Microsoft Endpoint Security For Mac

  1. Microsoft Endpoint Security For Mac Free
  2. Microsoft Endpoint Security For Mac Pro
  3. Kaspersky For Mac Download
  4. Microsoft Endpoint Security For Mac Pro
  5. Microsoft Endpoint Security For Mac Download

Endpoint Security for Windows, Mac, Linux If you already have our product, you can download patches, upgrades and documentation by clicking the download button. Please note that if your company works in European Union and/or processes personal data received from a natural person in the EU, you must use product builds assembled with GDPR. The “Top 10 actions to secure your environment” series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. Protect your OS,” you’ll learn how to configure Microsoft Defender Advanced Threat Protection to prevent, detect, investigate, and respond to advanced threats. Jun 27, 2012 To install System Center 2012 Endpoint Protection for Mac, follow these steps: Note Running two antivirus programs on the same computer can cause. Insert the System Center 2012 Endpoint Protection for Mac installation disk into your DVD drive. In the Finder, double-click System Center 2012.

This topic describes how to install, configure, update, and use Microsoft Defender ATP for Mac.


Running other third-party endpoint protection products alongside Microsoft Defender ATP for Mac is likely to lead to performance problems and unpredictable side effects. If non-Microsoft endpoint protection is an absolute requirement in your environment, you can still safely take advantage of MDATP for Mac EDR functionality after configuring MDATP for Mac antivirus functionality to run in Passive mode.

What’s new in the latest release


If you have any feedback that you would like to share, submit it by opening Microsoft Defender ATP for Mac on your device and navigating to Help > Send feedback.

To get the latest features, including preview capabilities (such as endpoint detection and response for your Mac machines), configure your macOS machine running Microsoft Defender ATP to be an 'Insider' machine. See Enable Microsoft Defender ATP Insider Machine.

How to install Microsoft Defender ATP for Mac


  • A Microsoft Defender ATP subscription and access to the Microsoft Defender Security Center portal
  • Beginner-level experience in macOS and BASH scripting
  • Administrative privileges on the device (in case of manual deployment)

Installation instructions

There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.

  • Third-party management tools:

  • Command-line tool:

System requirements

The three most recent major releases of macOS are supported.

  • 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
  • Disk space: 650 MB

Beta versions of macOS are not supported. macOS Sierra (10.12) support ended on January 1, 2020.

After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.

Microsoft Endpoint Security For Mac Free

Network connections

The following table lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an allow rule specifically for them.

Microsoft Endpoint Security For Mac

Microsoft Endpoint Security For Mac Pro

Service locationDNS record
Common URLs for all locationsx.cp.wd.microsoft.com
European Unioneurope.x.cp.wd.microsoft.com
United Kingdomunitedkingdom.x.cp.wd.microsoft.com
United Statesunitedstates.x.cp.wd.microsoft.com

Kaspersky For Mac Download

Microsoft Defender ATP can discover a proxy server by using the following discovery methods:

  • Web Proxy Auto-discovery Protocol (WPAD)
  • Manual static proxy configuration

If a proxy or firewall is blocking anonymous traffic, make sure that anonymous traffic is permitted in the previously listed URLs.

To test that a connection is not blocked, open https://x.cp.wd.microsoft.com/api/report and https://cdn.x.cp.wd.microsoft.com/ping in a browser.

If you prefer the command line, you can also check the connection by running the following command in Terminal:

The output from this command should be similar to the following:

OK https://x.cp.wd.microsoft.com/api/report

OK https://cdn.x.cp.wd.microsoft.com/ping


We recommend that you keep System Integrity Protection (SIP) enabled on client machines. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default.

Once Microsoft Defender ATP is installed, connectivity can be validated by running the following command in Terminal:

How to update Microsoft Defender ATP for Mac

Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. To learn more, see Deploy updates for Microsoft Defender ATP for Mac

How to configure Microsoft Defender ATP for Mac

Guidance for how to configure the product in enterprise environments is available in Set preferences for Microsoft Defender ATP for Mac.

macOS kernel and system extensions

In alignment with macOS evolution, we are preparing a Microsoft Defender ATP for Mac update that leverages system extensions instead of kernel extensions. Visit What's new in Microsoft Defender Advanced Threat Protection for Mac for relevant details.


Microsoft Endpoint Security For Mac
  • For more information about logging, uninstalling, or other topics, see the Resources page.


With Intune, you can use device configuration profiles to manage common endpoint protection security features on devices, including:

  • Firewall
  • BitLocker
  • Allowing and blocking apps
  • Microsoft Defender and encryption

For example, you can create an endpoint protection profile that only allows macOS users to install apps from the Mac App Store. Or, enable Windows SmartScreen when running apps on Windows 10 devices.

Before you create a profile, review the following articles that detail the endpoint protection settings Intune can manage for each supported platform:


The Intune user interface (UI) is updating to a full screen experience, and may take several weeks. Until your tenant receives this update, you will have a slightly different workflow when you create or edit settings described in this article.

Create a device profile containing endpoint protection settings

  1. Sign in to the Microsoft Endpoint Manager admin center.

  2. Select Devices > Configuration profiles > Create profile.

  3. Enter the following properties:

    • Platform: Choose the platform of your devices. Your options:

      • macOS
      • Windows 10 and later
    • Profile: Select Endpoint protection.

  4. Select Create.

  5. In Basics, enter the following properties:

    • Name: Enter a descriptive name for the policy. Name your policies so you can easily identify them later. For example, a good policy name is macOS: Endpoint Protection profile that configures the Firewall for all macOS devices.
    • Description: Enter a description for the policy. This setting is optional, but recommended.
  6. Select Next.

  7. In Configuration settings, depending on the platform you chose, the settings you can configure are different. Choose your platform for detailed settings:

  8. Select Next.

  9. In Scope tags (optional), assign a tag to filter the profile to specific IT groups, such as US-NC IT Team or JohnGlenn_ITDepartment. For more information about scope tags, see Use RBAC and scope tags for distributed IT.

    Select Next.

  10. In Assignments, select the users or groups that will receive your profile. For more information on assigning profiles, see Assign user and device profiles.

    Select Next.

  11. In Review + create, review your settings. When you select Create, your changes are saved, and the profile is assigned. The policy is also shown in the profiles list.

Add custom Firewall rules for Windows 10 devices

When you configure the Microsoft Defender Firewall as part of a profile that includes endpoint protection rules for Windows 10, you can configure custom rules for Firewalls. Custom rules let you expand on the pre-defined set of Firewall rules supported for Windows 10.

When you plan for profiles with custom Firewall rules, consider the following information, which could affect how you choose to group firewall rules in your profiles:

Microsoft Endpoint Security For Mac Pro

  • Each profile supports up to 150 firewall rules. When you use more than 150 rules, create additional profiles, each limited to 150 rules.

  • For each profile, if a single rule fails to apply, all rules in that profile are failed and none of the rules are applied to the device.

  • When a rule fails to apply, all rules in the profile are reported as failed. Intune cannot identify which individual rule failed.

The Firewall rules that Intune can manage are detailed in the Windows Firewall configuration service provider (CSP). To review the list of custom firewall settings for Windows 10 devices that Intune supports, see Custom Firewall rules.

To add custom firewall rules to an Endpoint protection profile

Microsoft Endpoint Security For Mac Download

  1. Sign in to the Microsoft Endpoint Manager admin center.

  2. Select Devices > Configuration profiles > Create Profile.

  3. For Platform, select Windows 10 and later, and then for Profile select Endpoint protection.

    Select Create.

  4. Enter a Name for your profile > Next.

  5. In Configuration settings, select Microsoft Defender Firewall. For Firewall rules, select Add to open the Create Rule page.

  6. Specify settings for the Firewall rule, and then select OK to save it. To review the available custom firewall rule options in documentation, see Custom Firewall rules.

    1. The rule appears on the Microsoft Defender Firewall page in the list of rules.
    2. To modify a rule, select the rule from the list, to open the Edit Rule page.
    3. To delete a rule from a profile, select the ellipsis (…) for the rule, and then select Delete.
    4. To change the order in which rules display, select the up arrow, down arrow icon at the top of the rule list.
  7. Select Next until you get to Review + create. When you select Create, your changes are saved and the profile is assigned. The policy is also shown in the profiles list.

Next steps

The profile is created, but it may not be doing anything yet. Next, assign the profile and monitor its status.