-->![Microsoft defender advanced threat protection for mac windows 10 Microsoft defender advanced threat protection for mac windows 10](/uploads/1/2/5/6/125654232/562257479.jpg)
- Microsoft Defender Advanced Threat Protection For Mac Windows 7
- Windows Defender Atp
- Microsoft Defender Advanced Threat Protection For Mac Windows 10
本主题介绍了如何安装、配置、更新和使用 Microsoft Defender ATP for Mac。This topic describes how to install, configure, update, and use Microsoft Defender ATP for Mac.
Update: Microsoft Defender ATP for Mac is generally available as of June 28, 2019. Microsoft Defender ATP for Mac, which brings our unified endpoint security solution to Mac devices, is now in public preview. We announced and opened a limited preview for Microsoft Defender ATP for Mac in March. 2019-3-22 As a result, the technology giant renamed its Windows Defender Advanced Threat Protection (ATP) to Microsoft Defender Advanced Threat Protection (ATP) in an attempt to minimize name-confusion and reflect the cross-platform nature of the software.
Mar 21, 2019 As The Verge reports, the business-focused version of Windows Defender (known as Windows Defender Advanced Threat Protection (ATP)), is being rolled out to macOS users. As it's not running on. Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac This topic provides information on how to troubleshoot issues with the kernel extension that is installed as part of Microsoft Defender ATP for Mac.
![Microsoft defender advanced threat protection for mac windows 10 Microsoft defender advanced threat protection for mac windows 10](/uploads/1/2/5/6/125654232/562257479.jpg)
注意
在 Microsoft Defender ATP for Mac 上运行其他第三方终结点保护产品可能会导致性能问题和不可预知的副作用。Running other third-party endpoint protection products alongside Microsoft Defender ATP for Mac is likely to lead to performance problems and unpredictable side effects.如果非 Microsoft endpoint protection 是你的环境中的绝对要求,则在将 Mac 防病毒功能的 MDATP 配置为在被动模式下运行时,你仍可以安全地利用 MDATP FOR mac EDR 功能。If non-Microsoft endpoint protection is an absolute requirement in your environment, you can still safely take advantage of MDATP for Mac EDR functionality after configuring MDATP for Mac antivirus functionality to run in Passive mode.
最新版本中的新增功能What’s new in the latest release
提示
如果你有想要共享的任何反馈,请在你的设备上打开 Microsoft Defender ATP for Mac 进行提交,并导航到帮助 > 发送反馈。If you have any feedback that you would like to share, submit it by opening Microsoft Defender ATP for Mac on your device and navigating to Help > Send feedback.
若要获取最新功能,包括预览功能(如 Mac 计算机的终结点检测和响应),请将运行 Microsoft Defender ATP 的 macOS 计算机配置为 '预览体验成员' 计算机。To get the latest features, including preview capabilities (such as endpoint detection and response for your Mac machines), configure your macOS machine running Microsoft Defender ATP to be an 'Insider' machine.请参阅启用 Microsoft DEFENDER ATP 预览体验成员计算机。See Enable Microsoft Defender ATP Insider Machine.
如何安装 Microsoft Defender ATP for MacHow to install Microsoft Defender ATP for Mac
必备条件Prerequisites
- Microsoft Defender ATP 订阅和 Microsoft Defender 安全中心门户的访问权限A Microsoft Defender ATP subscription and access to the Microsoft Defender Security Center portal
- MacOS 和 BASH 脚本中的入门级体验Beginner-level experience in macOS and BASH scripting
- 对设备的管理权限(在手动部署时)Administrative privileges on the device (in case of manual deployment)
安装说明Installation instructions
你可以使用多种方法和部署工具来安装和配置 Microsoft Defender ATP for Mac。There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
- 第三方管理工具:Third-party management tools:
- 命令行工具:Command-line tool:
系统要求System requirements
支持 macOS 的三个最新主要版本。The three most recent major releases of macOS are supported.
- 10.15 (Catalina)、10.14 (Mojave)、10.13 (高塞拉利昂)10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
- 磁盘空间: 650 MBDisk space: 650 MB
不支持 macOS 的 Beta 版本。Beta versions of macOS are not supported.macOS 塞拉利昂(10.12)支持于2020年1月1日结束。macOS Sierra (10.12) support ended on January 1, 2020.
启用服务后,您可能需要配置网络或防火墙以允许其与终结点之间的出站连接。After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
网络连接Network connections
下表列出了你的网络必须能够连接到的服务和其关联 URL。The following table lists the services and their associated URLs that your network must be able to connect to.你应该确保没有可拒绝访问这些 Url 的防火墙或网络筛选规则,或者你可能需要为其创建一个允许规则。You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an allow rule specifically for them.
服务位置Service location | DNS 记录DNS record |
---|---|
所有位置的通用 UrlCommon URLs for all locations | x.cp.wd.microsoft.comx.cp.wd.microsoft.com cdn.x.cp.wd.microsoft.comcdn.x.cp.wd.microsoft.com eu-cdn.x.cp.wd.microsoft.comeu-cdn.x.cp.wd.microsoft.com wu-cdn.x.cp.wd.microsoft.comwu-cdn.x.cp.wd.microsoft.com *.blob.core.windows.net*.blob.core.windows.net officecdn-microsoft-com.akamaized.netofficecdn-microsoft-com.akamaized.net crl.microsoft.comcrl.microsoft.com events.data.microsoft.comevents.data.microsoft.com |
欧盟European Union | europe.x.cp.wd.microsoft.comeurope.x.cp.wd.microsoft.com eu-v20.events.data.microsoft.comeu-v20.events.data.microsoft.com |
英国United Kingdom | unitedkingdom.x.cp.wd.microsoft.comunitedkingdom.x.cp.wd.microsoft.com uk-v20.events.data.microsoft.comuk-v20.events.data.microsoft.com |
美国United States | unitedstates.x.cp.wd.microsoft.comunitedstates.x.cp.wd.microsoft.com us-v20.events.data.microsoft.comus-v20.events.data.microsoft.com |
Microsoft Defender ATP 可以使用以下发现方法发现代理服务器:Microsoft Defender ATP can discover a proxy server by using the following discovery methods:
- Web 代理自动发现协议 (WPAD)Web Proxy Auto-discovery Protocol (WPAD)
- 手动静态代理配置Manual static proxy configuration
如果代理或防火墙阻止匿名通信,请确保在前面列出的 Url 中允许匿名通信。If a proxy or firewall is blocking anonymous traffic, make sure that anonymous traffic is permitted in the previously listed URLs.
若要测试连接是否未被阻止,请https://x.cp.wd.microsoft.com/api/report在https://cdn.x.cp.wd.microsoft.com/ping浏览器中打开和。To test that a connection is not blocked, open https://x.cp.wd.microsoft.com/api/report and https://cdn.x.cp.wd.microsoft.com/ping in a browser.
如果你喜欢命令行,也可以通过在 '终端' 中运行以下命令来检查连接:If you prefer the command line, you can also check the connection by running the following command in Terminal:
此命令的输出应类似于以下内容:The output from this command should be similar to the following:
OK https://x.cp.wd.microsoft.com/api/report
OK https://cdn.x.cp.wd.microsoft.com/ping
注意
我们建议你在客户端计算机上保持系统完整性保护(SIP)启用。We recommend that you keep System Integrity Protection (SIP) enabled on client machines.SIP 是一种内置的 macOS 安全功能,可防止对操作系统进行低级篡改,并且默认情况下处于启用状态。SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default.
安装 Microsoft Defender ATP 后,可通过在终端中运行以下命令来验证连接性:Once Microsoft Defender ATP is installed, connectivity can be validated by running the following command in Terminal:
如何更新 Microsoft Defender ATP for MacHow to update Microsoft Defender ATP for Mac
Microsoft 会定期发布软件更新,以提高性能、提高安全性和提供新功能。Microsoft regularly publishes software updates to improve performance, security, and to deliver new features.若要更新 Microsoft Defender ATP for Mac,请使用名为 Microsoft 自动更新(MAU)的程序。To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used.若要了解详细信息,请参阅部署 Microsoft DEFENDER ATP For Mac 的更新To learn more, see Deploy updates for Microsoft Defender ATP for Mac
如何配置 Microsoft Defender ATP for MacHow to configure Microsoft Defender ATP for Mac
有关如何在企业环境中配置产品的指南在设置 Microsoft DEFENDER ATP For Mac 的首选项中可用。Guidance for how to configure the product in enterprise environments is available in Set preferences for Microsoft Defender ATP for Mac.
macOS 内核和系统扩展macOS kernel and system extensions
在与 macOS 演变的过程中,我们准备了一个 Microsoft Defender ATP for Mac 更新,它利用系统扩展而不是内核扩展。In alignment with macOS evolution, we are preparing a Microsoft Defender ATP for Mac update that leverages system extensions instead of kernel extensions.请访问Microsoft Defender 高级威胁防护 For Mac 中的新增功能,了解相关详细信息。Visit What's new in Microsoft Defender Advanced Threat Protection for Mac for relevant details.
资源Resources
- 有关日志记录、卸载或其他主题的详细信息,请参阅 '资源' 页面。For more information about logging, uninstalling, or other topics, see the Resources page.
Microsoft Defender Advanced Threat Protection For Mac Windows 7
Applies to:
This topic provides some general steps that can be used to narrow down performance issues related to Microsoft Defender ATP for Mac.
Real-time protection (RTP) is a feature of Microsoft Defender ATP for Mac that continuously monitors and protects your device against threats. It consists of file and process monitoring and other heuristics.
Depending on the applications that you are running and your device characteristics, you may experience suboptimal performance when running Microsoft Defender ATP for Mac. In particular, applications or system processes that access many resources over a short timespan can lead to performance issues in Microsoft Defender ATP for Mac.
Windows Defender Atp
The following steps can be used to troubleshoot and mitigate these issues:
Microsoft Defender Advanced Threat Protection For Mac Windows 10
- Disable real-time protection using one of the following methods and observe whether the performance improves. This approach helps narrow down whether Microsoft Defender ATP for Mac is contributing to the performance issues.If your device is not managed by your organization, real-time protection can be disabled using one of the following options:
- From the user interface. Open Microsoft Defender ATP for Mac and navigate to Manage settings.
- From the Terminal. For security purposes, this operation requires elevation.
If your device is managed by your organization, real-time protection can be disabled by your administrator using the instructions in Set preferences for Microsoft Defender ATP for Mac. - Open Finder and navigate to Applications > Utilities. Open Activity Monitor and analyze which applications are using the resources on your system. Typical examples include software updaters and compilers.
- Configure Microsoft Defender ATP for Mac with exclusions for the processes or disk locations that contribute to the performance issues and re-enable real-time protection.See Configure and validate exclusions for Microsoft Defender ATP for Mac for details.