title: Migrate to Microsoft Defender for Endpoint from non-Microsoft endpoint protection description: Move to Microsoft Defender for Endpoint, which includes Microsoft Defender Antivirus for your endpoint protection solution. ms.service: defender-endpoint ms.author: painbar author: paulinbar ms.localizationpriority: medium manager: bagol audience: ITPro ms.collection:
- m365-security
- m365solution-migratetomdatp
- m365solution-overview
- m365initiative-defender-endpoint
- highpri
- tier1
ms.topic: solution-overview
ms.custom: migrationguides
ms.date: 09/21/2024
ms.reviewer: jesquive, chventou, jonix, chriggs, owtho, yongrhee
ms.subservice: onboard
search.appverid: met150
appliesto:
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender for Endpoint Plan 2
If you're ready to move from a non-Microsoft endpoint protection solution to Microsoft Defender for Endpoint, or you're interested in what all is involved in the process, use this article as a guide. This article describes the overall process of moving to Defender for Endpoint Plan 1 or Plan 2. The following image depicts the migration process at a high level:
:::image type="content" source="media/nonms-mde-migration.png" alt-text="Diagram depicting the process of migrating to Defender for Endpoint" lightbox="media/nonms-mde-migration.png":::
When you migrate to Defender for Endpoint, you begin with your non-Microsoft antivirus/antimalware protection in active mode. Then, you configure Microsoft Defender Antivirus in passive mode, and configure Defender for Endpoint features. Then, you onboard your organization's devices, and verify that everything is working correctly. Finally, you remove the non-Microsoft solution from your devices.
[!INCLUDE side-by-side-scenarios]
:::image type="content" source="media/phase-diagrams/migration-phases.png" alt-text="The MDE migration process" lightbox="media/phase-diagrams/migration-phases.png":::
The process of migrating to Defender for Endpoint can be divided into three phases, as described in the following table:
| Phase | Description |
|---|---|
| Prepare for your migration | During the Prepare phase: 1. Update your organization's devices. 2. Get Defender for Endpoint Plan 1 or Plan 2. 3. Plan roles and permissions for your security team, and grant them access to the Microsoft Defender portal. 4. Configure your device proxy and internet settings to enable communication between your organization's devices and Defender for Endpoint. 5. Get baseline performance data for the devices that are onboarded to Defender for Endpoint. |
| Set up Defender for Endpoint | During the Setup phase: 1. Enable/reinstall Microsoft Defender Antivirus, and make sure it's in passive mode on devices. 2. Configure your Defender for Endpoint Plan 1 or Plan 2 capabilities. 3. Add Defender for Endpoint to the exclusion list for your existing solution. 4. Add your existing solution to the exclusion list for Microsoft Defender Antivirus. 5. Set up your device groups, collections, and organizational units. |
| Onboard to Defender for Endpoint | During the Onboard phase: 1. Onboard your devices to Defender for Endpoint. 2. Run a detection test to confirm that onboarding was successful. 3. Confirm that Microsoft Defender Antivirus is running in passive mode. 4. Get updates for Microsoft Defender Antivirus. 5. Uninstall your existing endpoint protection solution. 6. Make sure that Defender for Endpoint working correctly. |
- Proceed to Prepare for your migration.
[!INCLUDE side-by-side-scenarios]