Installing and configuring #Azure Advanced Threat Protection on Microsoft 365 #Enterprise #Mobility + #Security #Office365

Hi Guys, today we are working on the services in the Enterprise Mobility + Security, under the name Azure Advanced Threat Protection.
If you interested in a demo is merely a click in this URL:
https://www.microsoft.com/es-es/cloud-platform/enterprise-mobility-security-pricing

Who is Azure Advanced Threat Protection (ATP)?

It is a service to secure and protect your hybrid enterprise environments for multiple events and cyber attacks, inside and outside in the organizations.

For more details, please click here: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/what-is-atp

The lab environment.

My lab environment is straightforward the components are:
– Windows Server 2006 Standard Edition Single Domain Controller

image

image

– Azure AD Connect synchronization with my tenant in Office 365 (peterdiaz.es) under the domain peterdiazmvp.com

image

image

– The sensor is connecting with Azure ATP in active reporting health status, issues, and alerts.

How to install the agent sensor in the server?

It is the first step to reporting logs and alert for the ATP services on Azure, simple how to connect in the URL where do you have the tenant in my case is https://XXXXXXX.atp.azure.com
Go to configuration and download and install the sensor in the server, after the installation you will need copy and paste the code generates.

image

After the installation will check the services on the windows server.

image
Well, immediately the sensor detected an issue in the server, the audits policies are not enabled, it is essential because with this audits all the security and systems logs will up for any alert risk or attack.

Automatically the ATP open a ticket for our attention.

image
To close and solver the risk is easy and simple, go to group policy management console in the server and edit the policy to enabling the audits logs:

Computer Configuration – Windows Settings –Security Settings – Advanced Audit Policy Configuration – Audit Policies

Enable: Account Logon – Audit Credential Validation  and Account Management – Audit Security Group Management

image

image

Cheers.

Peter Frank

MVP-MCT-MCSE

SPS Madrid 2018 #SPSMAD #Skype4B #MSTEAMS

image

Hola a todos.

El pasado 9 de junio, tuve el honor de asistir al SPS Madrid 2018 como ponente.

http://www.spsevents.org/city/Madrid/Madrid2018/speakers

En esta ocasión mi charla estaba enfocada en los diferentes escenarios de migración de Skype for Business a Microsoft Teams.

Quiero agradecer a todas las personas que han asistido a mi sesión, también dar un especial reconocimiento a la organización del evento.

Si no pudisteis asistir te dejo la URL donde puedes escuchar y ver la charla en offline.

https://www.youtube.com/watch?v=WyLXjN8JH3E&t=1266s

También os dejo algunos Tweets del evento:

image

image

image

Peter Frank

MVP-MCT-MCSE +2

Entrevista en CompartiMOSS

 

http://www.compartimoss.com/revistas/numero-32/entrevista-a-peter-frank

 

image

Peter Diaz

Peter Diaz
Miembro de la Comunidad Office 365
Follow Microsoft UC en Español on WordPress.com

Escriba su dirección de correo electrónico para seguir este blog y recibir notificaciones de nuevos mensajes por correo electrónico.