Planning a Defender Endpoint for Deployment
Start course

This course explores Microsoft Defender for Endpoint and you’ll learn what it is and what it offers. We'll cover the prerequisites and requirements that you must meet before deploying Defender for Endpoint. And finally, we'll look at the planning steps that you should follow when planning a Defender for Endpoint deployment.

Learning Objectives

  • Get a foundational understanding of the Microsoft Defender for Endpoint service
  • Learn about the requirements for deploying the service
  • Learn how to plan a Defender for Endpoint Deployment

Intended Audience

This is intended for those who wish to learn what Microsoft Defender for Endpoint is, what it does, and how to plan for deployment.


To get the most out of this course, you should have a basic understanding of Microsoft 365.


Welcome back! So, now you know what Defender for Endpoint is, what it does, and what requirements you have to meet before using it, let’s take a quick look at the planning process for a deployment of Defender for Endpoint. 

At a high level, there are three steps to the planning process. They include the identification of your environment’s architecture, the selection of the type of deployment tool, and guidance on how to configure capabilities.

Because every environment is unique, Microsoft offers several deployment options for those who wish to deploy Defender for Endpoint. For example, there are cloud-native scenarios, there are situations where co-management is involved, there are on-prem architectures to account for, and there are even deployment scenarios that are entirely for evaluation and local onboarding.

The link in the transcript of this lesson takes you to the MDATP Deployment Strategy guide, which can be used to select the appropriate Defender for Endpoint architecture that best suits your particular situation.

Once you’ve identified the proper architecture, you need to select a deployment method. Since Defender for Endpoint supports lots of different endpoints, it’s important to choose the deployment method that fits your specific devices.

The table on your screen shows the different endpoints that are supported by Defender for Endpoint, along with the deployment tools that you can use for each endpoint.

Once you’ve onboarded your endpoints, you need to configure the different security capabilities in Defender for Endpoint. The security capabilities that you have to configure include endpoint detection and response, next-generation protection, and attack surface reduction.

After you’ve completed your deployment planning, you can perform the actual deployment, which is also performed in phases, starting with the Preparation phase. During the initial preparation phase, you research things you need to consider when deploying Defender for Endpoint. For example, you’ll need to determine who the stakeholders are and who will provide necessary approvals. You’ll also want to account for environment considerations, access permissions, and adoption order of capabilities.

After working through the Preparation phase of your deployment, you’ll need to work through the Setup phase. During the setup phase, you decide on the steps you need to take to access the portal. Considerations and tasks include license validation, completion of the setup wizard, and network configuration.

The last phase is the Onboarding phase. During this last deployment phase, you learn how to make use of deployment rings, you learn about the supported onboarding tools, based on the type of endpoints you are dealing with, and, of course, configuring available capabilities.

About the Author
Learning Paths

Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.