Students and educators at eligible institutions can sign up for Office 365 Education for free, including Word, Excel, PowerPoint, OneNote, and now Microsoft Teams, plus additional classroom tools. Use your valid school email address to get started today. Office 365 works like you: everywhere.
-->Important
- Simplify development of.NET cloud applications for Azure using fully integrated tools, with Visual Studio for Mac.
- Unlock the full Microsoft Office experience with a qualifying Microsoft 365 subscription for your phone, tablet, PC, and Mac. Microsoft 365 annual subscriptions purchased from the app will be charged to your App Store account and will automatically renew within 24 hours prior to the end of the current subscription period unless auto-renewal is.
- Apple in the enterprise focused company, Jamf, kicked off its virtual JNUC conference today with a deluge of news and information for Mac, iPhone and iPad using enterprises. Apple and Microsoft.
Welcome to Microsoft Defender for Endpoint, the new name for Microsoft Defender Advanced Threat Protection. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future.
This topic describes how to install, configure, update, and use Microsoft Defender ATP for Mac.
Caution
Running other third-party endpoint protection products alongside Microsoft Defender ATP for Mac is likely to lead to performance problems and unpredictable side effects. If non-Microsoft endpoint protection is an absolute requirement in your environment, you can still safely take advantage of MDATP for Mac EDR functionality after configuring MDATP for Mac antivirus functionality to run in Passive mode.
What's new in the latest release
Tip
If you have any feedback that you would like to share, submit it by opening Microsoft Defender ATP for Mac on your device and navigating to Help > Send feedback.
To get the latest features, including preview capabilities (such as endpoint detection and response for your Mac devices), configure your macOS device running Microsoft Defender ATP to be an 'Insider' device. See Enable Microsoft Defender ATP Insider Device.
How to install Microsoft Defender ATP for Mac
Prerequisites
- A Microsoft Defender ATP subscription and access to the Microsoft Defender Security Center portal
- Beginner-level experience in macOS and BASH scripting
- Administrative privileges on the device (in case of manual deployment)
Installation instructions
There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
Third-party management tools:
Command-line tool:
System requirements
The three most recent major releases of macOS are supported.
- 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
- Disk space: 1GB
Beta versions of macOS are not supported. macOS Sierra (10.12) support ended on January 1, 2020.
After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
Licensing requirements
Microsoft Defender Advanced Threat Protection for Mac requires one of the following Microsoft Volume Licensing offers:
- Microsoft 365 E5 (M365 E5)
- Microsoft 365 E5 Security
- Microsoft 365 A5 (M365 A5)
Note
Eligible licensed users may use Microsoft Defender Advanced Threat Protection on up to five concurrent devices.Microsoft Defender Advanced Threat Protection is also available for purchase from a Cloud Solution Provider (CSP). When purchased via a CSP, it does not require Microsoft Volume Licensing offers listed.
Network connections
The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an allow rule specifically for them.
Spreadsheet of domains list | Description |
---|---|
Spreadsheet of specific DNS records for service locations, geographic locations, and OS. Download the spreadsheet here. |
Microsoft Defender ATP can discover a proxy server by using the following discovery methods:
- Proxy autoconfig (PAC)
- Web Proxy Autodiscovery Protocol (WPAD)
- Manual static proxy configuration
If a proxy or firewall is blocking anonymous traffic, make sure that anonymous traffic is permitted in the previously listed URLs.
Warning
Authenticated proxies are not supported. Ensure that only PAC, WPAD, or a static proxy is being used.
SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Microsoft Defender ATP for Mac to the relevant URLs without interception. Adding your interception certificate to the global store will not allow for interception.
To test that a connection is not blocked, open https://x.cp.wd.microsoft.com/api/report and https://cdn.x.cp.wd.microsoft.com/ping in a browser.
If you prefer the command line, you can also check the connection by running the following command in Terminal:
The output from this command should be similar to the following:
OK https://x.cp.wd.microsoft.com/api/report
OK https://cdn.x.cp.wd.microsoft.com/ping
Caution
We recommend that you keep System Integrity Protection (SIP) enabled on client devices. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default.
Once Microsoft Defender ATP is installed, connectivity can be validated by running the following command in Terminal:
How to update Microsoft Defender ATP for Mac
Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. To learn more, see Deploy updates for Microsoft Defender ATP for Mac
How to configure Microsoft Defender ATP for Mac
Guidance for how to configure the product in enterprise environments is available in Set preferences for Microsoft Defender ATP for Mac.
macOS kernel and system extensions
Azure Vm For Machine Learning
In alignment with macOS evolution, we are preparing a Microsoft Defender ATP for Mac update that leverages system extensions instead of kernel extensions. Visit What's new in Microsoft Defender Advanced Threat Protection for Mac for relevant details.
Resources
If you have any feedback that you would like to share, submit it by opening Microsoft Defender ATP for Mac on your device and navigating to Help > Send feedback.
To get the latest features, including preview capabilities (such as endpoint detection and response for your Mac devices), configure your macOS device running Microsoft Defender ATP to be an 'Insider' device. See Enable Microsoft Defender ATP Insider Device.
How to install Microsoft Defender ATP for Mac
Prerequisites
- A Microsoft Defender ATP subscription and access to the Microsoft Defender Security Center portal
- Beginner-level experience in macOS and BASH scripting
- Administrative privileges on the device (in case of manual deployment)
Installation instructions
There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
Third-party management tools:
Command-line tool:
System requirements
The three most recent major releases of macOS are supported.
- 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
- Disk space: 1GB
Beta versions of macOS are not supported. macOS Sierra (10.12) support ended on January 1, 2020.
After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
Licensing requirements
Microsoft Defender Advanced Threat Protection for Mac requires one of the following Microsoft Volume Licensing offers:
- Microsoft 365 E5 (M365 E5)
- Microsoft 365 E5 Security
- Microsoft 365 A5 (M365 A5)
Note
Eligible licensed users may use Microsoft Defender Advanced Threat Protection on up to five concurrent devices.Microsoft Defender Advanced Threat Protection is also available for purchase from a Cloud Solution Provider (CSP). When purchased via a CSP, it does not require Microsoft Volume Licensing offers listed.
Network connections
The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an allow rule specifically for them.
Spreadsheet of domains list | Description |
---|---|
Spreadsheet of specific DNS records for service locations, geographic locations, and OS. Download the spreadsheet here. |
Microsoft Defender ATP can discover a proxy server by using the following discovery methods:
- Proxy autoconfig (PAC)
- Web Proxy Autodiscovery Protocol (WPAD)
- Manual static proxy configuration
If a proxy or firewall is blocking anonymous traffic, make sure that anonymous traffic is permitted in the previously listed URLs.
Warning
Authenticated proxies are not supported. Ensure that only PAC, WPAD, or a static proxy is being used.
SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Microsoft Defender ATP for Mac to the relevant URLs without interception. Adding your interception certificate to the global store will not allow for interception.
To test that a connection is not blocked, open https://x.cp.wd.microsoft.com/api/report and https://cdn.x.cp.wd.microsoft.com/ping in a browser.
If you prefer the command line, you can also check the connection by running the following command in Terminal:
The output from this command should be similar to the following:
OK https://x.cp.wd.microsoft.com/api/report
OK https://cdn.x.cp.wd.microsoft.com/ping
Caution
We recommend that you keep System Integrity Protection (SIP) enabled on client devices. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default.
Once Microsoft Defender ATP is installed, connectivity can be validated by running the following command in Terminal:
How to update Microsoft Defender ATP for Mac
Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. To learn more, see Deploy updates for Microsoft Defender ATP for Mac
How to configure Microsoft Defender ATP for Mac
Guidance for how to configure the product in enterprise environments is available in Set preferences for Microsoft Defender ATP for Mac.
macOS kernel and system extensions
Azure Vm For Machine Learning
In alignment with macOS evolution, we are preparing a Microsoft Defender ATP for Mac update that leverages system extensions instead of kernel extensions. Visit What's new in Microsoft Defender Advanced Threat Protection for Mac for relevant details.
Resources
For more information about logging, uninstalling, or other topics, see the Resources page.
This article explains how to install the Azure PowerShell modules usingPowerShellGet. These instructions work on Windows,macOS, and Linux platforms.
Azure PowerShell is also available in Azure Cloud Shell and is nowpreinstalled in Docker images.
Requirements
Note
PowerShell 7.x and later is the recommended version of PowerShell for use with Azure PowerShell onall platforms.
Azure PowerShell works with PowerShell 6.2.4 and later on all platforms. It is also supported withPowerShell 5.1 on Windows. Install thelatest version of PowerShell available foryour operating system. Azure PowerShell has no additional requirements when run on PowerShell 6.2.4and later.
To check your PowerShell version, run the command:
To use Azure PowerShell in PowerShell 5.1 on Windows:
- Update toWindows PowerShell 5.1.If you're on Windows 10 version 1607 or higher, you already have PowerShell 5.1 installed.
- Install .NET Framework 4.7.2 or later.
- Make sure you have the latest version of PowerShellGet. Run
Install-Module -Name PowerShellGet -Force
.
Install the Azure PowerShell module
Warning
We do not support having both the AzureRM and Az modules installed for PowerShell 5.1 on Windowsat the same time. If you need to keep AzureRM available on your system, install the Az module forPowerShell 6.2.4 or later.
Using the PowerShellGet cmdlets is the preferred installation method. Install the Az module for thecurrent user only. This is the recommended installation scope. This method works the same onWindows, macOS, and Linux platforms. Run the following command from a PowerShell session:
By default, the PowerShell gallery isn't configured as a trusted repository for PowerShellGet. Thefirst time you use the PSGallery you see the following prompt:
Answer Yes
or Yes to All
to continue with the installation.
Installing the module for all users on a system requires elevated privileges. Start the PowerShellsession using Run as administrator in Windows or use the sudo
command on macOS or Linux:
The Az module is a rollup module for the Azure PowerShell cmdlets. Installing it downloads all ofthe generally available Az PowerShell modules, and makes their cmdlets available for use.
Install offline
In some environments, it's not possible to connect to the PowerShell Gallery. In those situations,you can still install offline using one of these methods:
Azure Cli Mac Os
Download the modules to another location in your network and use that as an installation source.This method allows you to cache PowerShell modules on a single server or file share to be deployedwith PowerShellGet to any disconnected systems. Learn how to set up a local repository and installon disconnected systems withWorking with local PowerShellGet repositories.
Download the Azure PowerShell MSI to a machine connected to the network,and then copy the installer to systems without access to PowerShell Gallery. Keep in mind that theMSI installer only works for PowerShell 5.1 on Windows.
Save the module with Save-Module to a file share,or save it to another source and manually copy it to other machines:
Troubleshooting
Here are some common problems seen when installing the Azure PowerShell module. If you experience aproblem not listed here, file an issue on GitHub.
Proxy blocks connection
If you get errors from Install-Module
that indicate the PowerShell Gallery is unreachable, you maybe behind a proxy. Different operating systems and network environment have different requirementsfor configuring a system-wide proxy. Contact your system administrator for your proxy settings andhow to configure them for your environment.
PowerShell itself may not be configured to use this proxy automatically. With PowerShell 5.1 andlater, configure the PowerShell session to use a proxy using the following commands:
If your operating system credentials are configured correctly, this configuration routes PowerShellrequests through the proxy. To have this setting persist between sessions, add the commands to yourPowerShell profile.
To install the package, your proxy needs to allow HTTPS connections to the following address:
https://www.powershellgallery.com
Sign in
To start working with Azure PowerShell, sign in with your Azure credentials.
Note
If you've disabled module autoloading, manually import the module with Import-Module -Name Az
.Because of the way the module is structured, this can take a few seconds.
You'll need to repeat these steps for every new PowerShell session you start. To learn how topersist your Azure sign in across PowerShell sessions, seePersist user credentials across PowerShell sessions.
Update the Azure PowerShell module
To update any PowerShell module, you should use the same method used to install the module. Forexample, if you originally used Install-Module
, then you should useUpdate-Module to get the latest version. If youoriginally used the MSI package then you should download and install the new MSI package.
Azure Storage Explorer For Mac
The PowerShellGet cmdlets cannot update modules that were installed from an MSI package. MSIpackages do not update modules that were installed using PowerShellGet. If you have any issuesupdating using PowershellGet, then you should reinstall, rather than update. Reinstalling isdone the same way as installing, but you need to add the -Force
parameter:
Unlike MSI-based installations, installing or updating using PowerShellGet does not remove olderversions that may exist on your system. To remove old versions of Azure PowerShell from your system,see Uninstall the Azure PowerShell module. For more information aboutMSI-based installations, see Install Azure PowerShell with an MSI.
Use multiple versions of Azure PowerShell
It's possible to install more than one version of Azure PowerShell. To check if you have multipleversions of Azure PowerShell installed, use the following command:
To remove a version of Azure PowerShell, see Uninstall the Azure PowerShell module.
If you have more than one version of the module installed, module autoload and Import-Module
loadthe latest version by default.
Azure Mac Os Vm
You can install or load a specific version of the Az
module using the -RequiredVersion
parameter:
Use multiple repositories with PowerShellGet
The Repository parameter is required if you have added additional repositories to PowerShellGeton your system and the Az module can be found in more than one of them.
Provide feedback
If you find a bug in Azure PowerShell,file an issue on GitHub. To provide feedbackfrom the command line, use the Send-Feedback cmdlet.
Next Steps
To learn more about the Azure PowerShell modules and their features, seeGet Started with Azure PowerShell. If you're familiar with AzurePowerShell and need to migrate from AzureRM, seeMigrate from AzureRM to Az.