Microsoft's security tool can now spot rogue devices on your network

Microsoft's security tool can now spot rogue devices on your network

Microsoft Defender for Endpoint's new ability to monitor and protect unmanaged devices has now reached general availability.

Microsoft Defender for Endpoint (formerly Defender ATP), gives security teams visibility over unmanaged devices running on their networks. It's a cloud-based security service that gives security teams incident response and investigation tools and lives as an instance in Azure. It's distinct from Microsoft Defender antivirus that ships with Windows 10.   

Microsoft pushed the public preview of this unmanaged device capability to public preview in April, as ZDNet reported at the time. The feature aims to alleviate post-pandemic hybrid work security risks, where people may be using their own computers and devices from home, then bring them to work and connect to the corporate network.

It's meant to tackle the unknown threats that may arise from devices that have been compromised at home and then brought into work.

The new capabilities should make it easier to discover and secure unmanaged PCs, mobile devices, servers, and network devices on a business network.

The GA release allows security teams to discover devices connected to a corporate network, onboard devices once they've been discovered, and then review assessments and address threats and vulnerabilities on newly discovered devices.

Juniper Networks driven by Mist AI delivers the secure AI-Driven Enterprise, focused on optimizing user experiences from client-to-cloud and simplifying IT operations across the WLAN, LAN, WAN, and cloud.

Mist AI revolutionizes traditional networks that are riddled with complexity and technical debt with AI-driven insights and automation for unprecedented scalability, reliability and agility.

Defender for Endpoint will let teams discover unmanaged workstations, servers, and mobile endpoints across Windows, Linux, macOS, iOS, and Android platforms that haven't been onboarded and secured.

It also covers network devices, such as switches, routers, firewalls, WLAN controllers, VPN gateways. These can also can be discovered and put on the device inventory using periodic authenticated scans of preconfigured network devices.

Security teams will be able to see the new features for unmanaged devices within the Microsoft 365 Defender user interface in "Device inventory".

"Now that these features have reached general availability, you will notice that endpoint discovery is already enabled on your tenant. This is indicated by a banner that appears in the Endpoints\Device inventory section of the Microsoft 365 Defender console," said Microsoft's Chris Hallum.

The banner will vanish on July 19, 2021 and the default behavior for discovery will be switched from Basic to Standard. Standard discovery is an active discovery method that relies on already-managed devices to probe the network for unmanaged devices.

Ensuring your systems are secure – 1-Fix.

Our team of specialists at 1-Fix offer a range of business IT services ranging from desktop and server management, to network design and cyber security assistance. Our experts want to become a vital member of your team and help you strengthen the capabilities of your IT systems. We can help you achieve a level of security that allows you to feel confident 100% of the time that you are not going to fall victim to a cyber attack whilst utilising everything your IT landscape has to offer. Please do not hesitate to contact the 1-Fix team for a conversation on any aspect of your IT.

Source: https://www.zdnet.com