Inicio » Skype For Business » Installing and configuring #Azure Advanced Threat Protection on Microsoft 365 #Enterprise #Mobility + #Security #Office365

Installing and configuring #Azure Advanced Threat Protection on Microsoft 365 #Enterprise #Mobility + #Security #Office365

Hi Guys, today we are working on the services in the Enterprise Mobility + Security, under the name Azure Advanced Threat Protection.
If you interested in a demo is merely a click in this URL:
https://www.microsoft.com/es-es/cloud-platform/enterprise-mobility-security-pricing

Who is Azure Advanced Threat Protection (ATP)?

It is a service to secure and protect your hybrid enterprise environments for multiple events and cyber attacks, inside and outside in the organizations.

For more details, please click here: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/what-is-atp

The lab environment.

My lab environment is straightforward the components are:
– Windows Server 2006 Standard Edition Single Domain Controller

image

image

– Azure AD Connect synchronization with my tenant in Office 365 (peterdiaz.es) under the domain peterdiazmvp.com

image

image

– The sensor is connecting with Azure ATP in active reporting health status, issues, and alerts.

How to install the agent sensor in the server?

It is the first step to reporting logs and alert for the ATP services on Azure, simple how to connect in the URL where do you have the tenant in my case is https://XXXXXXX.atp.azure.com
Go to configuration and download and install the sensor in the server, after the installation you will need copy and paste the code generates.

image

After the installation will check the services on the windows server.

image
Well, immediately the sensor detected an issue in the server, the audits policies are not enabled, it is essential because with this audits all the security and systems logs will up for any alert risk or attack.

Automatically the ATP open a ticket for our attention.

image
To close and solver the risk is easy and simple, go to group policy management console in the server and edit the policy to enabling the audits logs:

Computer Configuration – Windows Settings –Security Settings – Advanced Audit Policy Configuration – Audit Policies

Enable: Account Logon – Audit Credential Validation  and Account Management – Audit Security Group Management

image

image

Cheers.

Peter Frank

MVP-MCT-MCSE


Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión /  Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión /  Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión /  Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión /  Cambiar )

Conectando a %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Peter Diaz

Peter Diaz
Miembro de la Comunidad Office 365
Follow Microsoft UC en Español on WordPress.com

Introduce tu dirección de correo electrónico para seguir este Blog y recibir las notificaciones de las nuevas publicaciones en tu buzón de correo electrónico.

A %d blogueros les gusta esto: