Skip to content

Commit 147248a

Browse files
BrendunsBrenduns
committed
True up some details with MDE content
1 parent 0c3671e commit 147248a

2 files changed

Lines changed: 6 additions & 2 deletions

File tree

memdocs/intune/protect/includes/security-config-mgt-prerequisites.md

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ description: include file
44
author: brenduns
55
ms.service: microsoft-intune
66
ms.author: brenduns
7-
ms.date: 11/22/2021
7+
ms.date: 11/29/2021
88
ms.topic: include
99
---
1010

@@ -109,7 +109,10 @@ To support Microsoft Defender for Endpoint security configuration management thr
109109

110110
Microsoft Defender for Endpoint supports several options to onboard devices. For current guidance, see [Onboarding tools and methods for Windows devices](/microsoft-365/security/defender-endpoint/security-config-management) in the Defender for Endpoint documentation.
111111

112-
Devices that you manage with Intune or Configuration Manager are not supported for this scenario.
112+
> [!IMPORTANT]
113+
> After a device onboards with Microsoft Defender for Endpoint, it must and be tagged with **MDE-Management** before it can enroll with Security Management for Microsoft Defender for Endpoint. For more information on device tagging in MDE, see Create and manage device tags](/microsoft-365/security/defender-endpoint/machine-tag).
114+
115+
Devices that you manage with Intune are not supported for this scenario.
113116

114117
## Create Azure AD Groups
115118

memdocs/intune/protect/mde-security-integration.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -62,6 +62,7 @@ When you select a policy, you'll see information about the device check-in statu
6262
## Known limitations and considerations
6363

6464
### Co-existence with Microsoft Endpoint Configuration Manager
65+
6566
When using Configuration Manager, the best path for management of security policy is using the [Configuration Manager tenant attach](/mem/configmgr/tenant-attach/endpoint-security-get-started). In some environments it may be desired to use Security Management for Microsoft Defender. When using Security Management for Microsoft Defender with Configuration Manager, endpoint security policy should be isolated to a single control plane. Controlling policy through both channels will create the opportunity for conflicts and undesired results.
6667

6768
### Active Directory joined devices

0 commit comments

Comments
 (0)