Configure Azure Advanced Threat protection and Cloud App Security Protection
- Create a demo tenant how-to-create-an-office-365-tenant-before-testing
- Add a Microsoft 365 E5 License to your test user. (This can be done in trial) Office-365-testing-in-a-demo-environment-in-3-steps/
1. Azure Advanced Threat Protection portal
- If you are entitled to Azure Advanced Threat protection, it is important that you make the best use of their intelligence. To activate these feautures, you can use the following steps.
- Browse To: https://portal.atp.azure.com/tenantPortal
- Click create
- Your ATP tenant is now ready.
- Azure ATP can integrate with Cloud App Security. Below you can see how to perform the integration.
- Tips: https://techcommunity.microsoft.com/t5/enterprise-mobility-security/unified-secops-investigation-for-hybrid-environments/ba-p/360850
- Browse to: https://m365tips.portal.cloudappsecurity.com/#/dashboard (adapt m365tips to your test environment)
- You can now set up ATP alerts in Cloud App Security!
- It is also quite handy that you add Office 365 to your cloud app security tenant . That way you can see what data flows in and out of your tenant etc.. More soon!
Configure ATP Sensors on all domain controllers.
1. Open the ATP Portal.
- Browse To: https://portal.atp.azure.com
- Enter your AD Domain Administrator
- Enter your AD Domain administrator's password
- Enter your Domain
- Click Save
2. Download ATP sensor
- Download the ATP Sensor
- Place the file on your domain controller(s)
3. Installation of the ATP Sensor
- Open the Azure ATP Sensor Setup
- Click Next
- click Next
- Copy the access key from your ATP Portal
- Your Active Directory environment will now share account information with Azure ATP.
- Insights can be viewed in the reports.
- Repeat this step for all domain controllers.