Cybersecurity has become an established industry as businesses, small and large alike, are incorporating high-end cybersecurity measures. To meet this end, you need to make sure you have the latest software protecting your systems. Microsoft has been developing its anti-malware, anti-virus security program “Microsoft Defender” for other operating systems beyond Windows, such as Mac.

» LEARN MORE: See Why Azure Makes The Difference Both in Performance & Costs

According to their updates, you can now get Microsoft Defender and Microsoft Defender ATP for Mac devices which was unavailable before March 2019.

What is Microsoft Defender ATP?

Microsoft Defender ATP or “Advanced Threat Protection” is one of Microsoft’s security programs that allows enterprise organizations to tackle security threats effectively. It allows for advanced threat protection, detection, and response.

Microsoft Defender ATP allows for:

  • Threat and Vulnerability Management
  • Attack Surface Reduction
  • Next-Generation Protection
  • Endpoint Detection and Response
  • Auto Investigation & Remediation 
  • Microsoft Threat Protection

The best part is Microsoft Defender extends its ATP features to other operating systems, not just Windows.

a screen of a computer with a pop up saying "Virus & threat protection Windows Defender summary".

Microsoft Defender ATP Portal

The Microsoft Defender ATP Portal comes with an incredibly user-friendly interface. It allows users to view and sort through various detected threats and alerts from your endpoints.

Go over their dashboard to view active alerts and daily reports, automated investigations, statistics on alerts, and get notified on devices at potential security risks.

How To Deploy Microsoft Defender for Endpoint on Your MacOS Using Jamf Pro

Jamf Pro is Apple’s macOS management system that allows for the management, deployment, and maintenance of software. If you want to deploy Microsoft Defender for Endpoint on your macOS using Jamf pro, you need to follow the steps below:

  • First, log in to Jamf Pro and go to “Computers.” 
  • Next, navigate to “Static Computer Groups” and select “New.”
  • Enter a display name and save. 

Now, you’ll have to download the associated onboarding packages from the Microsoft Defender Security Center.

  • Go to Settings > Onboarding. 
  • Set your operating system to macOS and deployment method as “Mobile Device Management/Microsoft Intune.” 
  • Click download and save the zip file to your device (WindowsDefenderATPOnboardingPackage.zip).
  • Extract the zip files contents (WindowsDefenderATPOnboarding.plist).
  • Open the extracted file. 
  • Next, open the Jamf Pro dashboard and click “New.
  • Fill in the details in the General category:
    • Name: MDATP onboarding for macOS
    • Description: MDATP EDR onboarding for macOS
    • Category: None
    • Distribution Method: Install Automatically
    • Level: Computer Level
  • Next, go to “Application & Custom Settings” and select “Configure.”
  • Select “Upload File (PLIST file)” and add the previously extracted plist file. 
  • In the Preference domain, enter: com.microsoft.wdav.atp.
  • Next, go to “scope” at the top navigation bar and select your target computers (this can be all computers or specific devices) and click “save.”

Next, you want to configure the Microsoft Defender Endpoint settings. For this, you’ll have to download the schema.json file from Microsoft Defender’s Github repository.

After you download the JSON file, login to Jamf Pro. Go to “Computers” > “Configuration Profiles”, and add a new profile using the following details:

  • Name: MDATP MDAV configuration settings
  • Description:<blank>
  • Category: None (default)
  • Level: Computer Level (default)
  • Distribution Method: Install Automatically (default)

Next, go to the “Application & Custom Settings” tab, and select “External Applications.” Click “Add” and choose your source. 

Set “Custom Schema” as your source to use for the preference domain.

In the “Preference Domain” bar, enter com.microsoft.wdav. Upload the schema file you previously downloaded and save. 

Now, you’ll see all the supported settings for Microsoft Defender ATP. You can manage these settings and add/remove properties as you like. 

  • Next, select the scope tab and select your display name previously set under Target computers. 
  • Click “Add” and save. 
  • Now if you go to “Configuration Profiles,” you’ll see the display name listed. 

If you further want to customize your Microsoft Defender Endpoint notification settings, here’s how you can do it. Similarly, if you want to configure updates through the MAU panel, click here. For more insights on how you can deploy Microsoft Defender on Jamf Pro, click on this link.

Likewise, if you want to use a third party MEM for your macOS device, follow the steps listed here

These days, it has become an organizational priority to protect digital assets and infrastructure. IT teams in growing organizations can only do so much when it comes to being proactive and implementing different security programs like Microsoft Defender ATP.

Outsourcing and enlisting the aid of specialized service providers like Logic V can help implement complete IT security solutions for your organization.

Get started with Azure and expand you business efforts at a lower cost 1
How do I Install Microsoft Defender ATP on Mac?

To start, make sure you have the required licensing and updated macOS systems as specified above.
Next, go to the Microsoft 365 Defender portal to download and install the necessary onboarding packages. 
Go to “Settings” > “Endpoints” > “Device management” > “Onboarding”. 
Next, choose your OS to macOS and set your “Deployment Method” to “Local Script (for up to 10 devices).” 
Click “Download Installation Package” and save as wdav.pkg to a local directory. 
On the same page, click “Download Onboarding Package” and save the file as WindowsDefenderATPOnboardingPackage.zip to the same directory.

Once you have the files in your system, you need to start the installation process.
Go to your downloads and open the wdav.pkg installation package.
Click “Continue” to agree with their Terms and Conditions, enter your password upon prompt, and click “Install the software.” 
Next, you’ll be asked to install a driver to your Mac. Click on “Open security preferences” in the popup. 
Next, go to “Security and Privacy” and click “Allow.” 
If you have macOS 11 or newer versions, you may be asked to download multiple system extensions, so you may have to repeat steps 3 and 4.
Newer versions may also require you to allow Microsoft Defender ATP to filter network content. This is necessary as your defender will report this traffic inspection to the Microsoft 365 portal. Click “Allow” here. 
Go to “System Preferences” and open the “Security & Privacy” Window. Click on “Privacy” > “Full Disk Access” and select “Microsoft Defender ATP” and “Microsoft Defender ATP Endpoint Security Extension.”
Once installed, you should see a small Microsoft Defender icon in your macOS status bar.
For more details on the manual deployment for Microsoft Defender for Endpoint on macOS, visit Microsoft’s manual deployment guide for Microsoft Defender for macOS.

Does Microsoft Defender Work on Mac?

Microsoft extends its endpoint security features to a number of operating systems including Mac, iOS, Android, Linux, and Windows.  It allows for antivirus, endpoints detection and response, and vulnerability management to the latest versions of the macOS. As with Microsoft Office, you can use Microsoft’s Endpoint Manager and Mac’s Endpoint Security Manager “Jamf” in collaboration to manage Microsoft Defender ATP on your device.

How do I Get Microsoft Defender ATP?

In order to get Microsoft Defender ATP on your Mac, you need to first make sure you have all the necessary licensing and software requirements. Also, remove any third-party endpoint protection software installed on your Mac as they can lead to performance problems on the device.

This means your mac must have the licensing for: 
Microsoft 365 E5 (M365 E5)
Microsoft 365 E5 Security
Microsoft 365 A5 (M365 A5)
Windows 10 Enterprise E5
Windows 11
Microsoft Defender for Endpoint

As for your system requirements, Microsoft Defender ATP is only available for the three most recent macOS updates: 
10.14 (Mojave) and 10.15 (Catalina)
11 (Big Sur)
12 (Monterey)

You also need to make sure you have at least 1GB of free disk space on your Mac to continue. Finally, you need to configure your firewall settings and network filtering rules so these domains aren’t filtered out by your firewall and network settings.

How do I Uninstall Microsoft Defender ATP Mac?

Uninstalling the Microsoft Defender ATP from your Mac is incredibly easy. Follow the steps below in order to uninstall Microsoft Defender ATP from your Mac:
– Go to Finder on your Mac device.
– Click on “Application.”
– Navigate to Microsoft Defender for Endpoint, right-click on it and select “Move to Trash.”
– Your application will successfully be uninstalled.