- Article
- 10 minutes to read
Applies to:
- Manage Microsoft Defender for Endpoint on devices with Microsoft Intune
- Microsoft Defender for Endpoint
- Microsoft 365 Defender
Security Management for Microsoft Defender for Endpoint is a capability for devices that aren't managed by Microsoft Intune or Microsoft Configuration Manager to receive security configurations for Microsoft Defender for Endpoint directly from Intune.For more information on Security Management for Microsoft Defender for Endpoint, see Manage Microsoft Defender for Endpoint on devices with Microsoft Intune.
For Security Management for Microsoft Defender for Endpoint onboarding instructions, see Microsoft Defender for Endpoint Security Configuration Management
This end-to-end onboarding is designed to be frictionless and doesn't require user input. However, if you encounter issues during onboarding, you can view and troubleshoot errors within the Microsoft Defender for Endpoint platform.
Note
If you are having issues with the onboarding flow for new devices, review the Microsoft Defender for Endpoint prerequisites and make sure the onboarding instructions are followed.
For more information about the client analyzer, see Troubleshoot sensor health using Microsoft Defender for Endpoint Client Analyzer.
Registering domain joined computers with Azure Active Directory
To successfully register devices to Azure Active Directory, you'll need to ensure the following:
- Computers can authenticate with the domain controller
- Computers have access to the following Microsoft resources from inside your organization's network:
- /windows/iot/iot-enterprise/commercialization/licensing
- https://login.microsoftonline.com
- https://device.login.microsoftonline.com
- Azure AD connect is configured to sync the computer objects. By default, computer OUs are in Azure AD connect sync scope. If the computer objects belong to specific organizational units (OUs), configure the OUs to sync in Azure AD Connect. To learn more about how to sync computer objects by using Azure AD Connect, see Organizational unit–based filtering.
Important
Azure AD connect does not sync Windows Server 2012 R2 computer objects. If you need to register them with Azure AD for Security Management for Microsoft Defender for Endpoint, then you'll need to customize Azure AD connect sync rule to include those computer objects in sync scope. See Instructions for applying Computer Join rule in Azure Active Directory Connect.
Note
To successfully complete the onboarding flow, and independent of a device's Operating System, the Azure Active Directory state of a device can change, based on the devices' initial state:
| Starting Device State | New Device State |
|---|---|
| Already AADJ or HAADJ | Remains as is |
| Not AADJ or Hybrid Azure Active Directory Join (HAADJ) + Domain joined | Device is HAADJ'd |
| Not AADJ or HAADJ + Not domain joined | Device is AADJ'd |
Where AADJ represents Azure Active Directory Joined and HAADJ represents Hybrid Azure Active Directory Joined.
Troubleshoot errors from the Microsoft Defender for Endpoint portal
Through the Microsoft Defender for Endpoint portal, security administrators can now troubleshoot Security Management for Microsoft Defender for Endpoint onboarding.
In Configuration management the Onboarded via MDE security management widget has been added to present the enrollment status breakdown of Microsoft Defender for Endpoint-managed devices.
To see a list of all devices managed by Microsoft Defender for Endpoint, select View all devices managed by MDE.
In the list, if a device's enrollment status is not "Success", select the device to see troubleshooting details in the side panel, pointing to the root cause of the error, and corresponding documentation.
Note
We are aware of an issue impacting the accurate detection of third-party MDMs when trying to use the security management feature and are working on a fix.
Run Microsoft Defender for Endpoint Client Analyzer on Windows
Consider running the Client Analyzer on endpoints that are failing to complete the Security Management for Microsoft Defender for Endpoint onboarding flow. For more information about the client analyzer, see Troubleshoot sensor health using Microsoft Defender for Endpoint Client Analyzer.
The Client Analyzer output file (MDE Client Analyzer Results.htm) can provide key troubleshooting information:
Verify that the device OS is in scope for Security Management for Microsoft Defender for Endpoint onboarding flow in General Device Details section
Verify that the device has successfully registered to Azure Active Directory in Device Configuration Management Details
In the Detailed Results section of the report, the Client Analyzer also provides actionable guidance.
Tip
Make sure the Detailed Results section of the report does not include any "Errors", and make sure to review all "Warning" messages.
For example, as part of the Security Management onboarding flow, it is required for the Azure Active Directory Tenant ID in your Microsoft Defender for Endpoint Tenant to match the SCP Tenant ID that appears in the reports' Device Configuration Management Details section. If relevant, the report output will recommend to perform this verification.
General troubleshooting
If you weren't able to identify the onboarded device in Azure AD or in the Intune admin center, and did not receive an error during the enrollment, checking the registry key Computer\\HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\SenseCM\\EnrollmentStatus can provide additional troubleshooting information.
The following table lists errors and directions on what to try/check in order to address the error. Note that the list of errors is not complete and is based on typical/common errors encountered by customers in the past:
| Error Code | Enrollment Status | Administrator Actions |
|---|---|---|
5-7, 9, 11-12, 26-33 | General error | The device was successfully onboarded to Microsoft Defender for Endpoint. However, there was an error in the security configuration management flow. This could be due to the device not meeting prerequisites for Microsoft Defender for Endpoint management channel. Running the Client Analyzer on the device can help identify the root cause of the issue. If this doesn't help, please contact support. |
8, 44 | Microsoft Intune Configuration issue | The device was successfully onboarded to Microsoft Defender for Endpoint. However, Microsoft Intune has not been configured through the Admin Center to allow Microsoft Defender for Endpoint Security Configuration. Make sure the Microsoft Intune tenant is configured and the feature is turned on. |
13-14,20,24,25 | Connectivity issue | The device was successfully onboarded to Microsoft Defender for Endpoint. However, there was an error in the security configuration management flow which could be due to a connectivity issue. Verify that the Azure Active Directory and Microsoft Intune endpoints are opened in your firewall. |
10,42 | General Hybrid join failure | The device was successfully onboarded to Microsoft Defender for Endpoint. However, there was an error in the security configuration management flow and the OS failed to perform hybrid join. Use Troubleshoot hybrid Azure Active Directory-joined devices for troubleshooting OS-level hybrid join failures. |
15 | Tenant mismatch | The device was successfully onboarded to Microsoft Defender for Endpoint. However, there was an error in the security configuration management flow because your Microsoft Defender for Endpoint tenant ID doesn't match your Azure Active Directory tenant ID. Make sure that the Azure Active Directory tenant ID from your Defender for Endpoint tenant matches the tenant ID in the SCP entry of your domain. For more details, Troubleshoot onboarding issues related to Security Management for Microsoft Defender for Endpoint. |
16,17 | Hybrid error - Service Connection Point | The device was successfully onboarded to Microsoft Defender for Endpoint. However, Service Connection Point (SCP) record is not configured correctly and the device couldn't be joined to Azure AD. This could be due to the SCP being configured to join Enterprise DRS. Make sure the SCP record points to AAD and SCP is configured following best practices. For more information, see Configure a service connection point. |
18 | Certificate error | The device was successfully onboarded to Microsoft Defender for Endpoint. However, there was an error in the security configuration management flow due to a device certificate error. The device certificate belongs to a different tenant. Verify that best practices are followed when creating trusted certificate profiles. |
36 , 37 | AAD Connect misconfiguration | The device was successfully onboarded to Microsoft Defender for Endpoint. However, there was an error in the security configuration management flow due to a misconfiguration in AAD Connect. To identify what is preventing the device from registering to AAD, consider running the Device Registration Troubleshooter Tool. For Windows Server 2012 R2, run the dedicated troubleshooting instructions. |
38,41 | DNS error | The device was successfully onboarded to Microsoft Defender for Endpoint. However, there was an error in the security configuration management flow due to a DNS error. Check the internet connection and/or DNS settings on the device. The invalid DNS settings might be on the workstation's side. Active Directory requires you to use domain DNS to work properly (and not the router's address). For more information, see Troubleshoot onboarding issues related to Security Management for Microsoft Defender for Endpoint. |
40 | Clock sync issue | The device was successfully onboarded to Microsoft Defender for Endpoint. However, there was an error in the security configuration management flow. Verify that the clock is set correctly and is synced on the device where the error occurs. |
43 | MDE and ConfigMgr | The device is managed using Configuration Manager and Microsoft Defender for Endpoint. Controlling policies through both channels may cause conflicts and undesired results. To avoid this, endpoint security policies should be isolated to a single control plane. |
Azure Active Directory Runtime troubleshooting
The main mechanism to troubleshoot Azure Active Directory Runtime (AADRT) is to collect debug traces. Azure Active Directory Runtime on Windows uses ETW provider with ID bd67e65c-9cc2-51d8-7399-0bb9899e75c1. ETW traces need to be captured with the reproduction of the failure (for example if join failure occurs, the traces need to be enabled for the duration of time covering calls to AADRT APIs to perform join).
See below for a typical error in AADRT log and how to read it:
From the information in the message, it's possible in most cases to understand what error was encountered, what Win32 API returned the error (if applicable), what URL (if applicable) was used and what AAD Runtime API error was encountered.
Instructions for applying Computer Join rule in AAD Connect
For Security Management for Microsoft Defender for Endpoint on Windows Server 2012 R2 domain joined computers, an update to Azure AD Connect sync rule "In from AD-Computer Join" is needed. This can be achieved by cloning and modifying the rule, which will disable the original "In from AD - Computer Join" rule. Azure AD Connect by default offers this experience for making changes to built-in rules.
Note
These changes need to be applied on the server where AAD Connect is running. If you have multiple instances of AAD Connect deployed, these changes must be applied to all instances.
Open the Synchronization Rules Editor application from the start menu. In the rule list, locate the rule named In from AD – Computer Join. Take note of the value in the 'Precedence' column for this rule.
With the In from AD – Computer Join rule highlighted, select Edit. In the Edit Reserved Rule Confirmation dialog box, select Yes.
The Edit inbound synchronization rule window will be shown. Update the rule description to note that Windows Server 2012R2 will be synchronized using this rule. Leave all other options unchanged except for the Precedence value. Enter a value for Precedence that is higher than the value from the original rule (as seen in the rule list).
Select Next three times. This will navigate to the 'Transformations' section of the rule. Do not make any changes to the 'Scoping filter' and 'Join rules' sections of the rule. The 'Transformations' section should now be shown.
Scroll to the bottom of the list of transformations. Find the transformation for the cloudFiltered attribute. In the textbox in the Source column, select all of the text (Control-A) and delete it. The textbox should now be empty.
Paste the content for the new rule into the textbox.
IIF( IsNullOrEmpty([userCertificate]) || ( (InStr(UCase([operatingSystem]),"WINDOWS") > 0) && (Left([operatingSystemVersion],2) = "6.") && (Left([operatingSystemVersion],3) <> "6.3") ) || ( (Left([operatingSystemVersion],3) = "6.3") && (InStr(UCase([operatingSystem]),"WINDOWS") > 0) && With( $validCerts, Where( $c, [userCertificate], IsCert($c) && CertNotAfter($c) > Now() && RegexIsMatch(CertSubject($c), "CN=[{]*" & StringFromGuid([objectGUID]) & "[}]*", "IgnoreCase")), Count($validCerts) = 0) ), True, NULL)Select Save to save the new rule.
Note
After this rule change is performed, a full synchronization of your Active Directory will be required. For large environments, it is recommended to schedule this rule change and full sync during on-premise Active Directory quiet periods.
- Manage Microsoft Defender for Endpoint on devices with Microsoft Intune
FAQs
How to get troubleshooting mode for Microsoft Defender for Endpoint? ›
Enable the troubleshooting mode
Go to the Microsoft 365 Defender portal (https://security.microsoft.com), and sign in. Navigate to the device page/machine page for the device you would like to turn on troubleshooting mode. Select Turn on troubleshooting mode.
- Verify that the device fulfills the minimum requirements.
- Depending on the device, follow the configuration steps provided in the onboarding section of the Defender for Endpoint portal.
- Use the appropriate management tool and deployment method for your devices.
Defender for Endpoint endpoint detection and response capabilities provide advanced attack detections that are near real-time and actionable. Security analysts can prioritize alerts effectively, gain visibility into the full scope of a breach, and take response actions to remediate threats.
How do I fix Windows Defender problems? ›- Method 1. Turn On Real-Time Protection. ...
- Method 2. Temporarily Disable Your Third-Party Antivirus. ...
- Method 3. Restore Corrupted System Files. ...
- Method 4. Use the DISM Command To Repair System Images. ...
- Method 5. Restart the Security Center Service. ...
- Method 6. Enable Windows Defender in Group Policy. ...
- Method 7. ...
- Method 8.
- Sign in to the Microsoft Intune admin center.
- Select Endpoint security > Microsoft Defender for Endpoint, and then select Open the Microsoft Defender Security Center. ...
- In Microsoft 365 Defender, (previously the Microsoft Defender Security Center):
- In Microsoft 365 Defender, go to Settings > Device Management > Onboarding.
- Select Windows Server 1803 and 2019.
- Select Download package. ...
- Follow the steps provided in the Complete the onboarding steps section.
Choose Settings > Enable device monitoring. While it usually takes about 60 seconds for device onboarding to be enabled, please allow up to 30 minutes before engaging with Microsoft support. Open the Compliance Center settings page and choose Turn on Windows device monitoring.
What is the difference between Microsoft Defender and Defender for endpoint? ›Key Differences to Note
One key difference between the two is that Office 365 does not include any endpoint security features, whereas Microsoft Defender for Endpoint is specifically designed to help protect your business against endpoint threats.
If you see the shield your Windows Defender is running and active. Step 1: select “Update and Security” Step 2: Select “Windows Security” Page 3 Step 3: Look for “Virus & thread protection” If “Virus & threat protection” is not enabled, please do so if you wish.
How do I know if Microsoft Defender is working? ›- Select the Start menu, and begin typing PowerShell . Then open Windows PowerShell in the results.
- Type Get-MpComputerStatus .
- In the list of results, look at the AMRunningMode row. Normal means Microsoft Defender Antivirus is running in active mode.
How do I know if Microsoft Defender Offline Scan is running? ›
- Select Start, and then select Settings > Update & Security > Windows Security > Virus & threat protection.
- On the Virus & threat protection screen, under Current threats, select Scan options, and then select Protection history.
- Eliminate the blind spots in your environment.
- Discover vulnerabilities and misconfigurations in real time.
- Quickly go from alert to remediation at scale with automation.
- Block sophisticated threats and malware.
- Detect and respond to advanced attacks with deep threat monitoring and analysis.
Onboarded: The endpoint is onboarded to Microsoft Defender for Endpoint. Can be onboarded: The endpoint was discovered in the network and the Operating System was identified as one that is supported by Microsoft Defender for Endpoint, but it is not currently onboarded. We highly recommend onboarding these devices.
How do I onboard Windows devices to intune? ›Enroll Windows 10, version 1607 and later device
Use Intune Company Portal to enroll devices running on Windows 10, version 1607 and later, and Windows 11. Open Company Portal and sign in with your work or school account. On the Set up your device screen, select Next. On the Connect to work screen, select Connect.
- Open PowerShell by using Administrator rights.
- Copy and paste Get-AppxPackage Microsoft. SecHealthUI -AllUsers | Reset-AppxPackage to the PowerShell window and press enter.
- Close the PowerShell and retry.
Open the classic Control Panel (not Settings). Click on Windows Defender Firewall. Click on Restore defaults. Click on Restore defaults a second time.
What ports does Defender for endpoint use? ›| Usage | Region | Port |
|---|---|---|
| Microsoft Defender for Endpoint | WW | 443 |
| Microsoft Defender for Endpoint | US | 443 |
| Microsoft Defender for Endpoint | US | 443 |
| Microsoft Defender for Endpoint | US | 443 |
- Windows 11 Enterprise.
- Windows 11 Education.
- Windows 11 Pro.
- Windows 11 Pro Education.
- Windows 10 Enterprise.
- Windows 10 Enterprise LTSC 2016 (or later)
- Windows 10 Enterprise IoT. Note. ...
- Windows 10 Education.
You can onboard and secure up to five client devices per user license. If you have servers, you'll need the Microsoft Defender for Business servers add-on.
Does Microsoft Defender work on Servers? ›Microsoft Defender Antivirus is available in the following editions/versions of Windows Server: Windows Server 2022. Windows Server 2019. Windows Server, version 1803 or later.
How do I turn off defender onboard? ›
Windows 10 or 11
Go to the Microsoft 365 Defender portal (https://security.microsoft.com) and sign in. In the navigation pane, choose Settings, and then choose Endpoints. Under Device management, choose Offboarding.
- To create your Defender for Identity instance, you'll need an Azure AD tenant with at least one global/security administrator. ...
- You need to be a global administrator or security administrator on the tenant to access the Identity section on the Microsoft 365 Defender portal and be able to create the workspace.
- Stay in touch between the offer and start date. ...
- Share what the onboarding process looks like. ...
- Take care of paperwork swiftly. ...
- Timely access to tools and systems. ...
- Help set up your new hire's workspace. ...
- Schedule a 1:1 welcome meeting. ...
- Introduce your new hire to the team.
"Onboarding" refers to the processes in which new hires are integrated into the organization. It includes activities that allow new employees to complete an initial new-hire orientation process, as well as learn about the organization and its structure, culture, vision, mission and values.
What are the benefits of Microsoft Defender for Endpoint? ›Microsoft Defender Antivirus collects underlying system data used by threat analytics and Microsoft Secure Score for Devices. This provides your organization's security team with more meaningful information, such as recommendations and opportunities to improve your organization's security posture.
What are the benefits of Defender for Endpoint? ›Attack Surface Reduction
Attack surfaces include places where your organization is vulnerable to attacks and cyber threats. Defender for Endpoint can reduce attack surfaces on endpoints. These capabilities also include web and network protection, which regulate access to malicious domains, URLs, and IP addresses.
Information collected includes file data (such as file names, sizes, and hashes), process data (running processes, hashes), registry data, network connection data (host IPs and ports), and device details (such as device identifiers, names, and the operating system version).
How do I know if Windows Defender is blocking a program? ›Click on Windows Defender Firewall. From the left pane Allow an app or feature through Windows Defender Firewall. In the allowed apps window, scroll through all the apps. Locate the app you want to review and see if the app is checked.
What will happen if I turn off Windows Defender? ›It is possible to disable Defender, but you should not do it under ANY circumstances, as Defender only blocks Potentially Malicious Activity, so never do this unless you are ABSOLUTELY sure about the source of the program. To do this, open the Start Menu, type in Defender and hit Enter.
Can Windows Defender detect anything? ›Like other anti-malware applications, Windows Defender automatically runs in the background, scanning files when they are accessed and before user open them. When a malware is detected, Windows Defender inform you. It won't ask you what you want to do with the malicious software it finds.
What are the disadvantages of Windows Defender? ›
- Lacks integrated dashboard for all devices using Windows Defender.
- No accountability if the computer is infected by malware.
- Limited features for large scale use.
- Slows down installation of frequently-used applications.
Enabling of Windows Defender is not necessary as your computer is protected by Windows Defender.
Is Windows Defender a firewall? ›Because Windows Defender Firewall is a host-based firewall that is included with the operating system, there's no other hardware or software required. Windows Defender Firewall is also designed to complement existing non-Microsoft network security solutions through a documented application programming interface (API).
Can Windows Defender detect all viruses? ›As part of the Windows Security suite, it will search for any files or programs on your computer that can cause harm to it. Defender looks for software threats like viruses and other malware across email, apps, the cloud, and the web.
Does Windows Defender scan every day? ›Microsoft Defender Antivirus regularly scans your device to help keep it safe. We try to do this while you're not using your device so it doesn't interfere with your work. You can also schedule Microsoft Defender Antivirus to scan at a time and frequency that you choose.
How long does a full scan take Windows Defender? ›Click Show hidden icons at the bottom right‑hand side of your taskbar, and then click the Windows Defender icon. On the Windows Defender Security Center home screen, click Virus & threat protection. On the Virus & threat protection screen, click Quick Scan, which takes 45–60 minutes.
What are the different types of endpoint security? ›- Hybrid Cloud Security. Virtual Network Firewall. Denial-of-Service (DDoS) Protection.
- Cloud-native Protection. Workload Protection & Cloud Security Posture Management. DevSecOps. ...
- Web Application / API Protection. Web Application Firewall. ...
- SaaS Security. Email Security.
- Use Cases. AWS. ...
- Quick Links. Cloud Security Explained.
- Machine learning for endpoint risk scoring. The lifecycle of any given endpoint, whether a person or device, accrues large amounts of unique data about its interactions. ...
- Machine learning for attack surface flexibility. ...
- Machine learning for endpoint compliance.
- Protection from threats spread via email. ...
- Protection from malicious web downloads. ...
- Protection from exploits. ...
- Data loss protection (DLP). ...
- Application and device control. ...
- Reports and alerts.
- Check that there is a Microsoft Defender for Endpoint Service running in the Processes tab in Task Manager. ...
- Check Event Viewer > Applications and Services Logs > Operation Manager to see if there are any errors.
- In Services, check if the Microsoft Monitoring Agent is running on the server.
What does onboarded to Defender for endpoint mean? ›
Defender for Endpoint endpoint detection and response capabilities provide advanced attack detections that are near real-time and actionable. Security analysts can prioritize alerts effectively, gain visibility into the full scope of a breach, and take response actions to remediate threats.
How do I manage Microsoft Defender for endpoint? ›Sign in to the Microsoft Endpoint Manager admin center. Select Endpoint security > Microsoft Defender for Endpoint, and set Allow Microsoft Defender for Endpoint to enforce Endpoint Security Configurations to On.
How do I manage defender for endpoint with Intune? ›Find your Microsoft Defender for Endpoint settings in Intune
Go to the Azure portal (https://portal.azure.com) and sign in. Under Azure Services, choose Intune. In the navigation pane on the left, choose Device configuration, and then, under Manage, choose Profiles. Select an existing profile, or create a new one.
- Go to Start.
- Open the Settings app. ...
- Select Accounts > Access work or school > Connect. ...
- To get to your organization's Intune sign-in page, enter your work or school email address. ...
- Sign in to Intune with your work or school account.
Select Start > Settings > Update & Security > Troubleshoot, or select the Find troubleshooters shortcut at the end of this topic. Select the type of troubleshooting you want to do, then select Run the troubleshooter. Allow the troubleshooter to run and then answer any questions on the screen.
How do I put Windows 10 in troubleshoot mode? ›The Advanced Boot Options screen lets you start Windows in advanced troubleshooting modes. You can access the menu by turning on your computer and pressing the F8 key before Windows starts.
How do I get to Windows Defender settings? ›- Select Start > Settings > Update & Security > Windows Security and then Virus & threat protection > Manage settings. ...
- Switch the Real-time protection setting to Off and choose Yes to verify.
- Sign in to the Microsoft Endpoint Manager admin center.
- Select Endpoint security > Endpoint detection and response > Create Policy.
- Select the platform and profile for your policy. ...
- Select Create.
- On the Basics page, enter a name and description for the profile, then choose Next.
- Gather information. ...
- Describe the problem. ...
- Determine the most probable cause. ...
- Create a plan of action and test a solution. ...
- Implement the solution. ...
- Analyze the results. ...
- Document the process.
Safe mode starts Windows with a minimal set of drivers and services to help troubleshoot issues.
What does Windows troubleshoot do? ›
Critical troubleshooting will automatically fix things like corrupt settings that keep critical services from running, make adjustments to work with your hardware, or make other specific changes required for Windows to operate with the hardware, apps, and settings you've selected. These are changes you won't notice.
What are basic troubleshooting 5 command in Windows? ›- ping.
- tracert/traceroute.
- pathping.
- ipconfig.
- nslookup.
- netstat.
- route.
Now you can access the Troubleshooting applet with a key combo. Press Ctrl + Alt + T to open that applet and access its troubleshooters. That hotkey depends on the desktop shortcut you set it for.
How do you enter Troubleshoot settings? ›- Open Recovery settings. ...
- Under Advanced startup, select Restart now.
- After your PC restarts to the Choose an option screen, select Troubleshoot > Advanced options > Startup Settings > Restart. ...
- After your PC restarts again, select the startup setting you want to use.
Because Windows Defender Firewall is a host-based firewall that is included with the operating system, there's no other hardware or software required. Windows Defender Firewall is also designed to complement existing non-Microsoft network security solutions through a documented application programming interface (API).
How do I manually Run Windows Defender? ›To turn on Microsoft Defender Antivirus in Windows Security, go to Start > Settings > Update & Security > Windows Security > Virus & threat protection. Then, select Manage settings (or Virus & threat protection settings in early versions of Windows 10} and switch Real-time protection to On.
What command opens Windows Defender? ›You can perform various functions in Microsoft Defender Antivirus using the dedicated command-line tool mpcmdrun.exe. This utility is useful when you want to automate Microsoft Defender Antivirus tasks. You can find the utility in %ProgramFiles%\Windows Defender\MpCmdRun.exe . Run it from a command prompt.
How do you ensure endpoint security? ›- Pre-emptively block known and unknown threats. ...
- Have no negative impact on user productivity. ...
- Turn threat intelligence into prevention automatically. ...
- Protect all applications. ...
- Don't let security impact system performance. ...
- Keep legacy systems secure. ...
- Be enterprise-ready.
Endpoint security is a set of practices and technologies that protect end-user devices such as desktops, laptops, and mobile phones from malicious, unwanted software. Employees and team members connect to corporate networks and access resources by using these devices.