From the course: Microsoft 365: Implement Security and Threat Management
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Azure ATP sensors
From the course: Microsoft 365: Implement Security and Threat Management
Azure ATP sensors
- [Instructor] Understanding Azure ATP Sensors. Azure ATP sensors are installed directly on the domain controllers. Sensor directly monitors the domain controller traffic, without the need for a dedicated server or configuration of port mirroring. The sensor will read the events locally on the server and then the sensor supports event tracing for Windows. The Azure ATP sensor has the following core functionality. Capture and inspect domain controller network traffic. So that's local traffic of the domain controller. Receive Windows events directly from the domain controllers. Receive RADIUS accounting information from any VPN providers. Retrieve data about users and computers directly from the Active Directory domain. Perform resolution of network entities such as users, groups, and computers. And then we'll transfer the relevant data to the Azure ATP cloud service. In the Azure ATP deployment, any combination of the Azure…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.