Create Inventory of On-Prem AD Infrastructure
Implementation Effort: Medium – Requires coordination between security and IT teams to catalog Active Directory components and assess readiness for sensor deployment.
User Impact: Low – This is an administrative task with no direct impact on end users.
Overview
Defender for Identity sensors can be installed directly on the following servers: (1) Domain Controllers: The sensor monitors domain controller traffic directly, eliminating the need for a dedicated server or port mirroring configuration. (2) AD FS / AD CS: The sensor monitors network traffic and required events directly. It is essential to identify all relevant servers and plan the deployment to ensure comprehensive coverage.
Reference
- N/A