Running other third-party endpoint protection products alongside Microsoft Defender ATP for Mac is likely to lead to performance problems and unpredictable side effects. If non-Microsoft endpoint protection is an absolute requirement in your environment, you can still safely take advantage of MDATP for Mac EDR functionality after configuring. Check Point endpoint security includes data security, network security, advanced threat prevention, forensics, endpoint detection and response (EDR), and remote access VPN solutions. To offer simple and flexible security administration, Check Point’s entire endpoint security suite can be managed centrally using a single management console.
Welcome to Microsoft Defender for Endpoint, the new name for Microsoft Defender Advanced Threat Protection. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future.
This topic describes how to install, configure, update, and use Microsoft Defender ATP for Mac.
Caution
Running other third-party endpoint protection products alongside Microsoft Defender ATP for Mac is likely to lead to performance problems and unpredictable side effects. If non-Microsoft endpoint protection is an absolute requirement in your environment, you can still safely take advantage of MDATP for Mac EDR functionality after configuring MDATP for Mac antivirus functionality to run in Passive mode.
What’s new in the latest release
Tip
If you have any feedback that you would like to share, submit it by opening Microsoft Defender ATP for Mac on your device and navigating to Help > Send feedback.
To get the latest features, including preview capabilities (such as endpoint detection and response for your Mac devices), configure your macOS device running Microsoft Defender ATP to be an 'Insider' device. See Enable Microsoft Defender ATP Insider Device.
How to install Microsoft Defender ATP for Mac
Prerequisites
A Microsoft Defender ATP subscription and access to the Microsoft Defender Security Center portal
Beginner-level experience in macOS and BASH scripting
Administrative privileges on the device (in case of manual deployment)
Installation instructions
There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
Third-party management tools:
Command-line tool:
System requirements
The three most recent major releases of macOS are supported.
Beta versions of macOS are not supported. macOS Sierra (10.12) support ended on January 1, 2020.
After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
Licensing requirements
Microsoft Defender Advanced Threat Protection for Mac requires one of the following Microsoft Volume Licensing offers:
Microsoft 365 E5 (M365 E5)
Microsoft 365 E5 Security
Microsoft 365 A5 (M365 A5)
Note
Eligible licensed users may use Microsoft Defender Advanced Threat Protection on up to five concurrent devices.Microsoft Defender Advanced Threat Protection is also available for purchase from a Cloud Solution Provider (CSP). When purchased via a CSP, it does not require Microsoft Volume Licensing offers listed.
Network connections
The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an allow rule specifically for them.
Spreadsheet of domains list
Description
Spreadsheet of specific DNS records for service locations, geographic locations, and OS. Download the spreadsheet here.
Microsoft Defender ATP can discover a proxy server by using the following discovery methods:
Proxy autoconfig (PAC)
Web Proxy Autodiscovery Protocol (WPAD)
Manual static proxy configuration
If a proxy or firewall is blocking anonymous traffic, make sure that anonymous traffic is permitted in the previously listed URLs.
Warning
Authenticated proxies are not supported. Ensure that only PAC, WPAD, or a static proxy is being used.
Eset Endpoint Security For Mac Download
SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Microsoft Defender ATP for Mac to the relevant URLs without interception. Adding your interception certificate to the global store will not allow for interception.
To test that a connection is not blocked, open https://x.cp.wd.microsoft.com/api/report and https://cdn.x.cp.wd.microsoft.com/ping in a browser.
If you prefer the command line, you can also check the connection by running the following command in Terminal:
The output from this command should be similar to the following:
OK https://x.cp.wd.microsoft.com/api/report
OK https://cdn.x.cp.wd.microsoft.com/ping
Caution
We recommend that you keep System Integrity Protection (SIP) enabled on client devices. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default.
Once Microsoft Defender ATP is installed, connectivity can be validated by running the following command in Terminal:
Mcafee Endpoint Security For Mac Dat Download
How to update Microsoft Defender ATP for Mac
Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. To learn more, see Deploy updates for Microsoft Defender ATP for Mac
How to configure Microsoft Defender ATP for Mac
Guidance for how to configure the product in enterprise environments is available in Set preferences for Microsoft Defender ATP for Mac.
macOS kernel and system extensions
In alignment with macOS evolution, we are preparing a Microsoft Defender ATP for Mac update that leverages system extensions instead of kernel extensions. Visit What's new in Microsoft Defender Advanced Threat Protection for Mac for relevant details.
Resources
For more information about logging, uninstalling, or other topics, see the Resources page.
Endpoint Security Vpn For Mac Catalina Download
Clean Install
McAfee defines a clean installation as a deployment where there are no elements of McAfee software pre-existing on the endpoint. See “Upgrades” if there is pre-existing software.
Review the Supported Environments documentation to ensure that the environment is compatible before deploying McAfee Endpoint Security:
Review Reference Configurations, which are deployment scenarios that have undergone extensive testing to ensure proper sequencing and improve ease of execution. Each Reference Configuration document contains a product mix that has been validated to work together properly for a specific type of customer profile. Review the following article to learn more and find the applicable Reference Configuration:
Review the guides below for information about how to install McAfee Endpoint Security and for additional details regarding system requirements.
Note: All McAfee Endpoint Security module features are enabled by default.
In the event an issue is encountered during installation, see the following documentation:
Upgrade
McAfee defines an upgrade as a deployment where a version of McAfee Endpoint Security already exists on the endpoint. See “Migration” if legacy McAfee software (McAfee VirusScan Enterprise, McAfee Host Intrusion Prevention, and McAfee SiteAdvisor Enterprise) already exists on the endpoint.
Review the Supported Environments documentation to ensure that the environment is compatible before deploying McAfee Endpoint Security:
Use the McAfee Endpoint Upgrade Assistant (EUA) to automate the upgrade process. The EUA analyzes the endpoints in your McAfee ePO environment, detects the supported McAfee products that are installed, and determines the minimum security requirements for upgrading to the current product versions. These steps ensure a successful upgrade.
In the event an issue is encountered during upgrades, see the following documentation: