none
Does Azure ATP only leverage traffic from Active Directory? RRS feed

Answers

  • In addition to analyzing Active Directory traffic using deep packet inspection technology, Azure ATP also collects relevant Windows Events from your domain controller and creates entity profiles based on information from Active Directory Domain Services. Azure ATP also supports receiving RADIUS accounting of VPN logs from various vendors (Microsoft, Cisco, F5, and Checkpoint).

    hope answer the question please mark as answer and vote

    • Marked as answer by sameer degya Sunday, November 1, 2020 9:04 AM
    Sunday, November 1, 2020 8:59 AM
  • No. Azure ATP monitors all devices in the network performing authentication and authorization requests against Active Directory, including non-Windows and mobile devices.
    • Marked as answer by sameer degya Sunday, November 1, 2020 9:05 AM
    Sunday, November 1, 2020 9:00 AM
  • Yes. Since computer accounts (as well as any other entities) can be used to perform malicious activities, Azure ATP monitors all computer accounts behavior and all other entities in the environment.
    • Marked as answer by sameer degya Sunday, November 1, 2020 9:05 AM
    Sunday, November 1, 2020 9:01 AM
  • hope answer the question please mark as answer and vote
    • Marked as answer by sameer degya Sunday, November 1, 2020 9:10 AM
    Sunday, November 1, 2020 9:09 AM
  • Does Azure ATP monitor only domain-joined devices?
    • Marked as answer by sameer degya Sunday, November 1, 2020 9:04 AM
    Sunday, November 1, 2020 8:56 AM
  • can you also tell me    Azure ATP monitor computer accounts as well as user accounts?
    • Marked as answer by sameer degya Sunday, November 1, 2020 9:04 AM
    Sunday, November 1, 2020 8:57 AM

All replies

  • Does Azure ATP monitor only domain-joined devices?
    • Marked as answer by sameer degya Sunday, November 1, 2020 9:04 AM
    Sunday, November 1, 2020 8:56 AM
  • can you also tell me    Azure ATP monitor computer accounts as well as user accounts?
    • Marked as answer by sameer degya Sunday, November 1, 2020 9:04 AM
    Sunday, November 1, 2020 8:57 AM
  • In addition to analyzing Active Directory traffic using deep packet inspection technology, Azure ATP also collects relevant Windows Events from your domain controller and creates entity profiles based on information from Active Directory Domain Services. Azure ATP also supports receiving RADIUS accounting of VPN logs from various vendors (Microsoft, Cisco, F5, and Checkpoint).

    hope answer the question please mark as answer and vote

    • Marked as answer by sameer degya Sunday, November 1, 2020 9:04 AM
    Sunday, November 1, 2020 8:59 AM
  • No. Azure ATP monitors all devices in the network performing authentication and authorization requests against Active Directory, including non-Windows and mobile devices.
    • Marked as answer by sameer degya Sunday, November 1, 2020 9:05 AM
    Sunday, November 1, 2020 9:00 AM
  • Yes. Since computer accounts (as well as any other entities) can be used to perform malicious activities, Azure ATP monitors all computer accounts behavior and all other entities in the environment.
    • Marked as answer by sameer degya Sunday, November 1, 2020 9:05 AM
    Sunday, November 1, 2020 9:01 AM
  • hope answer the question please mark as answer and vote
    • Marked as answer by sameer degya Sunday, November 1, 2020 9:10 AM
    Sunday, November 1, 2020 9:09 AM