Configuring Microsoft Advanced Threat Analytics (ATA)

In this article we’ll talk about a powerful tool called “Microsoft Advanced Threat Analytics” and better known in the market as (ATA). This tool works with real-time analysis for services in a corporate environment, helping with security and monitoring attempts at internal and external attacks. Let's see how the tool works in practice.

To download this tool, you must have purchased, or have an MSDN account and a machine as a domain member. Download the product in your purchase channel and open the .ISO file, as shown in the image below:

Read more:

Sharepoint permissions online, learn how to set up
Proxmox VE - The Robust Virtualization System and OpenSource!
NextCloud - The free Linux-based cloud!
Enabling the RDP Protocol via Powershell
Configuring Self-Service Password Reset for Azure and Office 365

Select the desired language and click “Next”:

Accept the contract terms and click “Next”:

Select automatic update to keep the tool always up to date:

#Profissa: Take a professional course!
Ensure a certified course in IT and Software through the online study platform Udemy.
click here and check out all the latest technology courses!

Choose the desired installation path and click “Next”:

Wait for the installation process:

Done! Tool is already installed successfully. click in "Finish" to finish the installation:

On first contact with the administration console, enter the administrative credentials and your current Active Directory domain. After entering the credentials, click “Test Connection”: 

With the successful connection in the previous step, download the file "Gateway" that we will be installing on our Active Directory server.

click in “Gateway Setup”:

#Profissa: Take a professional course!
Ensure a certified course in IT and Software through the online study platform Udemy.
click here and check out all the latest technology courses!

Download will start. Copy the downloaded file to the server you want to monitor and analyze. In our case, we installed the Gateway to monitor attacks on our primary Active Directory server.

On the server that will receive the Gateway, start the installation:

Choose your language and click “Next”:

Select the installation option in the domain controller, as shown in the image below:

Choose the installation path of the tool:

Wait for the installation process:

Done! The Gateway has been successfully installed on our primary domain controller.

#Profissa: Take a professional course!
Ensure a certified course in IT and Software through the online study platform Udemy.
click here and check out all the latest technology courses!

Wait for the application to start. This process may take a few minutes:

Ready! The tool is already running 100% on the Active Directory domain server.

Enable synchronization to finish the configuration and start collecting data:

Done! The tool is already 100% configured and synchronizing.

Go to a workstation, which is joined to the domain and enter the following commands below:

  • nslookup
  • ls -d “name of your local domain”

These are administrative commands and will be considered as attacks on our server. If any malicious user or command attempts to perform this type of task on our workstations, alerts will be generated in our centralized administration.

Returning to our central console, see that the commands reflected in our administration console and has already pointed out very important details for our security performance.


We hope that this tool tip will help administrators to better control their environment, and thus increase data security in their organization and their customers.

Also check out the course link: https://www.wenzcursos.com.br/courses/microsoft-advanced-threat-analytics-ata

Was this article helpful?

To maintain a quality standard for you, we have invested in a great hosting plan, Paid CDN, Website Optimization Plugins, etc ...

Help us to keep the project active! 

Follow the news in real time. Follow our Instagram profile..

Vinicius Mozart
Creator portal https://www.wenzcursos.com.br Come and see our 100% hands-on course platform!
en_USEnglish

UP TO 90% DISCOUNT

TAKE OFF YOUR CAREER !!

Do you want to upgrade your career? 

Invest in yourself and get ahead! Get that dream job in 2022!