Let’s Navigate Advanced Threat Analytics security features

Last week I went through an install of Microsoft Advanced Threat Analytics which requires Windows Server 2012 R2. While the ATA center can only be installed on Windows Server 2012 R2 or later, the lightweight gateway for the domain controller can be installed on Windows Server 2008 R2 or later.

For the domain controllers to report information, the lightweight gateway will have to be installed. Once the ATA console is opened, the download for the ATA lightweight gateway will be located in the ATA center.

The gateway will need to be installed on each domain controller. The setup doesn’t require the domain controller to be restarted. Once the gateway is installed, the domain controller will start reporting into the console.

Reporting in the console can be done by clicking the icon in the top right and download. Reports can also be generated on schedule if a mail server is added.

Reports are only one way to view suspicious activity. At the top of the page, a name or machine can be typed in to view any suspicious activity.

ATA can be a great tool to determine attacks in your environment that could possibly go undetected. Contact Windows Management Experts for more information on how ATA can assist in protecting your environment!

All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.



Contact Us

On Key

More Posts

Mastering Azure AD Connect - A Comprehensive Guide by WME
Active Directory

Mastering Azure AD Connect – A Comprehensive Guide

Modern businesses are fast moving toward cloud-based infrastructure. In fact, cloud-based business is not just a trend anymore but a strategic necessity. Microsoft’s Azure Active Directory (Azure AD) has become a frontrunner in this domain. It

Read More »
Security Best Practices in SharePoint
Office 365

Security Best Practices in SharePoint

Microsoft SharePoint is an online collaboration platform that integrates with Microsoft Office. You can use it to store, organize, share, and access information online. SharePoint enables collaboration and content management and ultimately allows your teams to

Read More »
The Ultimate Guide to Microsoft Intune - Article by WME
Active Directory

The Ultimate Guide to Microsoft Intune

The corporate world is evolving fast. And with that, mobile devices are spreading everywhere. As we venture into the year 2024, they have already claimed a substantial 55% share of the total corporate device ecosystem. You

Read More »
Protecting Microsoft 365 from on-Premises Attacks
Cloud Security

How to Protect Microsoft 365 from On-Premises Attacks?

Microsoft 365 is diverse enough to enrich the capabilities of many types of private businesses. It complements users, applications, networks, devices, and whatnot. However, Microsoft 365 cybersecurity is often compromised and there are countless ways that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.