amr Posted Tuesday at 02:24 PM Share Posted Tuesday at 02:24 PM (edited) Good morning all, We have recently kicked off a project to get Defender for Endpoint going and replacing NSX/TrendMicro DeepSecurity. I have read the numerous articles from TechZone and Microsoft a few times each to get an understanding on the best path forward. Key points I've taken away: - Don't onboard the golden image - We want a single entry for each VM, so use the appropriate on boarding scripts for VDI - Use GPO locally, in AD, or post sync script to onboard instant clones - Follow the TechZone article and be diligent about exclusions and things unique to VDI With all that said, how are you managing on boarding ICs with Defender? To me the scripts linked to the IC OUs is probably the method we'll go. We have had issues in the past with post sync scripts timing out and VMs failing to create. Are there any caveats or gotchas to watch out for with this entire system? Edited Tuesday at 02:37 PM by ram012 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.