Using Defender for Endpoint to protect your network devices

An added benefit of Defender for Endpoint is it’s ability to scan and report vulnerabilities with your network devices (routers, switches, etc). It does this by using SNMP, so the starting point is to set that up in your environment on your network devices.

image

Once you have onboarded Windows 10 devices to Defender for Endpoint you can use one of these to ‘scan’ your network devices via SNMP.

To do this follow the step by step process to download and install the scanner in this article:

Network device discovery and vulnerability assessments – Microsoft Tech Community

you can also refer to  this documentation

Network device discovery and vulnerability management | Microsoft Docs

In short, you need to install and agent from the Defender for Endpoint console, then configure it to scan your SNMP environment and IP range. The results from this will be reported back into the Device inventory.

Interestingly, the documentation states:

The following operating systems are currently supported:

  • Cisco IOS, IOS-XE, NX-OS

  • Juniper JUNOS

  • HPE ArubaOS, Procurve Switch Software

  • Palo Alto Networks PAN-OS

but when I set this up in my environment

image

the Ubiquiti equipment I use was also reporting as shown above (excellent!).

image

I can drill into any network device and see alerts, security recommendations, etc. None to see here as my gear is up to date but this is a super handy feature when you are facing challenges like Log4j vulnerability, even in small environments.

The main thing is to get the SNMP environment set up for your network devices and then configure a Defender for Endpoint scanner in that environment. Within no time you’ll have additional network device information flowing into your Defender for Endpoint console. This is really going to help you keep your whole environment secure and make it easy to monitor from a single location.

One thought on “Using Defender for Endpoint to protect your network devices

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s