Security settings management is available for multi-tenant environments in Microsoft Defender XDR
Several months ago, we released device security settings management within Microsoft Defender XDR. This experience enables security administrators to configure Microsoft Defender for Endpoint security settings for devices on all platforms (including Windows, Linux, and Mac) without having to leave the Defender portal. The streamlined portal experience breaks down the wall between Security and IT teams by presenting a shared view for both, making it easier for security administrators to strengthen the security posture of their devices.
Security administrators can now drive even greater efficiencies with simplified security settings management supporting multi-tenancy environments that are common to large enterprises and managed services security providers (MSSPs). The multi-tenant view in the Defender XDR portal (Multi-tenant management in Microsoft Defender XDR – Microsoft Defender XDR | Microsoft Learn) provides security administrators a consolidated view of all security policies across their entire organization, including all tenants’ policies, without needing to switch portals. To access this page, navigate to Endpoints > Configuration Management > Endpoint Security Policies.
Additionally, security administrators can create, edit, or delete policies within the context of the specific tenant centrally via the unified aggregated view.
From the Endpoint Security Policies page, a security administrator can search for a specific policy for all their tenants, using the Search function.
To manage security settings for multiple tenants in the multi-tenant view in Defender XDR portal, security administrators must follow all the prerequisites to configure security settings for a single tenant for each of their tenants (for more details please see: Use Intune to manage Microsoft Defender settings on devices that aren’t enrolled with Intune | Microsoft Learn). This includes the following role-based access control requirements:
For Microsoft Defender, use the security administrator role (or custom role with security configuration management permissions scoped to all devices)
For Microsoft Intune, use the Endpoint security manager role
Additionally, the devices in each Defender tenant must be affiliated with the corresponding Entra tenant
This experience does not currently support Microsoft Defender for Business tenants.
For more information and guidance, please visit: Endpoint security policies in multitenant management – Microsoft Defender XDR | Microsoft Learn
Microsoft Tech Community – Latest Blogs –Read More