![]() There are two Azure advanced threat protection deployment options, that is, you have two methods to collect logs from a domain controllers: This is the feature that allowed the move to a single workspace opposed to having multiple workspaces before. You need at least a one way trust and the directory services user needs to be able to login to both forests. It looks like Azure ATP now (Azure ATP release 2.41 – July 2018) supports Multi-forest deployments in a single Azure ATP workspace. Supporting multiple forests using one workspace You can also read about Azure advanced threat protection lateral movement, Azure ATP and Windows Defender ATP integration, and Azure ATP vs ATA.Īzure advanced threat protection is a cloud service from Microsoft to detect advanced threats, and is considered a cloud evolution of the previous Microsoft ATA solution. In this blog post, I will be talking about Azure advanced threat protection deployment, and walk you through my experience doing large implementation in an environment with virtual domain controllers hosted on VMware clusters. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |