Microsoft Defender for Endpoint (MDE) is a holistic, cloud-delivered endpoint security solution. Its capabilities include risk-based vulnerability management and assessment, attack surface reduction, behavior-based next-generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
Install Microsoft Defender for Endpoint (MDE)
*Please note: MDE requires OSX 10.14 or newer. You will need to update your Mac if the OS is below this version.
1. Install Python if not already installed
2. Access the MDE install files. Make sure your Mac is first connected to the OSU network or the OSU VPN.
a.) On your Mac, open the Go dropdown menu and choose Connect to Server. Type in smb://celtis.forestry.oregonstate.edu/capps/public/Microsoft Defender Endpoint (MDE) for Mac
b.) When prompted, enter your ONID credentials. Make sure to include ONID\ before your username.
c.) The MDE files can also be downloaded using this Box link: https://oregonstate.box.com/s/tx4kkuyb884rcoa24ng52z9ppys0acn9
3. Install wdav.pkg (follow all prompts).
1. Click Open Security Preferences
2. Open System Preferences > Security & Privacy.
a.) In the General tab, click on Details, then choose both options listed.
b.) In the Privacy tab, you will need to allow Full Disk Access to Microsoft Defender ATP and Microsoft Defender ATP Endpoint Security Extension via System Preferences > Security & Privacy > Privacy.
*Note: Some versions of OSX will only show Microsoft Defender ATP in the Privacy window. If the Microsoft Defender ATP Endpoint Security Extension is not listed, ignore and move to the next step.
c.) If you receive an alert "Microsoft Defender ATP would like to Filter Network Content", click Allow.
4. Install the 'MicrosoftDefenderATPOnboardingMacOs.py' script
a.) Drag the ‘MicrosoftDefenderATPOnboardingMacOs.py’ script from the folder in step 2a, to the Desktop of your Mac.
b.) Open Terminal.
- To do this, open Launchpad, then type Terminal in the search bar at the top.
c.) Find the path of the script in step 4a; you can do this by selecting option + right click on the file + “Copy as…….pathname” which will copy it to clipboard; or you can drag the file into Terminal to see the path.
d.) Enter cd Desktop to switch to the desktop
e.) Then type in python3 (or whatever version of python you installed) and copy in the file name from step 4a to run the script. Follow all prompts, and then you should see the MDE icon in the upper right of the menu bar now has a checkmark on it, instead of an X.
f.) After the script is finished installing, you can test how it’s working by running this command in Terminal: mdatp connectivity test
5. Upon successful installation of MDE, uninstall any pre-existing antivirus solutions (example: Malwarebytes, Eset, etc.)