All Collections
Endpoint Protection
Deploying Defense.com Endpoint Security from Intune
Deploying Defense.com Endpoint Security from Intune

How to deploy Defense.com Endpoint Security from Microsoft Intune

Alan Butcher avatar
Written by Alan Butcher
Updated over a week ago

Applications need to be packaged/prepared for Intune deployment before they can be uploaded and available from the Company Portal app.

  1. Please see this Microsoft documentation, which explains the process and has a link to the GitHub page to download the Win32 Content Prep Tool - https://learn.microsoft.com/en-us/mem/intune/apps/apps-win32-prepare

  2. Download the prep tool and save it somewhere easily accessible as you’ll need this later.

  3. You will now need the Defense.com Endpoint Security installer for your preferred operating system (Windows kit 64 bit) is used in this example), Please reach out to us requesting this via a support ticket. We'll then reply to the ticket with the requested installer.

  4. Now you have the installer, you see a zip folder called ‘epskit_x64_7.8.2.254’ or something similar depending on the current version available.

  5. Extract the contents of this folder, right click and Extract all, use the default folder location or choose a preferred destination.

  6. Once fully extracted, find and run the Content prep tool as an administrator account. Then use the commands below to package your installer for Intune, correcting the commands with the file names and folder locations appropriate for your environment.

    Please specify the source folder: C:\Users\Username\Downloads\epskit_x64_7.8.2.254

    Please specify the setup file: epskit_x64.exe

    Please specify the output folder: C:\Users\Username\Downloads\epskit_x64_7.8.2.254

    Do you want to specify catalog folder (Y/N)? N

    This should create an Intunewin file of the installer in the location you specified.

  7. Now login to the Microsoft Admin centre with your administrator account.

    Open the Endpoint Manager (Intune admin centre)

  8. Click the Apps tab.

  9. Either, click the ‘Windows’ platform tab or ‘All apps’.

  10. Click the ‘+ Add’ button.

  11. Select your ‘App type’ which in this case will be ‘Windows app (Win32)’ under the Other category near the bottom of the list.

  12. Then click ‘Select’ to move onto the next step.

  13. Click the ‘Select app package file’, click the folder button to browse and find the intunewin file that you created earlier.

  14. Click OK, and complete the required fields, and any others of your choice, for the app information.

    A logo is useful to help identify the app within the Company Portal.

  15. On the program page, you’ll need the install and uninstall commands for the program, please see below for what has been tested working:

Install command: “application name” /s

Uninstall command: uninstall “application name” /s

(application name to be completed by you with the correct name of your file)

Other settings on the program page were left as default.

The requirements tab is next:

OS architecture and minimum OS version is required. 64-bit selected and the latest Windows version available selected.

(Settings can be adjusted depending on your preference/requirements)

Detection rules is the next tab to complete and this can be tricky depending on how specific you want the detection to be and what you want it to look for.

We configured ours to detect the Defense.com\EndpointProtection folder existed in the default installation file/folder location.

Dependencies can be used if you require other apps to be installed before this app, but ours was left at default for this example.

Superdense can be used to remove other apps before installing another app, ours was left at default for this example.

The Defense.com endpoint security app can be configured to remove competitor (alternative endpoint security) applications within the control panel package settings. This is likely the preferred method, as you need to have superseded application available in Intune to utilise the feature successfully.

Scope tags are optional, add any if you require them, if not then leave as default.

Assignments is where you choose which groups have this application available or removed.

Required = app is automatically forced to devices enrolled in Intune to a user of the assigned groups

Available for enrolled devices = app is available in the Company Portal app on devices enrolled in Intune to a user of the assigned groups

Uninstall = app is uninstalled from the devices enrolled in Intune to a user of the assigned groups, using the uninstall command added in the program tab of the app setup process

Finally, review and create, check that you’re happy with the settings and create the app within your Intune app list. Once you click the create button, you will be taken back to the apps list and your intunewin file will be uploaded to Intune.

Wait for the upload to complete, then the app will be available in the list and available depending on your assignment settings.

You can monitor the progress from the notification (bell) button at the top of the Intune admin centre screen:

Providing that you have already made the Company Portal available from Intune and is installed onto your devices, this app should now be available within it.

If you haven’t configured the Company Portal app, please refer to this documentation for help :

Add and assign the Windows 10 Company Portal app for Intune managed devices - Microsoft Intune | Microsoft Learn

Once you have the company portal app configured and your users login with their accounts, your Defense.com Endpoint Security app should show in the apps tab.

Similar to this example picture

Did this answer your question?