what they pay for when it comes to IT support – this simply isn’t acceptable. Our team offers a wide range of managed IT service plans specifically catered to fit your organisation’s needs whatever your budget. We utilise cutting edge technology to improve the efficiency of your business whilst simultaneously ensuring we adhere to your company ethos and the way that you like to do things. Get in contact and find out how we can work together to achieve your goals with IT as a powerful weapon in your arsenal.