Cybersecurity

Dear All,

Microsoft XDR has now been installed on over 2500 endpoints, including laptops, desktops, and VMs, marking significant progress in our cybersecurity enhancement efforts.

The NFS Information Security (IS) team recently raised concerns regarding communication disruptions between their systems due to the activation of the Windows Firewall following the XDR installation. This issue should not occur, as all security policies, including firewall settings, are centrally managed and deployed via Microsoft XDR or Intune by the Information Security team. There is no further action required from the IT Support or VIS teams other than executing the XDR onboarding script.

Just to recap, the XDR onboarding process is as follows.

Onboarding Process

  • Assign the host name following the NETSOL’s defined naming conventions
  • Uninstall any existing antivirus software from the host
  • Execute the XDR onboarding script appropriate to the host’s operating system and confirm successful execution by reviewing the script output
  • Inform the Endpoint Protection Team to verify the host’s status and tag on the Microsoft Defender portal.

Verification Steps on the Endpoint

  • Open Windows Security on the endpoint
  • Go to the Virus & Threat Protection section and check that the security controls are locked, with a message indicating: “This setting is being managed by your administrator.”

Troubleshooting Endpoint with XDR Onboarding Issues (if needed)

  • Ensure that Microsoft Defender services are running
  • Confirm that no other antivirus solution is installed
  • For AD-joined endpoints, SysAdmins to verify that the device is a member of the AD XDR Group.

Please do not hesitate to contact Information Security team for any queries you may have.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top