ATA lightweight Gateway deployment Question

All replies

• 

  

  0

  Sign in to vote

  What do you mean by "look at ATA" ?

  Monday, May 14, 2018 3:07 PM
• 

  

  0

  Sign in to vote

  What do you mean by "look at ATA" ?

  I mean after the installs are complete and you want to analyze ATA for threats on the DC's, how does that differwith the two gateways?

  Monday, May 14, 2018 3:39 PM
• 

  

  0

  Sign in to vote

  Once the Gateway service is installed, you don't need to be on the DCs any more.

  The Gateways are forwarding the relevant data to the Center machine,

  they you can browse the ATA Console from any machine that has network access to the Center machine,

  And there you can see all the relevant data for all the DCs you have monitored.

  Is a suspicious activity is reported, it will tell you which DCs were involved. 

  • Proposed as answer by Andy Liu50Microsoft contingent staff Thursday, May 31, 2018 7:35 AM

  Monday, May 14, 2018 3:47 PM
• 

  

  0

  Sign in to vote

  Hello,

  There are two components for ATA: Gateway/Lightweight Gatewy, and ATA Center.

  Both of the Gateway or Lightweight Gateway are used for collecting and parse the data, and send the processed data to the ATA Center for analyzing.

  Thus, to analyze the suspicious activities, you should visit the ATA Center.

  Please refer to the following article for getting an overview of ATA architecture.

  https://docs.microsoft.com/en-us/advanced-threat-analytics/ata-architecture

  Best regards,

  Andy Liu

   

  ---

  Please remember to mark the replies as answers if they help.
  If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

  Tuesday, May 15, 2018 8:21 AM